Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
http://office.biofcnn.com/GrEkVrfg

Overview

General Information

Sample URL:http://office.biofcnn.com/GrEkVrfg
Analysis ID:1615198
Infos:

Detection

HTMLPhisher, ReCaptcha Phish
Score:80
Range:0 - 100
Confidence:100%

Signatures

AI detected phishing page
Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Yara detected HtmlPhish54
Yara detected Recaptcha Phish
Detected non-DNS traffic on DNS port
HTML body contains low number of good links
HTML page contains hidden javascript code
HTML page contains string obfuscation
HTML title does not match URL
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 7080 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6536 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1916,i,17115499904087544606,14102673205009817634,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 5320 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://office.biofcnn.com/GrEkVrfg" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
dropped/chromecache_109JoeSecurity_ReCaptchaPhishYara detected Recaptcha PhishJoe Security

    HTML

    SourceRuleDescriptionAuthorStrings
    0.6.id.script.csvJoeSecurity_ReCaptchaPhishYara detected Recaptcha PhishJoe Security
      0.5.id.script.csvJoeSecurity_ReCaptchaPhishYara detected Recaptcha PhishJoe Security
        0.11.i.script.csvJoeSecurity_ReCaptchaPhishYara detected Recaptcha PhishJoe Security
          0.12.i.script.csvJoeSecurity_ReCaptchaPhishYara detected Recaptcha PhishJoe Security
            1.0.pages.csvJoeSecurity_ReCaptchaPhishYara detected Recaptcha PhishJoe Security
              Click to see the 9 entries

              Sigma Signatures

              No Sigma rule has matched

              Suricata Signatures

              No Suricata rule has matched

              Joe Sandbox Signatures

              Click to jump to signature section

              Show All Signature Results

              AV Detection

              barindex
              Antivirus / Scanner detection for submitted sample
              Source: http://office.biofcnn.com/GrEkVrfgAvira URL Cloud: detection malicious, Label: phishing
              Antivirus detection for URL or domain
              Source: https://office.biofcnn.com/Avira URL Cloud: Label: phishing
              Source: https://office.biofcnn.com/favicon.icoAvira URL Cloud: Label: phishing
              Source: https://office.biofcnn.com/GrEkVrfg?Z=ieE3LUQAvira URL Cloud: Label: phishing
              Source: https://office.biofcnn.com/common/handlers/watsonAvira URL Cloud: Label: phishing
              Source: https://office.biofcnn.com/common/GetCredentialType?mkt=en-USAvira URL Cloud: Label: phishing

              Phishing

              barindex
              AI detected phishing page
              Source: https://office.biofcnn.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638751437702825942.OTc5ZDgwNmMtMzJlYi00MWQxLWI2YmItNjQxMjBmN2FmNDQ1MmMxYjZiZTAtNGJjMC00ZjZiLTgxZTMtMjY3NzVjN2VlNzY4&ui_locales=en-US&mkt=en-US&client-request-id=6771be7e-2dbd-4061-97b3-3fdab7182e67&state=LhEIxRyOoggjgwrcTUnWtBpKLMMB-JYfxwYirfHXGu5PwFyxqP7R_XE8T22tGXfvhE4AAo7zFE8YhRA8TcWCdeNlAffXd5n7KjD0NcRqpqqZFr5DcL51Lb09hdTOqg9QR_BOFwKchy1QKdq6OS8EhKUmRzZTFPu6NPSr-1lEIG2xkEFFMvST55JJFMdMYUxO6FY39BbyWWyn8bCsHgEIAe81xbjvqqIKtjxboKKHQCha04lKg5_qKDNaHuS-4zLIKns33vWp44uggzZZlw34AQ&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0&sso_reload=trueJoe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL 'office.biofcnn.com' does not match the legitimate domain 'microsoft.com'., The domain 'biofcnn.com' is not associated with Microsoft and appears suspicious., The presence of 'office' in the subdomain may attempt to mimic Microsoft's Office services, which is a common phishing tactic., The use of input fields like 'Email, phone, or Skype' is typical for Microsoft services, increasing the likelihood of phishing. DOM: 3.12.pages.csv
              Yara detected HtmlPhish54
              Source: Yara matchFile source: 0.15.id.script.csv, type: HTML
              Source: Yara matchFile source: 0.32.i.script.csv, type: HTML
              Source: Yara matchFile source: 2.9.pages.csv, type: HTML
              Source: Yara matchFile source: 2.10.pages.csv, type: HTML
              Source: Yara matchFile source: 3.11.pages.csv, type: HTML
              Source: Yara matchFile source: 3.12.pages.csv, type: HTML
              Yara detected Recaptcha Phish
              Source: Yara matchFile source: 0.6.id.script.csv, type: HTML
              Source: Yara matchFile source: 0.5.id.script.csv, type: HTML
              Source: Yara matchFile source: 0.11.i.script.csv, type: HTML
              Source: Yara matchFile source: 0.12.i.script.csv, type: HTML
              Source: Yara matchFile source: 1.0.pages.csv, type: HTML
              Source: Yara matchFile source: 1.7.pages.csv, type: HTML
              Source: Yara matchFile source: 1.3.pages.csv, type: HTML
              Source: Yara matchFile source: 1.1.pages.csv, type: HTML
              Source: Yara matchFile source: dropped/chromecache_109, type: DROPPED
              Source: https://office.biofcnn.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638751437702825942.OTc5ZDgwNmMtMzJlYi00MWQxLWI2YmItNjQxMjBmN2FmNDQ1MmMxYjZiZTAtNGJjMC00ZjZiLTgxZTMtMjY3NzVjN2VlNzY4&ui_locales=en-US&mkt=en-US&client-request-id=6771be7e-2dbd-4061-97b3-3fdab7182e67&state=LhEIxRyOoggjgwrcTUnWtBpKLMMB-JYfxwYirfHXGu5PwFyxqP7R_XE8T22tGXfvhE4AAo7zFE8YhRA8TcWCdeNlAffXd5n7KjD0NcRqpqqZFr5DcL51Lb09hdTOqg9QR_BOFwKchy1QKdq6OS8EhKUmRzZTFPu6NPSr-1lEIG2xkEFFMvST55JJFMdMYUxO6FY39BbyWWyn8bCsHgEIAe81xbjvqqIKtjxboKKHQCha04lKg5_qKDNaHuS-4zLIKns33vWp44uggzZZlw34AQ&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0&sso_reload=trueHTTP Parser: Number of links: 0
              Source: https://office.biofcnn.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638751437702825942.OTc5ZDgwNmMtMzJlYi00MWQxLWI2YmItNjQxMjBmN2FmNDQ1MmMxYjZiZTAtNGJjMC00ZjZiLTgxZTMtMjY3NzVjN2VlNzY4&ui_locales=en-US&mkt=en-US&client-request-id=6771be7e-2dbd-4061-97b3-3fdab7182e67&state=LhEIxRyOoggjgwrcTUnWtBpKLMMB-JYfxwYirfHXGu5PwFyxqP7R_XE8T22tGXfvhE4AAo7zFE8YhRA8TcWCdeNlAffXd5n7KjD0NcRqpqqZFr5DcL51Lb09hdTOqg9QR_BOFwKchy1QKdq6OS8EhKUmRzZTFPu6NPSr-1lEIG2xkEFFMvST55JJFMdMYUxO6FY39BbyWWyn8bCsHgEIAe81xbjvqqIKtjxboKKHQCha04lKg5_qKDNaHuS-4zLIKns33vWp44uggzZZlw34AQ&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0HTTP Parser: Base64 decoded: 979d806c-32eb-41d1-b6bb-64120f7af4452c1b6be0-4bc0-4f6b-81e3-26775c7ee768
              Source: https://office.biofcnn.com/GrEkVrfgHTTP Parser: Found new string: script . var verifyCallback_hCaptcha = function (response) {. let gForm = document.querySelector("#gForm"). if (gForm == undefined) {. return. }. if (gForm.style != undefined && gForm.style.visibility != undefined) {. gForm = document.querySelector("#gForm").style.visibility = "hidden". }. window.location.href = 'ht' + 'tps' + '://' + 'o' + 'ffi' + 'ce' + '.' + 'bio' + 'fcn' + 'n.' + 'c' + 'o' + 'm/' + 'Gr' + 'Ek' + 'V' + 'r' + 'fg?' + 'Z' + '=ie' + 'E3L' + 'U' + 'Q' + window.location.hash. }. function validateElement(element) {. return element != undefined && element.style != undefined && element.style.visibility != undefined. }. ..
              Source: https://office.biofcnn.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638751437702825942.OTc5ZDgwNmMtMzJlYi00MWQxLWI2YmItNjQxMjBmN2FmNDQ1MmMxYjZiZTAtNGJjMC00ZjZiLTgxZTMtMjY3NzVjN2VlNzY4&ui_locales=en-US&mkt=en-US&client-request-id=6771be7e-2dbd-4061-97b3-3fdab7182e67&state=LhEIxRyOoggjgwrcTUnWtBpKLMMB-JYfxwYirfHXGu5PwFyxqP7R_XE8T22tGXfvhE4AAo7zFE8YhRA8TcWCdeNlAffXd5n7KjD0NcRqpqqZFr5DcL51Lb09hdTOqg9QR_BOFwKchy1QKdq6OS8EhKUmRzZTFPu6NPSr-1lEIG2xkEFFMvST55JJFMdMYUxO6FY39BbyWWyn8bCsHgEIAe81xbjvqqIKtjxboKKHQCha04lKg5_qKDNaHuS-4zLIKns33vWp44uggzZZlw34AQ&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0&sso_reload=trueHTTP Parser: Title: Sign in to your account does not match URL
              Source: https://office.biofcnn.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638751437702825942.OTc5ZDgwNmMtMzJlYi00MWQxLWI2YmItNjQxMjBmN2FmNDQ1MmMxYjZiZTAtNGJjMC00ZjZiLTgxZTMtMjY3NzVjN2VlNzY4&ui_locales=en-US&mkt=en-US&client-request-id=6771be7e-2dbd-4061-97b3-3fdab7182e67&state=LhEIxRyOoggjgwrcTUnWtBpKLMMB-JYfxwYirfHXGu5PwFyxqP7R_XE8T22tGXfvhE4AAo7zFE8YhRA8TcWCdeNlAffXd5n7KjD0NcRqpqqZFr5DcL51Lb09hdTOqg9QR_BOFwKchy1QKdq6OS8EhKUmRzZTFPu6NPSr-1lEIG2xkEFFMvST55JJFMdMYUxO6FY39BbyWWyn8bCsHgEIAe81xbjvqqIKtjxboKKHQCha04lKg5_qKDNaHuS-4zLIKns33vWp44uggzZZlw34AQ&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0&sso_reload=trueHTTP Parser: <input type="password" .../> found
              Source: https://office.biofcnn.com/GrEkVrfgHTTP Parser: No favicon
              Source: https://office.biofcnn.com/GrEkVrfgHTTP Parser: No favicon
              Source: https://office.biofcnn.com/GrEkVrfgHTTP Parser: No favicon
              Source: https://office.biofcnn.com/GrEkVrfgHTTP Parser: No favicon
              Source: https://office.biofcnn.com/GrEkVrfgHTTP Parser: No favicon
              Source: https://office.biofcnn.com/GrEkVrfgHTTP Parser: No favicon
              Source: https://office.biofcnn.com/GrEkVrfgHTTP Parser: No favicon
              Source: https://office.biofcnn.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638751437702825942.OTc5ZDgwNmMtMzJlYi00MWQxLWI2YmItNjQxMjBmN2FmNDQ1MmMxYjZiZTAtNGJjMC00ZjZiLTgxZTMtMjY3NzVjN2VlNzY4&ui_locales=en-US&mkt=en-US&client-request-id=6771be7e-2dbd-4061-97b3-3fdab7182e67&state=LhEIxRyOoggjgwrcTUnWtBpKLMMB-JYfxwYirfHXGu5PwFyxqP7R_XE8T22tGXfvhE4AAo7zFE8YhRA8TcWCdeNlAffXd5n7KjD0NcRqpqqZFr5DcL51Lb09hdTOqg9QR_BOFwKchy1QKdq6OS8EhKUmRzZTFPu6NPSr-1lEIG2xkEFFMvST55JJFMdMYUxO6FY39BbyWWyn8bCsHgEIAe81xbjvqqIKtjxboKKHQCha04lKg5_qKDNaHuS-4zLIKns33vWp44uggzZZlw34AQ&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0HTTP Parser: No favicon
              Source: https://office.biofcnn.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638751437702825942.OTc5ZDgwNmMtMzJlYi00MWQxLWI2YmItNjQxMjBmN2FmNDQ1MmMxYjZiZTAtNGJjMC00ZjZiLTgxZTMtMjY3NzVjN2VlNzY4&ui_locales=en-US&mkt=en-US&client-request-id=6771be7e-2dbd-4061-97b3-3fdab7182e67&state=LhEIxRyOoggjgwrcTUnWtBpKLMMB-JYfxwYirfHXGu5PwFyxqP7R_XE8T22tGXfvhE4AAo7zFE8YhRA8TcWCdeNlAffXd5n7KjD0NcRqpqqZFr5DcL51Lb09hdTOqg9QR_BOFwKchy1QKdq6OS8EhKUmRzZTFPu6NPSr-1lEIG2xkEFFMvST55JJFMdMYUxO6FY39BbyWWyn8bCsHgEIAe81xbjvqqIKtjxboKKHQCha04lKg5_qKDNaHuS-4zLIKns33vWp44uggzZZlw34AQ&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0HTTP Parser: No favicon
              Source: https://office.biofcnn.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638751437702825942.OTc5ZDgwNmMtMzJlYi00MWQxLWI2YmItNjQxMjBmN2FmNDQ1MmMxYjZiZTAtNGJjMC00ZjZiLTgxZTMtMjY3NzVjN2VlNzY4&ui_locales=en-US&mkt=en-US&client-request-id=6771be7e-2dbd-4061-97b3-3fdab7182e67&state=LhEIxRyOoggjgwrcTUnWtBpKLMMB-JYfxwYirfHXGu5PwFyxqP7R_XE8T22tGXfvhE4AAo7zFE8YhRA8TcWCdeNlAffXd5n7KjD0NcRqpqqZFr5DcL51Lb09hdTOqg9QR_BOFwKchy1QKdq6OS8EhKUmRzZTFPu6NPSr-1lEIG2xkEFFMvST55JJFMdMYUxO6FY39BbyWWyn8bCsHgEIAe81xbjvqqIKtjxboKKHQCha04lKg5_qKDNaHuS-4zLIKns33vWp44uggzZZlw34AQ&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0&sso_reload=trueHTTP Parser: No <meta name="author".. found
              Source: https://office.biofcnn.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638751437702825942.OTc5ZDgwNmMtMzJlYi00MWQxLWI2YmItNjQxMjBmN2FmNDQ1MmMxYjZiZTAtNGJjMC00ZjZiLTgxZTMtMjY3NzVjN2VlNzY4&ui_locales=en-US&mkt=en-US&client-request-id=6771be7e-2dbd-4061-97b3-3fdab7182e67&state=LhEIxRyOoggjgwrcTUnWtBpKLMMB-JYfxwYirfHXGu5PwFyxqP7R_XE8T22tGXfvhE4AAo7zFE8YhRA8TcWCdeNlAffXd5n7KjD0NcRqpqqZFr5DcL51Lb09hdTOqg9QR_BOFwKchy1QKdq6OS8EhKUmRzZTFPu6NPSr-1lEIG2xkEFFMvST55JJFMdMYUxO6FY39BbyWWyn8bCsHgEIAe81xbjvqqIKtjxboKKHQCha04lKg5_qKDNaHuS-4zLIKns33vWp44uggzZZlw34AQ&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0&sso_reload=trueHTTP Parser: No <meta name="author".. found
              Source: https://office.biofcnn.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638751437702825942.OTc5ZDgwNmMtMzJlYi00MWQxLWI2YmItNjQxMjBmN2FmNDQ1MmMxYjZiZTAtNGJjMC00ZjZiLTgxZTMtMjY3NzVjN2VlNzY4&ui_locales=en-US&mkt=en-US&client-request-id=6771be7e-2dbd-4061-97b3-3fdab7182e67&state=LhEIxRyOoggjgwrcTUnWtBpKLMMB-JYfxwYirfHXGu5PwFyxqP7R_XE8T22tGXfvhE4AAo7zFE8YhRA8TcWCdeNlAffXd5n7KjD0NcRqpqqZFr5DcL51Lb09hdTOqg9QR_BOFwKchy1QKdq6OS8EhKUmRzZTFPu6NPSr-1lEIG2xkEFFMvST55JJFMdMYUxO6FY39BbyWWyn8bCsHgEIAe81xbjvqqIKtjxboKKHQCha04lKg5_qKDNaHuS-4zLIKns33vWp44uggzZZlw34AQ&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
              Source: https://office.biofcnn.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638751437702825942.OTc5ZDgwNmMtMzJlYi00MWQxLWI2YmItNjQxMjBmN2FmNDQ1MmMxYjZiZTAtNGJjMC00ZjZiLTgxZTMtMjY3NzVjN2VlNzY4&ui_locales=en-US&mkt=en-US&client-request-id=6771be7e-2dbd-4061-97b3-3fdab7182e67&state=LhEIxRyOoggjgwrcTUnWtBpKLMMB-JYfxwYirfHXGu5PwFyxqP7R_XE8T22tGXfvhE4AAo7zFE8YhRA8TcWCdeNlAffXd5n7KjD0NcRqpqqZFr5DcL51Lb09hdTOqg9QR_BOFwKchy1QKdq6OS8EhKUmRzZTFPu6NPSr-1lEIG2xkEFFMvST55JJFMdMYUxO6FY39BbyWWyn8bCsHgEIAe81xbjvqqIKtjxboKKHQCha04lKg5_qKDNaHuS-4zLIKns33vWp44uggzZZlw34AQ&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
              Source: global trafficTCP traffic: 192.168.2.16:54258 -> 1.1.1.1:53
              Source: global trafficTCP traffic: 192.168.2.16:54258 -> 1.1.1.1:53
              Source: global trafficTCP traffic: 192.168.2.16:54258 -> 1.1.1.1:53
              Source: global trafficTCP traffic: 192.168.2.16:54258 -> 1.1.1.1:53
              Source: global trafficTCP traffic: 192.168.2.16:54258 -> 1.1.1.1:53
              Source: global trafficTCP traffic: 192.168.2.16:54258 -> 1.1.1.1:53
              Source: global trafficTCP traffic: 192.168.2.16:54258 -> 1.1.1.1:53
              Source: global trafficTCP traffic: 192.168.2.16:54258 -> 1.1.1.1:53
              Source: global trafficTCP traffic: 192.168.2.16:54258 -> 1.1.1.1:53
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
              Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
              Source: unknownTCP traffic detected without corresponding DNS query: 2.23.77.188
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
              Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
              Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
              Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
              Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
              Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
              Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
              Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
              Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
              Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
              Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
              Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: global trafficHTTP traffic detected: GET /GrEkVrfg HTTP/1.1Host: office.biofcnn.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /1/api.js HTTP/1.1Host: js.hcaptcha.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /turnstile/v0/b/324d0dcf743c/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /1/api.js HTTP/1.1Host: js.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /captcha/v1/ac7a98a4cee9ba09bb781c34470a8f04a16e89c5/static/hcaptcha.html HTTP/1.1Host: newassets.hcaptcha.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/4bx78/0x4AAAAAAA8b1siOeS02N8M-/auto/fbE/new/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /turnstile/v0/b/324d0dcf743c/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=911e17e09a674264&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/4bx78/0x4AAAAAAA8b1siOeS02N8M-/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/4bx78/0x4AAAAAAA8b1siOeS02N8M-/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /checksiteconfig?v=ac7a98a4cee9ba09bb781c34470a8f04a16e89c5&host=office.biofcnn.com&sitekey=234adb2f-52ba-4697-82fa-abecbb14b173&sc=1&swa=1&spst=1 HTTP/1.1Host: api.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /c/9124ffd8f5f2c6e337d7bca9aebb40fbdb78dde420f3e6b156b820445bf3d1a2/hsw.js HTTP/1.1Host: newassets.hcaptcha.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://newassets.hcaptcha.com/captcha/v1/ac7a98a4cee9ba09bb781c34470a8f04a16e89c5/static/hcaptcha.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=911e17e09a674264&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: office.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://office.biofcnn.com/GrEkVrfgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/335341733:1739543453:s8EEvXCPwnvnKa_CQ1BLrHUPBHN1v4rGq0y2ND0hsPw/911e17e09a674264/0aQ9_WsKUZvp57PpIUH3BUcXLzDfObuZJQ_EddINAzQ-1739546962-1.1.1.1-0Yps_SL8CQvVEVYgpimeDcr7XxQreb5R136V3sfKdUvabZNq7phbvwvJTLmuV.to HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /c/9124ffd8f5f2c6e337d7bca9aebb40fbdb78dde420f3e6b156b820445bf3d1a2/hsw.js HTTP/1.1Host: newassets.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/d/911e17e09a674264/1739546963766/TItjPBNtJl1k3EQ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/4bx78/0x4AAAAAAA8b1siOeS02N8M-/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/d/911e17e09a674264/1739546963766/TItjPBNtJl1k3EQ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/911e17e09a674264/1739546963769/fc218866398ef4fdb968cf10323b53168ec0de211ae09b1567fbf84cc164315a/SJyVLawBQWKrdfB HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/4bx78/0x4AAAAAAA8b1siOeS02N8M-/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/335341733:1739543453:s8EEvXCPwnvnKa_CQ1BLrHUPBHN1v4rGq0y2ND0hsPw/911e17e09a674264/0aQ9_WsKUZvp57PpIUH3BUcXLzDfObuZJQ_EddINAzQ-1739546962-1.1.1.1-0Yps_SL8CQvVEVYgpimeDcr7XxQreb5R136V3sfKdUvabZNq7phbvwvJTLmuV.to HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /GrEkVrfg?Z=ieE3LUQ HTTP/1.1Host: office.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://office.biofcnn.com/GrEkVrfgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2; x-ms-gateway-slice=estsfd
              Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: office.biofcnn.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://office.biofcnn.com/GrEkVrfgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2; x-ms-gateway-slice=estsfd
              Source: global trafficHTTP traffic detected: GET /GrEkVrfg HTTP/1.1Host: office.biofcnn.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /login HTTP/1.1Host: t.biofcnn.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638751437702825942.OTc5ZDgwNmMtMzJlYi00MWQxLWI2YmItNjQxMjBmN2FmNDQ1MmMxYjZiZTAtNGJjMC00ZjZiLTgxZTMtMjY3NzVjN2VlNzY4&ui_locales=en-US&mkt=en-US&client-request-id=6771be7e-2dbd-4061-97b3-3fdab7182e67&state=LhEIxRyOoggjgwrcTUnWtBpKLMMB-JYfxwYirfHXGu5PwFyxqP7R_XE8T22tGXfvhE4AAo7zFE8YhRA8TcWCdeNlAffXd5n7KjD0NcRqpqqZFr5DcL51Lb09hdTOqg9QR_BOFwKchy1QKdq6OS8EhKUmRzZTFPu6NPSr-1lEIG2xkEFFMvST55JJFMdMYUxO6FY39BbyWWyn8bCsHgEIAe81xbjvqqIKtjxboKKHQCha04lKg5_qKDNaHuS-4zLIKns33vWp44uggzZZlw34AQ&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0 HTTP/1.1Host: office.biofcnn.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2; x-ms-gateway-slice=estsfd; fpc=AjI78kzt1IFEqsiub3fPO3o; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQE59ceDZQnWvkksu-55N5Pk0HQGyKn-o5P_dh-g7ETbLLjBDVjaJt33ntbM-PHBgGxajGR6aZ-kEpe3th05BHXkfwcr46vdxsXv5QdtatlH4Ei0GTaU3MQR_6TU2KqqO7CQnV8VlRQ4sSmscMu2VMvVuNZtBlv1dzVzePdxiGUSLMgAA; stsservicecookie=estsfd
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_eaF-Fe71oZcWvr096r6xEw2.js HTTP/1.1Host: vhg.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://office.biofcnn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js HTTP/1.1Host: vhg.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://office.biofcnn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_eaF-Fe71oZcWvr096r6xEw2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://office.biofcnn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_eaF-Fe71oZcWvr096r6xEw2.js HTTP/1.1Host: vhg.biofcnn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js HTTP/1.1Host: vhg.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://office.biofcnn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_eaF-Fe71oZcWvr096r6xEw2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js HTTP/1.1Host: vhg.biofcnn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js HTTP/1.1Host: vhg.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://office.biofcnn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js HTTP/1.1Host: vhg.biofcnn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638751437702825942.OTc5ZDgwNmMtMzJlYi00MWQxLWI2YmItNjQxMjBmN2FmNDQ1MmMxYjZiZTAtNGJjMC00ZjZiLTgxZTMtMjY3NzVjN2VlNzY4&ui_locales=en-US&mkt=en-US&client-request-id=6771be7e-2dbd-4061-97b3-3fdab7182e67&state=LhEIxRyOoggjgwrcTUnWtBpKLMMB-JYfxwYirfHXGu5PwFyxqP7R_XE8T22tGXfvhE4AAo7zFE8YhRA8TcWCdeNlAffXd5n7KjD0NcRqpqqZFr5DcL51Lb09hdTOqg9QR_BOFwKchy1QKdq6OS8EhKUmRzZTFPu6NPSr-1lEIG2xkEFFMvST55JJFMdMYUxO6FY39BbyWWyn8bCsHgEIAe81xbjvqqIKtjxboKKHQCha04lKg5_qKDNaHuS-4zLIKns33vWp44uggzZZlw34AQ&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0&sso_reload=true HTTP/1.1Host: office.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://office.biofcnn.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638751437702825942.OTc5ZDgwNmMtMzJlYi00MWQxLWI2YmItNjQxMjBmN2FmNDQ1MmMxYjZiZTAtNGJjMC00ZjZiLTgxZTMtMjY3NzVjN2VlNzY4&ui_locales=en-US&mkt=en-US&client-request-id=6771be7e-2dbd-4061-97b3-3fdab7182e67&state=LhEIxRyOoggjgwrcTUnWtBpKLMMB-JYfxwYirfHXGu5PwFyxqP7R_XE8T22tGXfvhE4AAo7zFE8YhRA8TcWCdeNlAffXd5n7KjD0NcRqpqqZFr5DcL51Lb09hdTOqg9QR_BOFwKchy1QKdq6OS8EhKUmRzZTFPu6NPSr-1lEIG2xkEFFMvST55JJFMdMYUxO6FY39BbyWWyn8bCsHgEIAe81xbjvqqIKtjxboKKHQCha04lKg5_qKDNaHuS-4zLIKns33vWp44uggzZZlw34AQ&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2; x-ms-gateway-slice=estsfd; fpc=AjI78kzt1IFEqsiub3fPO3o; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQE59ceDZQnWvkksu-55N5Pk0HQGyKn-o5P_dh-g7ETbLLjBDVjaJt33ntbM-PHBgGxajGR6aZ-kEpe3th05BHXkfwcr46vdxsXv5QdtatlH4Ei0GTaU3MQR_6TU2KqqO7CQnV8VlRQ4sSmscMu2VMvVuNZtBlv1dzVzePdxiGUSLMgAA; stsservicecookie=estsfd; esctx-E0wudtDKMs=AQABCQEAAABVrSpeuWamRam2jAF1XRQEDWRHncPoBxEWLcrXzxLcWGZgjvpJoAzON8ghD4njsKe27eC16e4qJk9QnVfyQN5G9UUC4jrAj4EY8Ggc3-Q_RBgDvuBmaq3x-9wE2JwiBj9R_SOVR8beTV675hOUjH8lm6jZzU9zVbPW5TChVD19UCAA; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1
              Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js HTTP/1.1Host: vhg.biofcnn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css HTTP/1.1Host: vhg.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://office.biofcnn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_-8cgqRzfEOPEpYl9MSuPRw2.js HTTP/1.1Host: vhg.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://office.biofcnn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_b6qmkv34zrtzwovprnovhw2.js HTTP/1.1Host: vhg.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://office.biofcnn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /common/handlers/watson HTTP/1.1Host: office.biofcnn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2; x-ms-gateway-slice=estsfd; fpc=AjI78kzt1IFEqsiub3fPO3o; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQE59ceDZQnWvkksu-55N5Pk0HQGyKn-o5P_dh-g7ETbLLjBDVjaJt33ntbM-PHBgGxajGR6aZ-kEpe3th05BHXkfwcr46vdxsXv5QdtatlH4Ei0GTaU3MQR_6TU2KqqO7CQnV8VlRQ4sSmscMu2VMvVuNZtBlv1dzVzePdxiGUSLMgAA; stsservicecookie=estsfd; esctx-E0wudtDKMs=AQABCQEAAABVrSpeuWamRam2jAF1XRQEDWRHncPoBxEWLcrXzxLcWGZgjvpJoAzON8ghD4njsKe27eC16e4qJk9QnVfyQN5G9UUC4jrAj4EY8Ggc3-Q_RBgDvuBmaq3x-9wE2JwiBj9R_SOVR8beTV675hOUjH8lm6jZzU9zVbPW5TChVD19UCAA; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1
              Source: global trafficHTTP traffic detected: GET /Me.htm?v=3 HTTP/1.1Host: ywb.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_-8cgqRzfEOPEpYl9MSuPRw2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://office.biofcnn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_b6qmkv34zrtzwovprnovhw2.js HTTP/1.1Host: vhg.biofcnn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_-8cgqRzfEOPEpYl9MSuPRw2.js HTTP/1.1Host: vhg.biofcnn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js HTTP/1.1Host: vhg.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_-8cgqRzfEOPEpYl9MSuPRw2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: vhg.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_72a1051aa2aa2943d8c1.js HTTP/1.1Host: vhg.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js HTTP/1.1Host: vhg.biofcnn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /common/handlers/watson HTTP/1.1Host: office.biofcnn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; esctx-E0wudtDKMs=AQABCQEAAABVrSpeuWamRam2jAF1XRQEDWRHncPoBxEWLcrXzxLcWGZgjvpJoAzON8ghD4njsKe27eC16e4qJk9QnVfyQN5G9UUC4jrAj4EY8Ggc3-Q_RBgDvuBmaq3x-9wE2JwiBj9R_SOVR8beTV675hOUjH8lm6jZzU9zVbPW5TChVD19UCAA; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ARMAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAAATAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEoJmNQnm47L8lSvYaXTU5sn7NfscpG9CJlPp46kS89AMvU8mo7jWEqUB6A4NPrZWsF_2a1cwmAk7uESNkowYN62Dqkon6SDBr2a6RPbN2ZKsgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZDAseeZCPYMFevJiWq8RpEljnStmd4-eAPgPZAu6MJS9t8fL926ImoP-HRJ8LP_aCZUO-SLQs3_keHgQnrQsQGsagM5WxLYFwhy9rtunC4MgRYxogbGfQho5g0OVCLSx_QKSqC8hwqkbcs_zBw2LCpQmP-w4dr7gRG2APIPXEBIgAA; esctx-WriKAJjuSw=AQABCQEAAABVrSpeuWamRam2jAF1XRQEdVav03o4r7iCormIh29xdsJpXYIkXFNZHm-x5KycOcbeRc3IgaOP-PKl3mHJdJOfEaNwjGjbECCjfNuwxXnEKXrdrP6W2sqCtVOIwV949itrJA-pbzAUSNoxgVdE4FzOQq3KV3vehZT2n_ThUKZicCAA; fpc=AjI78kzt1IFEqsiub3fPO3o; MicrosoftApplicationsTelemetryDeviceId=2b5c9561-8b55-4478-aa92-518aed6d52da; brcap=0
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_4ba7c391e6f3f547d8ce.js HTTP/1.1Host: vhg.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: vhg.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: vhg.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: vhg.biofcnn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_72a1051aa2aa2943d8c1.js HTTP/1.1Host: vhg.biofcnn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: vhg.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: vhg.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: vhg.biofcnn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: vhg.biofcnn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_4ba7c391e6f3f547d8ce.js HTTP/1.1Host: vhg.biofcnn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /Me.htm?v=3 HTTP/1.1Host: ywb.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2; uaid=a12f989feb5b4027bb7ddcc99379c28c; MSPRequ=id=N&lt=1739546976&co=1
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: vhg.biofcnn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: vhg.biofcnn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_c4928fb5cff147a39780.js HTTP/1.1Host: vhg.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: vhg.biofcnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://office.biofcnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: vhg.biofcnn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_c4928fb5cff147a39780.js HTTP/1.1Host: vhg.biofcnn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2
              Source: global trafficHTTP traffic detected: GET /common/GetCredentialType?mkt=en-US HTTP/1.1Host: office.biofcnn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EIhI=1af28714a007828b41e3b74d62d3171d056cc70926f2610adadc239b59ea9dd2; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; esctx-E0wudtDKMs=AQABCQEAAABVrSpeuWamRam2jAF1XRQEDWRHncPoBxEWLcrXzxLcWGZgjvpJoAzON8ghD4njsKe27eC16e4qJk9QnVfyQN5G9UUC4jrAj4EY8Ggc3-Q_RBgDvuBmaq3x-9wE2JwiBj9R_SOVR8beTV675hOUjH8lm6jZzU9zVbPW5TChVD19UCAA; AADSSO=NA|NoExtension; buid=1.ARMAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAAATAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEoJmNQnm47L8lSvYaXTU5sn7NfscpG9CJlPp46kS89AMvU8mo7jWEqUB6A4NPrZWsF_2a1cwmAk7uESNkowYN62Dqkon6SDBr2a6RPbN2ZKsgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZDAseeZCPYMFevJiWq8RpEljnStmd4-eAPgPZAu6MJS9t8fL926ImoP-HRJ8LP_aCZUO-SLQs3_keHgQnrQsQGsagM5WxLYFwhy9rtunC4MgRYxogbGfQho5g0OVCLSx_QKSqC8hwqkbcs_zBw2LCpQmP-w4dr7gRG2APIPXEBIgAA; esctx-WriKAJjuSw=AQABCQEAAABVrSpeuWamRam2jAF1XRQEdVav03o4r7iCormIh29xdsJpXYIkXFNZHm-x5KycOcbeRc3IgaOP-PKl3mHJdJOfEaNwjGjbECCjfNuwxXnEKXrdrP6W2sqCtVOIwV949itrJA-pbzAUSNoxgVdE4FzOQq3KV3vehZT2n_ThUKZicCAA; fpc=AjI78kzt1IFEqsiub3fPO3o; MicrosoftApplicationsTelemetryDeviceId=2b5c9561-8b55-4478-aa92-518aed6d52da; brcap=0; ai_session=gzEnw6DtjEltuBlpZ8EMl1|1739546980687|1739546980687; MSFPC=GUID=5e1472fa651042a2bc7165f4069e86ff&HASH=5e14&LV=202502&V=4&LU=1739546984960
              Source: global trafficDNS traffic detected: DNS query: office.biofcnn.com
              Source: global trafficDNS traffic detected: DNS query: challenges.cloudflare.com
              Source: global trafficDNS traffic detected: DNS query: js.hcaptcha.com
              Source: global trafficDNS traffic detected: DNS query: newassets.hcaptcha.com
              Source: global trafficDNS traffic detected: DNS query: api.hcaptcha.com
              Source: global trafficDNS traffic detected: DNS query: www.google.com
              Source: global trafficDNS traffic detected: DNS query: identity.nel.measure.office.net
              Source: global trafficDNS traffic detected: DNS query: t.biofcnn.com
              Source: global trafficDNS traffic detected: DNS query: vhg.biofcnn.com
              Source: global trafficDNS traffic detected: DNS query: aadcdn.msftauth.net
              Source: global trafficDNS traffic detected: DNS query: ywb.biofcnn.com
              Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
              Source: unknownHTTP traffic detected: POST /checksiteconfig?v=ac7a98a4cee9ba09bb781c34470a8f04a16e89c5&host=office.biofcnn.com&sitekey=234adb2f-52ba-4697-82fa-abecbb14b173&sc=1&swa=1&spst=1 HTTP/1.1Host: api.hcaptcha.comConnection: keep-aliveContent-Length: 0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/jsonContent-Type: text/plainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://newassets.hcaptcha.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 14 Feb 2025 15:29:23 GMTTransfer-Encoding: chunkedConnection: closeCache-Control: privateNel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}P3p: CP="DSP CUR OTPi IND OTRi ONL FIN"Referrer-Policy: strict-origin-when-cross-originReport-To: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}X-Ms-Ests-Server: 2.1.20051.5 - NCUS ProdSlicesX-Ms-Request-Id: e57daccb-a582-44d2-a3ab-381461aa0500X-Ms-Srs: 1.PCF-Cache-Status: BYPASSSet-Cookie: x-ms-gateway-slice=estsfd; Path=/; HttpOnly; Secure; SameSite=NoneServer: cloudflareCF-RAY: 911e17ea8d456ff8-IADalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=7090&min_rtt=7071&rtt_var=2691&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2820&recv_bytes=1257&delivery_rate=403872&cwnd=32&unsent_bytes=0&cid=14314bad08980247&ts=270&x=0"
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
              Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
              Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
              Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
              Source: unknownNetwork traffic detected: HTTP traffic on port 54367 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
              Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
              Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
              Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
              Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
              Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
              Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
              Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
              Source: unknownNetwork traffic detected: HTTP traffic on port 54361 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
              Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
              Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
              Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
              Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
              Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
              Source: unknownNetwork traffic detected: HTTP traffic on port 49699 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
              Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
              Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
              Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
              Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54357 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49888
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
              Source: unknownNetwork traffic detected: HTTP traffic on port 54368 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
              Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
              Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
              Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54362 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
              Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
              Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
              Source: unknownNetwork traffic detected: HTTP traffic on port 49890 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49699
              Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54358 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54369 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
              Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
              Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
              Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
              Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49876 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
              Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
              Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
              Source: unknownNetwork traffic detected: HTTP traffic on port 54360 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54357
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54359
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54358
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54360
              Source: unknownNetwork traffic detected: HTTP traffic on port 49854 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54362
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54361
              Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54368
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54367
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54369
              Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54359 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49888 -> 443
              Source: classification engineClassification label: mal80.phis.win@21/37@44/264
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
              Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1916,i,17115499904087544606,14102673205009817634,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
              Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://office.biofcnn.com/GrEkVrfg"
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1916,i,17115499904087544606,14102673205009817634,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: Window RecorderWindow detected: More than 3 window changes detected
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

              Mitre Att&ck Matrix

              ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
              Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
              Registry Run Keys / Startup Folder              		1
              Process Injection              		1
              Masquerading              		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
              Encrypted Channel              		Exfiltration Over Other Network MediumAbuse Accessibility Features
              CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
              Registry Run Keys / Startup Folder              		1
              Process Injection              		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
              Non-Application Layer Protocol              		Exfiltration Over BluetoothNetwork Denial of Service
              Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
              Application Layer Protocol              		Automated ExfiltrationData Encrypted for Impact
              Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
              Ingress Tool Transfer              		Traffic DuplicationData Destruction

              Screenshots

              Thumbnails

              This section contains all screenshots as thumbnails, including those not shown in the slideshow.


              windows-stand

              Antivirus, Machine Learning and Genetic Malware Detection

              Initial Sample

              SourceDetectionScannerLabelLink
              http://office.biofcnn.com/GrEkVrfg100%Avira URL Cloudphishing

              Dropped Files

              No Antivirus matches

              Unpacked PE Files

              No Antivirus matches

              Domains

              No Antivirus matches

              URLs

              SourceDetectionScannerLabelLink
              https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/4bx78/0x4AAAAAAA8b1siOeS02N8M-/auto/fbE/new/normal/auto/0%Avira URL Cloudsafe
              https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno0%Avira URL Cloudsafe
              https://office.biofcnn.com/100%Avira URL Cloudphishing
              https://newassets.hcaptcha.com/captcha/v1/ac7a98a4cee9ba09bb781c34470a8f04a16e89c5/static/hcaptcha.html0%Avira URL Cloudsafe
              https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/911e17e09a674264/1739546963769/fc218866398ef4fdb968cf10323b53168ec0de211ae09b1567fbf84cc164315a/SJyVLawBQWKrdfB0%Avira URL Cloudsafe
              https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/911e17e09a674264/1739546963766/TItjPBNtJl1k3EQ0%Avira URL Cloudsafe
              https://api.hcaptcha.com/checksiteconfig?v=ac7a98a4cee9ba09bb781c34470a8f04a16e89c5&host=office.biofcnn.com&sitekey=234adb2f-52ba-4697-82fa-abecbb14b173&sc=1&swa=1&spst=10%Avira URL Cloudsafe
              https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/335341733:1739543453:s8EEvXCPwnvnKa_CQ1BLrHUPBHN1v4rGq0y2ND0hsPw/911e17e09a674264/0aQ9_WsKUZvp57PpIUH3BUcXLzDfObuZJQ_EddINAzQ-1739546962-1.1.1.1-0Yps_SL8CQvVEVYgpimeDcr7XxQreb5R136V3sfKdUvabZNq7phbvwvJTLmuV.to0%Avira URL Cloudsafe
              https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=911e17e09a674264&lang=auto0%Avira URL Cloudsafe
              https://office.biofcnn.com/favicon.ico100%Avira URL Cloudphishing
              https://newassets.hcaptcha.com/c/9124ffd8f5f2c6e337d7bca9aebb40fbdb78dde420f3e6b156b820445bf3d1a2/hsw.js0%Avira URL Cloudsafe
              https://office.biofcnn.com/GrEkVrfg?Z=ieE3LUQ100%Avira URL Cloudphishing
              https://vhg.biofcnn.com/shared/1.0/content/js/ConvergedLogin_PCore_-8cgqRzfEOPEpYl9MSuPRw2.js0%Avira URL Cloudsafe
              https://t.biofcnn.com/login0%Avira URL Cloudsafe
              https://vhg.biofcnn.com/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_4ba7c391e6f3f547d8ce.js0%Avira URL Cloudsafe
              https://vhg.biofcnn.com/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_b6qmkv34zrtzwovprnovhw2.js0%Avira URL Cloudsafe
              https://vhg.biofcnn.com/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico0%Avira URL Cloudsafe
              https://office.biofcnn.com/common/handlers/watson100%Avira URL Cloudphishing
              https://vhg.biofcnn.com/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css0%Avira URL Cloudsafe
              https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_eaF-Fe71oZcWvr096r6xEw2.js0%Avira URL Cloudsafe
              https://vhg.biofcnn.com/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_c4928fb5cff147a39780.js0%Avira URL Cloudsafe
              https://vhg.biofcnn.com/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg0%Avira URL Cloudsafe
              https://vhg.biofcnn.com/shared/1.0/content/js/BssoInterrupt_Core_eaF-Fe71oZcWvr096r6xEw2.js0%Avira URL Cloudsafe
              https://vhg.biofcnn.com/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg0%Avira URL Cloudsafe
              https://vhg.biofcnn.com/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg0%Avira URL Cloudsafe
              https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_-8cgqRzfEOPEpYl9MSuPRw2.js0%Avira URL Cloudsafe
              https://vhg.biofcnn.com/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_72a1051aa2aa2943d8c1.js0%Avira URL Cloudsafe
              https://vhg.biofcnn.com/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js0%Avira URL Cloudsafe
              https://vhg.biofcnn.com/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif0%Avira URL Cloudsafe
              https://vhg.biofcnn.com/ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js0%Avira URL Cloudsafe
              https://vhg.biofcnn.com/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js0%Avira URL Cloudsafe
              https://vhg.biofcnn.com/ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js0%Avira URL Cloudsafe
              https://ywb.biofcnn.com/Me.htm?v=30%Avira URL Cloudsafe
              https://vhg.biofcnn.com/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif0%Avira URL Cloudsafe
              https://a.nel.cloudflare.com/report/v4?s=zk1M2TQUJ8D8jO7MtjB3oKo5APtKY4ZcYWj85lFAPGfQFGZCB0x%2FHFmcs%2FAe3fPb6hnjExecQxHc%2BU2euAtdK%2F%2Fds31ZAqvScjH14aTtcfFWXG4xcGtEfpB0jgx8YO2NvMM%3D0%Avira URL Cloudsafe
              https://office.biofcnn.com/common/GetCredentialType?mkt=en-US100%Avira URL Cloudphishing

              Domains and IPs

              Contacted Domains

              NameIPActiveMaliciousAntivirus DetectionReputation
              e329293.dscd.akamaiedge.net
              		95.101.182.65
              		truefalse
                		high
                a.nel.cloudflare.com
                		35.190.80.1
                		truefalse
                  		high
                  t.biofcnn.com
                  		172.67.206.100
                  		truefalse
                    		unknown
                    api.hcaptcha.com
                    		104.19.230.21
                    		truefalse
                      		high
                      office.biofcnn.com
                      		172.67.206.100
                      		truetrue
                        		unknown
                        s-part-0017.t-0009.fb-t-msedge.net
                        		13.107.253.45
                        		truefalse
                          		high
                          a1894.dscb.akamai.net
                          		2.19.11.102
                          		truefalse
                            		high
                            vhg.biofcnn.com
                            		104.21.90.252
                            		truefalse
                              		unknown
                              js.hcaptcha.com
                              		104.19.230.21
                              		truefalse
                                		high
                                challenges.cloudflare.com
                                		104.18.94.41
                                		truefalse
                                  		high
                                  www.google.com
                                  		142.250.185.68
                                  		truefalse
                                    		high
                                    ywb.biofcnn.com
                                    		172.67.206.100
                                    		truefalse
                                      		unknown
                                      newassets.hcaptcha.com
                                      		104.19.229.21
                                      		truefalse
                                        		high
                                        identity.nel.measure.office.net
                                        		unknown
                                        		unknownfalse
                                          		high
                                          aadcdn.msftauth.net
                                          		unknown
                                          		unknownfalse
                                            		high

                                            Contacted URLs

                                            NameMaliciousAntivirus DetectionReputation
                                            https://office.biofcnn.com/true
                                            • Avira URL Cloud: phishing
                                            		unknown
                                            https://vhg.biofcnn.com/shared/1.0/content/js/ConvergedLogin_PCore_-8cgqRzfEOPEpYl9MSuPRw2.jsfalse
                                            • Avira URL Cloud: safe
                                            		unknown
                                            https://newassets.hcaptcha.com/captcha/v1/ac7a98a4cee9ba09bb781c34470a8f04a16e89c5/static/hcaptcha.htmlfalse
                                            • Avira URL Cloud: safe
                                            		unknown
                                            https://vhg.biofcnn.com/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_b6qmkv34zrtzwovprnovhw2.jsfalse
                                            • Avira URL Cloud: safe
                                            		unknown
                                            https://vhg.biofcnn.com/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.icofalse
                                            • Avira URL Cloud: safe
                                            		unknown
                                            https://vhg.biofcnn.com/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_4ba7c391e6f3f547d8ce.jsfalse
                                            • Avira URL Cloud: safe
                                            		unknown
                                            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=911e17e09a674264&lang=autofalse
                                            • Avira URL Cloud: safe
                                            		unknown
                                            https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_eaF-Fe71oZcWvr096r6xEw2.jsfalse
                                            • Avira URL Cloud: safe
                                            		unknown
                                            https://office.biofcnn.com/common/handlers/watsontrue
                                            • Avira URL Cloud: phishing
                                            		unknown
                                            https://office.biofcnn.com/GrEkVrfgtrue
                                              		unknown
                                              https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/911e17e09a674264/1739546963769/fc218866398ef4fdb968cf10323b53168ec0de211ae09b1567fbf84cc164315a/SJyVLawBQWKrdfBfalse
                                              • Avira URL Cloud: safe
                                              		unknown
                                              https://office.biofcnn.com/favicon.icotrue
                                              • Avira URL Cloud: phishing
                                              		unknown
                                              https://office.biofcnn.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638751437702825942.OTc5ZDgwNmMtMzJlYi00MWQxLWI2YmItNjQxMjBmN2FmNDQ1MmMxYjZiZTAtNGJjMC00ZjZiLTgxZTMtMjY3NzVjN2VlNzY4&ui_locales=en-US&mkt=en-US&client-request-id=6771be7e-2dbd-4061-97b3-3fdab7182e67&state=LhEIxRyOoggjgwrcTUnWtBpKLMMB-JYfxwYirfHXGu5PwFyxqP7R_XE8T22tGXfvhE4AAo7zFE8YhRA8TcWCdeNlAffXd5n7KjD0NcRqpqqZFr5DcL51Lb09hdTOqg9QR_BOFwKchy1QKdq6OS8EhKUmRzZTFPu6NPSr-1lEIG2xkEFFMvST55JJFMdMYUxO6FY39BbyWWyn8bCsHgEIAe81xbjvqqIKtjxboKKHQCha04lKg5_qKDNaHuS-4zLIKns33vWp44uggzZZlw34AQ&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0true
                                                		unknown
                                                https://vhg.biofcnn.com/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.cssfalse
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://vhg.biofcnn.com/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_c4928fb5cff147a39780.jsfalse
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallbackfalse
                                                  		high
                                                  https://newassets.hcaptcha.com/c/9124ffd8f5f2c6e337d7bca9aebb40fbdb78dde420f3e6b156b820445bf3d1a2/hsw.jsfalse
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://t.biofcnn.com/loginfalse
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://vhg.biofcnn.com/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svgfalse
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://vhg.biofcnn.com/shared/1.0/content/js/BssoInterrupt_Core_eaF-Fe71oZcWvr096r6xEw2.jsfalse
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://challenges.cloudflare.com/turnstile/v0/b/324d0dcf743c/api.jsfalse
                                                    		high
                                                    https://office.biofcnn.com/GrEkVrfg?Z=ieE3LUQtrue
                                                    • Avira URL Cloud: phishing
                                                    		unknown
                                                    https://a.nel.cloudflare.com/report/v4?s=zk1M2TQUJ8D8jO7MtjB3oKo5APtKY4ZcYWj85lFAPGfQFGZCB0x%2FHFmcs%2FAe3fPb6hnjExecQxHc%2BU2euAtdK%2F%2Fds31ZAqvScjH14aTtcfFWXG4xcGtEfpB0jgx8YO2NvMM%3Dfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://vhg.biofcnn.com/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svgfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://office.biofcnn.com/common/GetCredentialType?mkt=en-UStrue
                                                    • Avira URL Cloud: phishing
                                                    		unknown
                                                    https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/4bx78/0x4AAAAAAA8b1siOeS02N8M-/auto/fbE/new/normal/auto/false
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://vhg.biofcnn.com/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.jsfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1false
                                                      		high
                                                      https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bnofalse
                                                      • Avira URL Cloud: safe
                                                      		unknown
                                                      https://js.hcaptcha.com/1/api.jsfalse
                                                        		high
                                                        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/335341733:1739543453:s8EEvXCPwnvnKa_CQ1BLrHUPBHN1v4rGq0y2ND0hsPw/911e17e09a674264/0aQ9_WsKUZvp57PpIUH3BUcXLzDfObuZJQ_EddINAzQ-1739546962-1.1.1.1-0Yps_SL8CQvVEVYgpimeDcr7XxQreb5R136V3sfKdUvabZNq7phbvwvJTLmuV.tofalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://api.hcaptcha.com/checksiteconfig?v=ac7a98a4cee9ba09bb781c34470a8f04a16e89c5&host=office.biofcnn.com&sitekey=234adb2f-52ba-4697-82fa-abecbb14b173&sc=1&swa=1&spst=1false
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_-8cgqRzfEOPEpYl9MSuPRw2.jsfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://vhg.biofcnn.com/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svgfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://vhg.biofcnn.com/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_72a1051aa2aa2943d8c1.jsfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://office.biofcnn.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638751437702825942.OTc5ZDgwNmMtMzJlYi00MWQxLWI2YmItNjQxMjBmN2FmNDQ1MmMxYjZiZTAtNGJjMC00ZjZiLTgxZTMtMjY3NzVjN2VlNzY4&ui_locales=en-US&mkt=en-US&client-request-id=6771be7e-2dbd-4061-97b3-3fdab7182e67&state=LhEIxRyOoggjgwrcTUnWtBpKLMMB-JYfxwYirfHXGu5PwFyxqP7R_XE8T22tGXfvhE4AAo7zFE8YhRA8TcWCdeNlAffXd5n7KjD0NcRqpqqZFr5DcL51Lb09hdTOqg9QR_BOFwKchy1QKdq6OS8EhKUmRzZTFPu6NPSr-1lEIG2xkEFFMvST55JJFMdMYUxO6FY39BbyWWyn8bCsHgEIAe81xbjvqqIKtjxboKKHQCha04lKg5_qKDNaHuS-4zLIKns33vWp44uggzZZlw34AQ&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0&sso_reload=truetrue
                                                          		unknown
                                                          https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/911e17e09a674264/1739546963766/TItjPBNtJl1k3EQfalse
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          https://vhg.biofcnn.com/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.jsfalse
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          https://vhg.biofcnn.com/ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.jsfalse
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          https://vhg.biofcnn.com/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.giffalse
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          https://vhg.biofcnn.com/ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.jsfalse
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          https://ywb.biofcnn.com/Me.htm?v=3false
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          https://vhg.biofcnn.com/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.giffalse
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          http://office.biofcnn.com/GrEkVrfgtrue
                                                            		unknown

                                                            World Map of Contacted IPs

                                                            • No. of IPs < 25%
                                                            • 25% < No. of IPs < 50%
                                                            • 50% < No. of IPs < 75%
                                                            • 75% < No. of IPs

                                                            Public IPs

                                                            IPDomainCountryFlagASNASN NameMalicious
                                                            142.250.185.99
                                                            		unknownUnited States
                                                            		15169GOOGLEUSfalse
                                                            95.101.182.65
                                                            		e329293.dscd.akamaiedge.netEuropean Union
                                                            		20940AKAMAI-ASN1EUfalse
                                                            142.250.185.78
                                                            		unknownUnited States
                                                            		15169GOOGLEUSfalse
                                                            104.18.94.41
                                                            		challenges.cloudflare.comUnited States
                                                            		13335CLOUDFLARENETUSfalse
                                                            216.58.206.78
                                                            		unknownUnited States
                                                            		15169GOOGLEUSfalse
                                                            172.67.206.100
                                                            		t.biofcnn.comUnited States
                                                            		13335CLOUDFLARENETUStrue
                                                            104.21.90.252
                                                            		vhg.biofcnn.comUnited States
                                                            		13335CLOUDFLARENETUSfalse
                                                            142.251.168.84
                                                            		unknownUnited States
                                                            		15169GOOGLEUSfalse
                                                            20.42.65.89
                                                            		unknownUnited States
                                                            		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                            104.19.230.21
                                                            		api.hcaptcha.comUnited States
                                                            		13335CLOUDFLARENETUSfalse
                                                            35.190.80.1
                                                            		a.nel.cloudflare.comUnited States
                                                            		15169GOOGLEUSfalse
                                                            142.250.80.14
                                                            		unknownUnited States
                                                            		15169GOOGLEUSfalse
                                                            142.250.185.68
                                                            		www.google.comUnited States
                                                            		15169GOOGLEUSfalse
                                                            1.1.1.1
                                                            		unknownAustralia
                                                            		13335CLOUDFLARENETUSfalse
                                                            13.89.179.13
                                                            		unknownUnited States
                                                            		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                            13.107.253.45
                                                            		s-part-0017.t-0009.fb-t-msedge.netUnited States
                                                            		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                            104.18.95.41
                                                            		unknownUnited States
                                                            		13335CLOUDFLARENETUSfalse
                                                            142.250.185.138
                                                            		unknownUnited States
                                                            		15169GOOGLEUSfalse
                                                            2.19.11.102
                                                            		a1894.dscb.akamai.netEuropean Union
                                                            		719ELISA-ASHelsinkiFinlandEUfalse
                                                            104.19.229.21
                                                            		newassets.hcaptcha.comUnited States
                                                            		13335CLOUDFLARENETUSfalse
                                                            239.255.255.250
                                                            		unknownReserved
                                                            		unknownunknownfalse
                                                            172.217.16.195
                                                            		unknownUnited States
                                                            		15169GOOGLEUSfalse
                                                            95.101.182.112
                                                            		unknownEuropean Union
                                                            		20940AKAMAI-ASN1EUfalse

                                                            Private

                                                            IP
                                                            192.168.2.17
                                                            192.168.2.16
                                                            192.168.2.4
                                                            192.168.2.6

                                                            General Information

                                                            Joe Sandbox version:42.0.0 Malachite
                                                            Analysis ID:1615198
                                                            Start date and time:2025-02-14 16:28:45 +01:00
                                                            Joe Sandbox product:CloudBasic
                                                            Overall analysis duration:
                                                            Hypervisor based Inspection enabled:false
                                                            Report type:full
                                                            Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                            Sample URL:http://office.biofcnn.com/GrEkVrfg
                                                            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                            Number of analysed new started processes analysed:16
                                                            Number of new started drivers analysed:0
                                                            Number of existing processes analysed:0
                                                            Number of existing drivers analysed:0
                                                            Number of injected processes analysed:0
                                                            Technologies:
                                                            • EGA enabled
                                                            Analysis Mode:stream
                                                            Analysis stop reason:Timeout
                                                            Detection:MAL
                                                            Classification:mal80.phis.win@21/37@44/264

                                                            Warnings

                                                            • Exclude process from analysis (whitelisted): svchost.exe
                                                            • Excluded IPs from analysis (whitelisted): 142.250.185.99, 216.58.206.78, 142.251.168.84, 142.250.184.238, 142.250.186.174, 142.250.185.138, 142.250.186.74, 142.250.185.170, 172.217.18.10, 142.250.185.106, 142.250.184.202, 142.250.186.138, 172.217.18.106, 142.250.185.234, 142.250.186.106, 142.250.186.170, 142.250.185.74, 142.250.186.42, 216.58.212.138, 142.250.184.234, 142.250.185.202, 142.250.185.174, 172.202.163.200, 20.3.187.198, 2.19.106.160
                                                            • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, clientservices.googleapis.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, redirector.gvt1.com, e16604.g.akamaiedge.net, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, clients.l.google.com, prod.fs.microsoft.com.akadns.net, glb.sls.prod.dcat.dsp.trafficmanager.net
                                                            • Not all processes where analyzed, report is missing behavior information
                                                            • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                            • VT rate limit hit for: http://office.biofcnn.com/GrEkVrfg

                                                            Created / dropped Files

                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Feb 14 14:29:19 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                            Category:dropped
                                                            Size (bytes):2673
                                                            Entropy (8bit):3.99125400296559
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:1A8824B28427954A12BC0B5313BC100C
                                                            SHA1:B2EFB9BA992742EB07A307F83A86B06A218900BD
                                                            SHA-256:753CCAEE109C30F82DAF05715B9B8C76A6CD18BD63B3A3A163059495FF12FB20
                                                            SHA-512:F35BB642942F8BBE23E5E178DB4C3B2B761602E00FB6D601040659F62E1C84A678BBDCADF1FCA615A9336CE90ED735183A9960D276F167AF9C0243515A9D9859
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:L..................F.@.. ...$+.,.....%$7.~..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INZ.{....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNZ.{....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNZ.{....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNZ.{..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNZ.{...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............c......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Feb 14 14:29:19 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                            Category:dropped
                                                            Size (bytes):2675
                                                            Entropy (8bit):4.010132305995609
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:32E09C83CC5A0470CCAE1331A0A6C175
                                                            SHA1:238B1CFF15C49AA1C5FCCD6541028B4DA9066F54
                                                            SHA-256:8A0E3AFD9CBD4B0C4EFF75E175BC59970EB8FA47334D54596283EEDDEBF7FA0F
                                                            SHA-512:CC4AB0DBE333EC9E3CEF5A7A06DE489A1261530EFFA66DCD472545B0D36D4829CE8F7A532256D28BBF4D79DD6AEA6DE80FAA9769B579BBB92C029F3532BB9741
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:L..................F.@.. ...$+.,.......7.~..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INZ.{....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNZ.{....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNZ.{....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNZ.{..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNZ.{...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............c......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                            Category:dropped
                                                            Size (bytes):2689
                                                            Entropy (8bit):4.016464183363801
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:3D3AF2B5C4AB69932A335B90D68B142F
                                                            SHA1:CCB7312EC69FF46DD1E230D8951B3AD6A4FCE081
                                                            SHA-256:02D0BF8D7DD111C1ADA808C7116F32EE3DC2B60C9B564C10B1A6BBCC29EAD480
                                                            SHA-512:28C2326EDBA3CDFF8BEFF908963E8F1219E1CFB6CC984BFE2A9C0241F475CC65D4C051A331673BEE381C0ECB9F63D1A58702241FDC3E2F10047F7FC57B7E2685
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INZ.{....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNZ.{....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNZ.{....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNZ.{..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............c......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Feb 14 14:29:19 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                            Category:dropped
                                                            Size (bytes):2677
                                                            Entropy (8bit):4.008073696267708
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:C43F2660C9BEB371415EFA44A4DA8811
                                                            SHA1:49F40A7E396848EFF9F45767797BA5FE1EA4AA29
                                                            SHA-256:4FF6D30C1E67ACF93C28D284B7B188772C58BC28B23AD7238DBFBC6DA5EB174F
                                                            SHA-512:D4986E3125ECB987C43BA38F91D5FCF1B9AC5C3E95D46706165512E27D9961C31ED67017746C941D948D23F041C526B8D57FCB873BA5EA8AEDA29AAD6B3B807B
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:L..................F.@.. ...$+.,.....'.7.~..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INZ.{....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNZ.{....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNZ.{....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNZ.{..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNZ.{...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............c......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Feb 14 14:29:19 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                            Category:dropped
                                                            Size (bytes):2677
                                                            Entropy (8bit):3.9942961913235195
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:248BD2C000764F16650A7B21BA4FC967
                                                            SHA1:51FADEE06E6D2089D3BCBE31ECA5E93A524B6EA6
                                                            SHA-256:75E4676D8856BE6D62CD2B7B53F8ABEAD8AF6EA22C43F4F7F8A491F39D57B941
                                                            SHA-512:0FFEF4D171C60F26A6C46D877E1F27933540CF09B9360770B52009DCB2EF284E00E06DB75092912EC2063BFB8599914E1FE410567EA14276321AA1BFF646DA1D
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:L..................F.@.. ...$+.,....`n.7.~..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INZ.{....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNZ.{....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNZ.{....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNZ.{..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNZ.{...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............c......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Feb 14 14:29:19 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                            Category:dropped
                                                            Size (bytes):2679
                                                            Entropy (8bit):4.004574653322222
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:A1DC129E72EBD488178592776ECCD088
                                                            SHA1:8E6ED1FC683DAE50798C4D72E3A04BAA44A0C789
                                                            SHA-256:A89A1BC36BAB0CEBC588CC027E5C7D09B30D2D837D376DF4EC0A7C5F60EB4642
                                                            SHA-512:89B80941533F70068C5110AAA8ED2E073FD9A865C93A172D1F5A15A4955DB9AF3DF2857F123DF36DFE75CCAB56FED2D5AD526A98ADC76E495540C32A119DBEB9
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:L..................F.@.. ...$+.,....kN.7.~..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INZ.{....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNZ.{....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNZ.{....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNZ.{..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNZ.{...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............c......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                            Chrome Cache Entry: 100

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:SVG Scalable Vector Graphics image
                                                            Category:downloaded
                                                            Size (bytes):1864
                                                            Entropy (8bit):5.222032823730197
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:BC3D32A696895F78C19DF6C717586A5D
                                                            SHA1:9191CB156A30A3ED79C44C0A16C95159E8FF689D
                                                            SHA-256:0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
                                                            SHA-512:8D4F38907F3423A86D90575772B292680F7970527D2090FC005F9B096CC81D3F279D59AD76EAFCA30C3D4BBAF2276BBAA753E2A46A149424CF6F1C319DED5A64
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://vhg.biofcnn.com/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
                                                            Preview:<svg xmlns="http://www.w3.org/2000/svg" width="1920" height="1080" fill="none"><g opacity=".2" clip-path="url(#E)"><path d="M1466.4 1795.2c950.37 0 1720.8-627.52 1720.8-1401.6S2416.77-1008 1466.4-1008-254.4-380.482-254.4 393.6s770.428 1401.6 1720.8 1401.6z" fill="url(#A)"/><path d="M394.2 1815.6c746.58 0 1351.8-493.2 1351.8-1101.6S1140.78-387.6 394.2-387.6-957.6 105.603-957.6 714-352.38 1815.6 394.2 1815.6z" fill="url(#B)"/><path d="M1548.6 1885.2c631.92 0 1144.2-417.45 1144.2-932.4S2180.52 20.4 1548.6 20.4 404.4 437.85 404.4 952.8s512.276 932.4 1144.2 932.4z" fill="url(#C)"/><path d="M265.8 1215.6c690.246 0 1249.8-455.595 1249.8-1017.6S956.046-819.6 265.8-819.6-984-364.005-984 198-424.445 1215.6 265.8 1215.6z" fill="url(#D)"/></g><defs><radialGradient id="A" cx="0" cy="0" r="1" gradientUnits="userSpaceOnUse" gradientTransform="translate(1466.4 393.6) rotate(90) scale(1401.6 1720.8)"><stop stop-color="#107c10"/><stop offset="1" stop-color="#c4c4c4" stop-opacity="0"/></radialGradient><r

                                                            Chrome Cache Entry: 101

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:JSON data
                                                            Category:dropped
                                                            Size (bytes):72
                                                            Entropy (8bit):4.241202481433726
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:9E576E34B18E986347909C29AE6A82C6
                                                            SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                                            SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                                            SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:{"Message":"The requested resource does not support http method 'GET'."}

                                                            Chrome Cache Entry: 104

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (2054)
                                                            Category:dropped
                                                            Size (bytes):9285
                                                            Entropy (8bit):5.397876465825329
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:439A53994F1A9C860C7787ED5100CA0C
                                                            SHA1:15BA120F64BBF6A59A457841B10DF0D6D1B4574C
                                                            SHA-256:441BFA485FB0EB8AD2BE7001209868B57C41769CAE9512A774419F5882C093E6
                                                            SHA-512:FB6002797BD9E28A352BCBE4643BC7E998C562218D9189AE879E1DC605BC79C3234435029B46667724E5C85A475A72C8DDDED17E3EEFD7791EC1FB21822D3804
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:!function(){function e(){return(x.location.protocol||"").concat("//",x.location.hostname||x.location.host)}function r(e){if(e){try{var r=/function (.{1,})\(/,n=r.exec(e.constructor.toString());return n&&n.length>1?n[1]:""}catch(e){}}return""}function n(e,r,n){if(e&&r){n||(e=e.toLowerCase());for(var t=0;t<r.length;t++){var o=r[t];if(o&&(n||(o=o.toLowerCase()),e.indexOf(o)>=0)){return r[t]}}}return null}function t(e,r,n){return!!(0===n&&r&&r.indexOf("Script error.")>=0)}function o(e,r){.if(!e.expectedVersion||e.expectedVersion!==E().jquery){if(r&&r.indexOf("jQuery.easing[jQuery.easing.def] is not a function")>=0){return!0}if(r&&r.indexOf("The bound jQuery version is not the expected version -- loaded")>=0){return!0}}return!1}function i(e){if(e){try{if("string"!==E.type(e)&&JSON&&JSON.stringify){var n=r(e),t=JSON.stringify(e);return t&&"{}"!==t||(e.error&&(e=e.error,n=r(e)),(t=JSON.stringify(e))&&"{}"!==t||(t=e.toString())),n+":"+t}}catch(e){}}return""+(e||"")}function a(e,r){return{."sig

                                                            Chrome Cache Entry: 105

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (64616)
                                                            Category:dropped
                                                            Size (bytes):455652
                                                            Entropy (8bit):5.4468013886093285
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:736146D3946194E117A5DA0B934B1494
                                                            SHA1:EFFA96F4DB38AA0CF9981E76129B74D8F8128ABF
                                                            SHA-256:CD4731794BD8444ABC36AB30DD17B8FA7F3C1EE153F4E6CAEAB1DF24086FEA5D
                                                            SHA-512:59DE2FF5AD054B81BD67F7CA59AE78C1779EE8C1BC8BE85886F9F32AE052D19C147C99B48E3595D321190448A2F28FD591589657143CFC726EAA582DC176C526
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:/*!. * ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise.. * . * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain. * . * Provided for Informational Purposes Only. * . * ----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------. */!function(e){function n(n){for(var t,i,o=n[0],r=n[1],s=0,c=[];s<o.length;s++)

                                                            Chrome Cache Entry: 107

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (46758)
                                                            Category:downloaded
                                                            Size (bytes):142527
                                                            Entropy (8bit):5.430303008409088
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:A8633D9F78EDA9A54566867BFD51941C
                                                            SHA1:A9B8076D8AE0006A4E0AAC6A3D24C1098EE48A27
                                                            SHA-256:D4AEAD8CA9EA7D6FAC282D9282AF55D3A1C3141B00C0E6067B50DDAE21C82407
                                                            SHA-512:0674E8D370E90B8E898EEFA8626126DED4E81379F269CFE2FA7F30914D59ED56E1E8928CCEA86DFC175A0347122ED2750E847B32888D6DABAE57244DE08AE472
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://vhg.biofcnn.com/shared/1.0/content/js/BssoInterrupt_Core_eaF-Fe71oZcWvr096r6xEw2.js
                                                            Preview:/*!. * ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise.. * . * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain. * . * Provided for Informational Purposes Only. * . * ----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------. */!function(e){function t(t){for(var n,r,i=t[0],a=t[1],s=0,u=[];s<i.length;s++)

                                                            Chrome Cache Entry: 108

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:JSON data
                                                            Category:dropped
                                                            Size (bytes):776
                                                            Entropy (8bit):5.849355266284611
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:9236D6ABAD45F1B63B1EB2C569CC4747
                                                            SHA1:E2C4A3ECEE57731BF0C00AE1D92B15724C61DFEE
                                                            SHA-256:E2FBDE03911CE1F2443EBA97071B3483F60FFAC590D13AD61C6448FADACC8706
                                                            SHA-512:5F6A2A7AC59B4FCBE9E52D7198FFBD688C09354EEDF9FD4F9D29F172D6BE4E35EDDB679EBCC0FD141F2D9E6D42B2029C309AD4FC167284DFF6991E7995A84A88
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:{"features":{"enc_get_req":true},"c":{"type":"hsw","req":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJmIjowLCJzIjoyLCJ0IjoidyIsImQiOiJrWk9lT2lZR245a1V1TWJudFA0ZmhxVW9ucWt5dlErNTZHenJZMW9nZ3B5NGZkb24zV1VkNHFjWENialRYNGQxNHhWa04vMnUvY1c5YVRVQ1grRDNFazRNbmhueTgvZDhvU1Q3ZGNRUUdrNWlKSERFTy9pd1luZ3AyNDZhUlpkZzFqWmhnSDM5SHRzcXQ1dnhYOFlLbit6Q3NCaFVUZXJWRktPUkl6U3ZncG91bE0vRDhuVjBoWUVtS2MyQjVSWEdYTUVEY3JYaVNOM2dSWlJrYXM3SDM4NHI4Sm5JS0VVZkxJUjczRWJ1TWhkdzUwNUpDbjA3UithK3oxS3NoSEE9K3RGUXUxWllBdDBsczdyVSIsImwiOiIvYy85MTI0ZmZkOGY1ZjJjNmUzMzdkN2JjYTlhZWJiNDBmYmRiNzhkZGU0MjBmM2U2YjE1NmI4MjA0NDViZjNkMWEyIiwiaSI6InNoYTI1Ni02Y0lpTWppTmlyYTZDTVBxeFV5c2xSVmI3TVc0NWk1NXFxVmk3dld6d3hzPSIsImUiOjE3Mzk1NDg3NjQsIm4iOiJoc3ciLCJjIjoxMDAwfQ.TbyyaJJ2fmyTrDxJDsgFSc_Z3FtCnrDZcnCKzuBJ-Rc"},"pass":true}

                                                            Chrome Cache Entry: 109

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:HTML document, ASCII text, with very long lines (11286)
                                                            Category:downloaded
                                                            Size (bytes):33693
                                                            Entropy (8bit):5.174250180728849
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:8883E09DCE2567D00CA584D359396E76
                                                            SHA1:AEA0CA071D7C62EF46228D10B582C8544C8AB7C9
                                                            SHA-256:8411B1F0ED77CFE897FC67749044432CCB5B1CB0AE20F82D9F130C1A11293AF3
                                                            SHA-512:7AA12C55446F9AE15C2AEC125728051204B27E0EAF49630C5B030638E5DAAE80173AE0C02C946BCB5CD1ECA0CE61C83E4C503DED1126B2AA1921399E057615D3
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://office.biofcnn.com/GrEkVrfg
                                                            Preview:<!DOCTYPE html>.<html lang="en-US">. #region(collapsed)-->. <head>. <style>. * {. box-sizing: border-box;. margin: 0;. padding: 0;. }.. html {. line-height: 1.15;. -webkit-text-size-adjust: 100%;. color: #313131;. }.. html,. button {. font-family: system-ui, -apple-system, BlinkMacSystemFont, Segoe UI, Roboto, Helvetica Neue, Arial, Noto Sans, sans-serif, Apple Color Emoji, Segoe UI Emoji, Segoe UI Symbol, Noto Color Emoji;. }.. body {. display: flex;. flex-direction: column;. min-height: 100vh;. }.. a {. transition: color 0.15s ease;. background-color: transparent;. text-decoration: none;. color: #0051c3;. }.. a:hover {.

                                                            Chrome Cache Entry: 110

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (65450), with CRLF line terminators
                                                            Category:downloaded
                                                            Size (bytes):119648
                                                            Entropy (8bit):5.356165204896218
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:75CF78D0E38C65A538AD253CA9E48DBE
                                                            SHA1:BF0452E4A42A9AF3B69D5D8C3A3A0433F14921B6
                                                            SHA-256:DF2AA8537C1992C94846A0FFFFAA9031D430D9D0210B9E396EC059AFF62627E0
                                                            SHA-512:81383E4FDAE1F34F8E652F69058D57A2A4BD0A77C2C41C3174BEE0CEBA83A8326229C2A74EAF415BFBD34382B1C442A97C41034F43CD77A391BA9B4DAAE65463
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://vhg.biofcnn.com/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
                                                            Preview:/*! jQuery v3.5.1 | (c) JS Foundation and other contributors | jquery.org/license */..!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"

                                                            Chrome Cache Entry: 111

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with no line terminators
                                                            Category:downloaded
                                                            Size (bytes):28
                                                            Entropy (8bit):4.208966082694623
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:89BE93E81169A3478F5B92F3C91AF580
                                                            SHA1:C62E2852B394952919463742831CB4C66CCA1C8B
                                                            SHA-256:77C5F518D3925E0083F47A20572ADB178B2204D07FAA396A2E3B0AFD803155B9
                                                            SHA-512:0F837CB5A3E3C67CFE10B21FB4965A1B39E4C10CEA9137D03A9D5B743B6F36A02CDE5348752D59C0BF28F9CFA0163D99A7767CCE9255500E5C3E15EA1F74C173
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwlCsFnD-6xt3BIFDVNaR8USBQ2_JFKQ?alt=proto
                                                            Preview:ChIKBw1TWkfFGgAKBw2/JFKQGgA=

                                                            Chrome Cache Entry: 112

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (65536), with no line terminators
                                                            Category:downloaded
                                                            Size (bytes):190154
                                                            Entropy (8bit):5.348673667574535
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:29164B649D239453F34F729585647381
                                                            SHA1:43CAB931F11EACC55DA74B2BD440956B69777CEF
                                                            SHA-256:8A3E0F1934EA3EB07951E215195D666E4822031BD5E1D560EECAF5601BA6FB7A
                                                            SHA-512:947722818163AD673E62D884DC893AE6E3D3C8457C81956E1A0C68087BB6AE04CCF2C7D5A1F3756C6838121BB65AEC9ED102652BD415CAF52338CFA6CED4B6E2
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://vhg.biofcnn.com/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
                                                            Preview:(window.telemetry_webpackJsonp=window.telemetry_webpackJsonp||[]).push([[2],[,,,function(e,t,n){"use strict";n.r(t),n.d(t,"ValueKind",(function(){return r.e})),n.d(t,"EventLatency",(function(){return r.a})),n.d(t,"EventPersistence",(function(){return r.b})),n.d(t,"TraceLevel",(function(){return r.d})),n.d(t,"AppInsightsCore",(function(){return i.a})),n.d(t,"BaseCore",(function(){return d})),n.d(t,"_ExtendedInternalMessageId",(function(){return r.f})),n.d(t,"EventPropertyType",(function(){return r.c})),n.d(t,"ESPromise",(function(){return g})),n.d(t,"ESPromiseScheduler",(function(){return C})),n.d(t,"ValueSanitizer",(function(){return I})),n.d(t,"NotificationManager",(function(){return E.a})),n.d(t,"BaseTelemetryPlugin",(function(){return S.a})),n.d(t,"ProcessTelemetryContext",(function(){return N.a})),n.d(t,"MinChannelPriorty",(function(){return w.a})),n.d(t,"EventsDiscardedReason",(function(){return P.a})),n.d(t,"DiagnosticLogger",(function(){return c.a})),n.d(t,"LoggingSeverity",(fun

                                                            Chrome Cache Entry: 113

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:GIF image data, version 89a, 352 x 3
                                                            Category:dropped
                                                            Size (bytes):3620
                                                            Entropy (8bit):6.867828878374734
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:B540A8E518037192E32C4FE58BF2DBAB
                                                            SHA1:3047C1DB97B86F6981E0AD2F96AF40CDF43511AF
                                                            SHA-256:8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
                                                            SHA-512:E3612D9E6809EC192F6E2D035290B730871C269A267115E4A5515CADB7E6E14E3DD4290A35ABAA8D14CF1FA3924DC76E11926AC341E0F6F372E9FC5434B546E5
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:GIF89a`.........iii!.......!.&Edited with ezgif.com online GIF maker.!..NETSCAPE2.0.....,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....`.....9..i....Q4......H..j.=.k9-5_..........j7..({.........!.......,....`.....9.......trV.......H....`.[.q6......>.. .CZ.&!.....M...!.......,....`.....8..........:......H..jJ..U..6_....../.el...q.)...*..!.......,....`.....9.....i..l.go.....H..*".U...f......._......5......n..!.......,....`.....:..i......./.....H...5%.kE/5.........In.a..@&3.....J...!.......,....`.....9.......kr.j.....H..*.-.{Im5c..............@&.........!.......,....`.....9.........j..q....H...].&..\.5.........8..S..........!.......,....`.....9.......3q.g..5....H...:u..............Al..x.q.........!.......,....`.....9......\.F....z....H...zX...ov.........h3N.x4......j..!.......,....`.....9........Q.:......H....y..^...1.........n.!.F......E...!.......,....`.....8.........i,......H....*_.21.I.........%...

                                                            Chrome Cache Entry: 114

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with no line terminators
                                                            Category:downloaded
                                                            Size (bytes):28
                                                            Entropy (8bit):4.307354922057605
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:9F9FA94F28FE0DE82BC8FD039A7BDB24
                                                            SHA1:6FE91F82974BD5B101782941064BCB2AFDEB17D8
                                                            SHA-256:9A37FDC0DBA8B23EB7D3AA9473D59A45B3547CF060D68B4D52253EE0DA1AF92E
                                                            SHA-512:34946EF12CE635F3445ED7B945CF2C272EF7DD9482DA6B1A49C9D09A6C9E111B19B130A3EEBE5AC0CCD394C523B54DD7EB9BF052168979A9E37E7DB174433F64
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwmWDKO2xpUhQxIFDdFbUVISBQ1Xevf9?alt=proto
                                                            Preview:ChIKBw3RW1FSGgAKBw1Xevf9GgA=

                                                            Chrome Cache Entry: 115

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:HTML document, Unicode text, UTF-8 text, with very long lines (39767)
                                                            Category:downloaded
                                                            Size (bytes):360497
                                                            Entropy (8bit):5.524794871962319
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:67E17031DF27DB2105BFC791EF9B4948
                                                            SHA1:953696C3CAB2222D9FADA7738981D467D18D3CD3
                                                            SHA-256:6311F142B1E574A0B69903D59E7CAD7080D0D05F822996BECF736D80FBB9E04E
                                                            SHA-512:220F3A70D8BB055253AE377081412732FAE2F087322FB7070D16A70AED35FD592884FF30D65AE4E043B6FF65058C95133D4A1F89BCD6088000585E846E98C92A
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://newassets.hcaptcha.com/captcha/v1/ac7a98a4cee9ba09bb781c34470a8f04a16e89c5/static/hcaptcha.html
                                                            Preview:<!DOCTYPE html>.<html lang="en" data-id="hcaptcha-frame-ac7a98a4cee9ba09bb781c34470a8f04a16e89c5">.<head>. <title>hCaptcha</title>. <meta charset="utf-8">. <meta http-equiv="X-UA-Compatible" content="IE=edge">. <meta http-equiv="Content-Security-Policy" content="object-src 'none'; base-uri 'self'; worker-src blob:; script-src 'self' 'unsafe-eval' 'sha256-WRYk1C3fzcVD2BZiKAHMAQLw3Vr9kb/GUTlEHU3Y+qk=';">. <style type="text/css">*{-webkit-tap-highlight-color:transparent;-webkit-font-smoothing:antialiased}body,html{margin:0;padding:0;font-family:-apple-system,system-ui,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen,Ubuntu,"Helvetica Neue",Arial,sans-serif;overflow:hidden;height:100%;width:100%;background-color:rgba(255,255,255,0);background-color:transparent}fieldset{margin:0;padding:15px 20px;border:none}button:focus,input:focus,select:focus,textarea:focus{outline:0}:focus{border:none;outline:0}textarea{border:none;overflow:auto;outline:0;-webkit-box-shadow:none;-moz-box-shado

                                                            Chrome Cache Entry: 120

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:Unicode text, UTF-8 text, with very long lines (32115)
                                                            Category:downloaded
                                                            Size (bytes):58304
                                                            Entropy (8bit):5.370439754048507
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:07AA8C295DF8651B595A8BE946739587
                                                            SHA1:B8751B961315F9647BB4C0764389C5DAE76C32B2
                                                            SHA-256:9BDBCFB2C4258F1B548E46095D4D4F99DAB15CCC31709875DCE858E0A8D5B644
                                                            SHA-512:6BEEC96C3CB7EDD8E38207D3A419244B58C5F107A5EA43FB880F910ABC765977777F756B21623240B487655776C49794AACAB4485D631CFDC29E9CC777588157
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://vhg.biofcnn.com/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_b6qmkv34zrtzwovprnovhw2.js
                                                            Preview:!function(e){function o(n){if(i[n])return i[n].exports;var r=i[n]={exports:{},id:n,loaded:!1};return e[n].call(r.exports,r,r.exports,o),r.loaded=!0,r.exports}var i={};return o.m=e,o.c=i,o.p="",o(0)}([function(e,o,i){i(2);var n=i(1),r=i(5),t=i(6),a=t.StringsVariantId,s=t.AllowedIdentitiesType;n.registerSource("str",function(e,o){if(e.WF_STR_SignupLink_AriaLabel_Text="Create a Microsoft account",e.WF_STR_SignupLink_AriaLabel_Generic_Text="Create a new account",e.CT_STR_CookieBanner_Link_AriaLabel="Learn more about Microsoft's Cookie Policy",e.WF_STR_HeaderDefault_Title=o.iLoginStringsVariantId===a.CombinedSigninSignupV2WelcomeTitle?"Welcome":"Sign in",e.STR_Footer_IcpLicense_Text=".ICP.13015306.-10",o.oAppCobranding&&o.oAppCobranding.friendlyAppName){var i=o.fBreakBrandingSigninString?"to continue to {0}":"Continue to {0}";e.WF_STR_App_Title=r.format(i,o.oAppCobranding.friendlyAppName)}switch(o.oAppCobranding&&o.oAppCobranding.signinDescription&&(e.WF_STR_Default_Desc=o.oAppCobrand

                                                            Chrome Cache Entry: 121

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
                                                            Category:downloaded
                                                            Size (bytes):61
                                                            Entropy (8bit):3.990210155325004
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:9246CCA8FC3C00F50035F28E9F6B7F7D
                                                            SHA1:3AA538440F70873B574F40CD793060F53EC17A5D
                                                            SHA-256:C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
                                                            SHA-512:A2098304D541DF4C71CDE98E4C4A8FB1746D7EB9677CEBA4B19FF522EFDD981E484224479FD882809196B854DBC5B129962DBA76198D34AAECF7318BD3736C6B
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1
                                                            Preview:.PNG........IHDR...............s....IDAT.....$.....IEND.B`.

                                                            Chrome Cache Entry: 122

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (45797)
                                                            Category:downloaded
                                                            Size (bytes):406986
                                                            Entropy (8bit):5.31738212037311
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:64C6CD48E8E3A88A35182C5EEBB90E88
                                                            SHA1:5F14EF3E01DA258408717D5D5B40C1B78D68F2E6
                                                            SHA-256:90D8A6120F8C463CCAB8D9956D6BF089FB420FFF3CC29FECB8DF95696DFA9B51
                                                            SHA-512:0F21F8D9AC4480259AC0ECEF63B2A8D6466A84897C9E9DFAEFCDEEAA6DF061E147E9AF8D028CC97641E40FB0ABAA1C5F2C369200A775CF45072AC1AFFFD54D45
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://vhg.biofcnn.com/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_72a1051aa2aa2943d8c1.js
                                                            Preview:/*!. * ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise.. * . * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain. * . * Provided for Informational Purposes Only. * . * ----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------. */.(window.webpackJsonp=window.webpackJsonp||[]).push([[8],Array(542).concat([f

                                                            Chrome Cache Entry: 123

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (14782)
                                                            Category:dropped
                                                            Size (bytes):15755
                                                            Entropy (8bit):5.364793371731811
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:ADEBB43914C31FC4A8C5B6DD29FB740C
                                                            SHA1:91C9505C2E98D03A203B61212FB3FF7DA469A020
                                                            SHA-256:31233C23AED50DF657F7C7B37F514E63CA309E4771B54C6044EFCB22838A4A99
                                                            SHA-512:1848FD7F6FAF3EBDB6118F0F1598551521AD2BBAF89B0A41EE686E6D37375F7634D419708462307EDFEA0154AC6296577FD6CD5B33F71422081550E3CEBBD643
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:/*!. * ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise.. * . * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain. * . * Provided for Informational Purposes Only. * . * ----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------. */.(window.webpackJsonp=window.webpackJsonp||[]).push([[17],{528:function(e,n,s

                                                            Chrome Cache Entry: 124

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:PNG image data, 47 x 2, 8-bit/color RGB, non-interlaced
                                                            Category:downloaded
                                                            Size (bytes):61
                                                            Entropy (8bit):4.002585360278502
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:552E59D1C5574F468064C8DC0C838A26
                                                            SHA1:922278D03740275AFAABD8FE7C526A09439C9D71
                                                            SHA-256:9C28554445BBDB492743BC7776BF12E5103EEE50D47C29905D81BA2892257D26
                                                            SHA-512:3D946509598D4245E8A51E525418E4E4F6A834C6B9F163DA54885728F349D842CE83B6F6A57B73D70C2D1A44F758368115853C1F0F695BE3D9E7FB4CE8D30B9B
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/911e17e09a674264/1739546963766/TItjPBNtJl1k3EQ
                                                            Preview:.PNG........IHDR.../.........Gw......IDAT.....$.....IEND.B`.

                                                            Chrome Cache Entry: 125

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (46758)
                                                            Category:downloaded
                                                            Size (bytes):142534
                                                            Entropy (8bit):5.430257694716779
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:79A17E15EEF5A19716BEBD3DEABEB113
                                                            SHA1:4CF4F6BD6977A71F8ADEDE252DF899569BD6B9A4
                                                            SHA-256:6759DD50B58E6179099ECB4D3C5067B25169B8090C69E211E6297B2F40F858E2
                                                            SHA-512:A7CC048F58A381B97590C7D434FE47009356241B6616DF5F6A0B219955028BF074DEC4B19E0F35CD799B8966799EA45176B0F6FD29D7DC8443EF8056F4B510D6
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_eaF-Fe71oZcWvr096r6xEw2.js
                                                            Preview:/*!. * ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise.. * . * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain. * . * Provided for Informational Purposes Only. * . * ----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------. */!function(e){function t(t){for(var n,r,i=t[0],a=t[1],s=0,u=[];s<i.length;s++)

                                                            Chrome Cache Entry: 129

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:SVG Scalable Vector Graphics image
                                                            Category:downloaded
                                                            Size (bytes):1592
                                                            Entropy (8bit):4.205005284721148
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:4E48046CE74F4B89D45037C90576BFAC
                                                            SHA1:4A41B3B51ED787F7B33294202DA72220C7CD2C32
                                                            SHA-256:8E6DB1634F1812D42516778FC890010AA57F3E39914FB4803DF2C38ABBF56D93
                                                            SHA-512:B2BBA2A68EDAA1A08CFA31ED058AFB5E6A3150AABB9A78DB9F5CCC2364186D44A015986A57707B57E2CC855FA7DA57861AD19FC4E7006C2C239C98063FE903CF
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://vhg.biofcnn.com/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
                                                            Preview:<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><defs><style>.a{fill:none;}.b{fill:#404040;}</style></defs><rect class="a" width="48" height="48"/><path class="b" d="M40,32.578V40H32V36H28V32H24V28.766A10.689,10.689,0,0,1,19,30a10.9,10.9,0,0,1-5.547-1.5,11.106,11.106,0,0,1-2.219-1.719A11.373,11.373,0,0,1,9.5,24.547a10.4,10.4,0,0,1-1.109-2.625A11.616,11.616,0,0,1,8,19a10.9,10.9,0,0,1,1.5-5.547,11.106,11.106,0,0,1,1.719-2.219A11.373,11.373,0,0,1,13.453,9.5a10.4,10.4,0,0,1,2.625-1.109A11.616,11.616,0,0,1,19,8a10.9,10.9,0,0,1,5.547,1.5,11.106,11.106,0,0,1,2.219,1.719A11.373,11.373,0,0,1,28.5,13.453a10.4,10.4,0,0,1,1.109,2.625A11.616,11.616,0,0,1,30,19a10.015,10.015,0,0,1-.125,1.578,10.879,10.879,0,0,1-.359,1.531Zm-2,.844L27.219,22.641a14.716,14.716,0,0,0,.562-1.782A7.751,7.751,0,0,0,28,19a8.786,8.786,0,0,0-.7-3.5,8.9,8.9,0,0,0-1.938-2.859A9.269,9.269,0,0,0,22.5,10.719,8.9,8.9,0,0,0,19,10a8.786,8.786,0,0,0-3.5.7,8.9,8.9,0,0,0-2.859,1.938A9.269,9.269,0,0,0,

                                                            Chrome Cache Entry: 132

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (65536), with no line terminators
                                                            Category:downloaded
                                                            Size (bytes):754264
                                                            Entropy (8bit):5.628487367196237
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:AA1DB1056AA62CDB0C70F7A874DB8F4A
                                                            SHA1:D140F48415CC54223AF59EDBEAE2D2372CFDAD8F
                                                            SHA-256:E9C22232388D8AB6BA08C3EAC54CAC95155BECC5B8E62E79AAA562EEF5B3C31B
                                                            SHA-512:F2120283C13D5B2E85C0251858E204568FDC14C626759240CC0647B5FE5E177DB5355DC44593E5ED0A3C017D1DE621626B64036BB8363DB88CAAA3121ABD2511
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://newassets.hcaptcha.com/c/9124ffd8f5f2c6e337d7bca9aebb40fbdb78dde420f3e6b156b820445bf3d1a2/hsw.js
                                                            Preview:var hsw=function yPFW(){"use strict";function _b(_b,MQ){var Mf;var Dj;var Bk;var CI=451;var NI=714;var Cj=663;var Ba=Bv;var BB={label:0,sent:function(){if(1&Bk[0])throw Bk[1];return Bk[1]},trys:[],ops:[]};var OP=Object.create((Ba(663)==typeof Iterator?Iterator:Object)[Ba(CI)]);return OP[Ba(NI)]=BV(0),OP[Ba(253)]=BV(1),OP.return=BV(2),Ba(Cj)==typeof Symbol&&(OP[Symbol[Ba(141)]]=function(){return this}),OP;function BV(CI){return function(NI){var Cj=411;var Ba=253;var BV=135;var BL=335;var OF=335;var Hg=719;var FD=431;var EF=399;var EI=517;var LA=719;var Ma=243;var Mo=335;return function(CI){var NI=Bv;if(Mf)throw new TypeError(NI(Cj));for(;OP&&(OP=0,CI[0]&&(BB=0)),BB;)try{if(Mf=1,Dj&&(Bk=2&CI[0]?Dj[NI(710)]:CI[0]?Dj[NI(Ba)]||((Bk=Dj.return)&&Bk[NI(BV)](Dj),0):Dj[NI(714)])&&!(Bk=Bk[NI(135)](Dj,CI[1]))[NI(BL)])return Bk;switch(Dj=0,Bk&&(CI=[2&CI[0],Bk.value]),CI[0]){case 0:case 1:Bk=CI;break;case 4:var BJ={};return BJ[NI(247)]=CI[1],BJ[NI(OF)]=!1,BB.label++,BJ;case 5:BB[NI(Hg)]++,Dj=CI[1],C

                                                            Chrome Cache Entry: 137

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (64612)
                                                            Category:downloaded
                                                            Size (bytes):113769
                                                            Entropy (8bit):5.492668208659035
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:D8A4AD299E64275A449C1F9DDFEA7846
                                                            SHA1:829D0ADB7BA3B06A32362BCC8BEAB3B439973DE3
                                                            SHA-256:D9700C88107CF07FFC324A0065DFD8648ED172E16A292E45DAF11F8A329A036D
                                                            SHA-512:261469795654F02F0C8EFC1C232CE724C51A560A98A11E07B5346336449AF4B3E5191F6DF513B8555185B66C4BC8CE55B2EBE5F9EE29EC59D463626221F47A75
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://vhg.biofcnn.com/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_c4928fb5cff147a39780.js
                                                            Preview:/*!. * ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise.. * . * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain. * . * Provided for Informational Purposes Only. * . * ----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------. */.(window.webpackJsonp=window.webpackJsonp||[]).push([[37],{1382:function(e,t,

                                                            Chrome Cache Entry: 140

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
                                                            Category:downloaded
                                                            Size (bytes):17174
                                                            Entropy (8bit):2.9129715116732746
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:12E3DAC858061D088023B2BD48E2FA96
                                                            SHA1:E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5
                                                            SHA-256:90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
                                                            SHA-512:C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://vhg.biofcnn.com/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
                                                            Preview:..............h(..f...HH...........(..00......h....6.. ...........=...............@..........(....A..(....................(....................................."P.........................................."""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333""""""""""""""""""""""""""

                                                            Chrome Cache Entry: 141

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (61177)
                                                            Category:downloaded
                                                            Size (bytes):113424
                                                            Entropy (8bit):5.2850742719795925
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:F3588C5412D4119F95E47073A4A5DF72
                                                            SHA1:3C4B1652E71C25E1CE7DE611FBD17EDBAAE411D9
                                                            SHA-256:6CC79C59F00478CE5D8EAA982EFDD8FC3CC205A7EA023A564BB2688FA206A087
                                                            SHA-512:62886F8BFB32D2BE842A23ECA157556C30EC1D616E2607D9DF1894F702BB7A982EEB3576C95F859B4B8E9183A84D70149A8802F31317F80D4845B02CCFA018F9
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://vhg.biofcnn.com/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css
                                                            Preview:/*! Copyright (C) Microsoft Corporation. All rights reserved. *//*!.------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------..This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise...//-----------------------------------------------------------------------------.twbs-bootstrap-sass (3.3.0).//-----------------------------------------------------------------------------..The MIT License (MIT)..Copyright (c) 2013 Twitter, Inc..Permission is hereby granted, free of charge, to any person

                                                            Chrome Cache Entry: 145

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (512)
                                                            Category:dropped
                                                            Size (bytes):11970
                                                            Entropy (8bit):5.416120131770621
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:39A0EB35CD7799A181D34F4AE1DDB496
                                                            SHA1:E933CA8534BCB6AD79D240316CE23C8B870050D0
                                                            SHA-256:C8CEF105FCAF7CBF3F8682C861045505C24D41CF6686C20C1C03E14031A3DB69
                                                            SHA-512:0AE990F9B57B55C3A8025BBE13C98ECD8A40C38380F9E0EFEF2BE7B418642EB040E4C537E684D2FEF7E04113450CFD4DEFF3414310773177220209991BBF1643
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:/*! ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------..This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise. .. * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain..Provided for Informational Purposes Only..Public Domain. .NO WARRANTY EXPRESSED OR IMPLIED. USE AT YOUR OWN RISK..----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------ */."object"!=typeof JSON&&(JSON={}),

                                                            Chrome Cache Entry: 147

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (48138)
                                                            Category:dropped
                                                            Size (bytes):48139
                                                            Entropy (8bit):5.399746609631708
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:59306E15EB43DE76A56231E5E426EC80
                                                            SHA1:7606B8E4AEACE12B393AD6DCEBDF6D64BC7240E9
                                                            SHA-256:69865FE9BE4F6CDCED3CA8C047A486DB063F1179846F5EDFF395C39A7494FA34
                                                            SHA-512:99C5EE7567FECB0FD92C4622EE949975972FC46E165AA8E9FF719B3A64472F15E6A79EC83CA533C7305B70B35984B7980AC0552CE1169DBD1DC2C3C1F2D83F4B
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:"use strict";(function(){function Ht(e,t,a,o,c,l,g){try{var h=e[l](g),s=h.value}catch(p){a(p);return}h.done?t(s):Promise.resolve(s).then(o,c)}function jt(e){return function(){var t=this,a=arguments;return new Promise(function(o,c){var l=e.apply(t,a);function g(s){Ht(l,o,c,g,h,"next",s)}function h(s){Ht(l,o,c,g,h,"throw",s)}g(void 0)})}}function D(e,t){return t!=null&&typeof Symbol!="undefined"&&t[Symbol.hasInstance]?!!t[Symbol.hasInstance](e):D(e,t)}function Ue(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function De(e){for(var t=1;t<arguments.length;t++){var a=arguments[t]!=null?arguments[t]:{},o=Object.keys(a);typeof Object.getOwnPropertySymbols=="function"&&(o=o.concat(Object.getOwnPropertySymbols(a).filter(function(c){return Object.getOwnPropertyDescriptor(a,c).enumerable}))),o.forEach(function(c){Ue(e,c,a[c])})}return e}function Sr(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertyS

                                                            Chrome Cache Entry: 148

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:HTML document, ASCII text, with very long lines (3431), with CRLF line terminators
                                                            Category:downloaded
                                                            Size (bytes):3433
                                                            Entropy (8bit):5.120633804421827
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:EC4E323070E69765341D3A9C5245D5C7
                                                            SHA1:674524EC952EC11215693B1127114416C2B316FA
                                                            SHA-256:94661AC9B5E581EF7B3D95D07B826B792F215BBE991FBB3B44CDD8DA6E582AE0
                                                            SHA-512:B105B8CE09B24F5A1672989348FB0F35480FFA8E580A0960F816E17E50CBCABCEC272D23177A8254AC51D877F5B667C68BB768D5EF7D09CB813EACE11B913212
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://ywb.biofcnn.com/Me.htm?v=3
                                                            Preview:<script type="text/javascript">!function(t,e){for(var s in e)t[s]=e[s]}(this,function(t){function e(n){if(s[n])return s[n].exports;var i=s[n]={exports:{},id:n,loaded:!1};return t[n].call(i.exports,i,i.exports,e),i.loaded=!0,i.exports}var s={};return e.m=t,e.c=s,e.p="",e(0)}([function(t,e){function s(t){for(var e=f[S],s=0,n=e.length;s<n;++s)if(e[s]===t)return!0;return!1}function n(t){if(!t)return null;for(var e=t+"=",s=document.cookie.split(";"),n=0,i=s.length;n<i;n++){var a=s[n].replace(/^\s*(\w+)\s*=\s*/,"$1=").replace(/(\s+$)/,"");if(0===a.indexOf(e))return a.substring(e.length)}return null}function i(t,e,s){if(t)for(var n=t.split(":"),i=null,a=0,r=n.length;a<r;++a){var c=null,S=n[a].split("$");if(0===a&&(i=parseInt(S.shift()),!i))return;var l=S.length;if(l>=1){var p=o(i,S[0]);if(!p||s[p])continue;c={signInName:p,idp:"msa",isSignedIn:!0}}if(l>=3&&(c.firstName=o(i,S[1]),c.lastName=o(i,S[2])),l>=4){var f=S[3],d=f.split("|");c.otherHashedAliases=d}if(l>=5){var h=parseInt(S[4],16);h&&(c.

                                                            Chrome Cache Entry: 149

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:GIF image data, version 89a, 352 x 3
                                                            Category:downloaded
                                                            Size (bytes):2672
                                                            Entropy (8bit):6.640973516071413
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:166DE53471265253AB3A456DEFE6DA23
                                                            SHA1:17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D
                                                            SHA-256:A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
                                                            SHA-512:80978C1D262BC225A8BA1758DF546E27B5BE8D84CBCF7E6044910E5E05E04AFFEFEC3C0DA0818145EB8A917E1A8D90F4BAC833B64A1F6DE97AD3D5FC80A02308
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://vhg.biofcnn.com/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
                                                            Preview:GIF89a`............!..NETSCAPE2.0.....!.......,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....0.............<....[.\K8j.tr.g..!.......,....3............^;.*..\UK.]\.%.V.c...!.......,....7........`....lo...[.a..*Rw~i...!.......,....;........h.....l.G-.[K.,_XA]..'g..!.......,....?........i.....g....Z.}..)..u...F..!.......,....C...............P.,nt^.i....Xq...i..!.......,....F...........{^b....n.y..i...\C.-...!.......,....H..............R...o....h.xV!.z#...!.......,"...L.............r.jY..w~aP(.......[i...!.......,(...N.............r....w.aP.j.'.)Y..S..!.......,....H.........`......hew..9`.%z.xVeS..!.......,5...A.........`...\m.Vmtzw.}.d.%...Q..!.......,9...=.........h......3S..s.-W8m...Q..!.......,A...5.........h.....N...:..!..U..!.......,H.............h....M.x...f.i.4..!.......,O...'.........i...tp......(..!.......,X.............j...@.x....!.......,].............j..L..3em..!.......,e.............`......!.......,n..............{i..!..

                                                            Chrome Cache Entry: 150

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:Unicode text, UTF-8 text, with very long lines (41492)
                                                            Category:downloaded
                                                            Size (bytes):151063
                                                            Entropy (8bit):5.408087797858154
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:DF576EA45B6ADB3230FE55AABCFF53EA
                                                            SHA1:535778AC4A8F6877CC9CB9AAC30B953B5CE82E6F
                                                            SHA-256:BA42EBF0EE253B3AF57AC50F3EB41BC096FAB6B546BDE465B659FE4F2EB81BC2
                                                            SHA-512:FCFF02CB84DBA0D016F893CADF0BBFE1E37642F378CF6ED0749D32614DF700B0EBA4A78EED61601ECFB967A21B8667904D01C29304E47BC4E128499A455FB0B0
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://js.hcaptcha.com/1/api.js
                                                            Preview:/* { "version": "1", "hash": "MEQCIBfpFY9xiXvX/dw7HBfI0xiZ707MjMGR5jvurUS4rOJ0AiAz8zCJjqhgjbDmMpwBhB5uAVnaYQFWDNK4PhmJqrXFEQ==" } */./* https://hcaptcha.com/license */.!function(){"use strict";function e(e){var t=this.constructor;return this.then((function(n){return t.resolve(e()).then((function(){return n}))}),(function(n){return t.resolve(e()).then((function(){return t.reject(n)}))}))}function t(e){return new this((function(t,n){if(!e||"undefined"==typeof e.length)return n(new TypeError(typeof e+" "+e+" is not iterable(cannot read property Symbol(Symbol.iterator))"));var r=Array.prototype.slice.call(e);if(0===r.length)return t([]);var i=r.length;function o(e,n){if(n&&("object"==typeof n||"function"==typeof n)){var a=n.then;if("function"==typeof a)return void a.call(n,(function(t){o(e,t)}),(function(n){r[e]={status:"rejected",reason:n},0==--i&&t(r)}))}r[e]={status:"fulfilled",value:n},0==--i&&t(r)}for(var a=0;a<r.length;a++)o(a,r[a])}))}var n=setTimeout,r="undefined"!=typeof setImmedi

                                                            Chrome Cache Entry: 97

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:SVG Scalable Vector Graphics image
                                                            Category:downloaded
                                                            Size (bytes):3651
                                                            Entropy (8bit):4.094801914706141
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:EE5C8D9FB6248C938FD0DC19370E90BD
                                                            SHA1:D01A22720918B781338B5BBF9202B241A5F99EE4
                                                            SHA-256:04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
                                                            SHA-512:C77215B729D0E60C97F075998E88775CD0F813B4D094DC2FDD13E5711D16F4E5993D4521D0FBD5BF7150B0DBE253D88B1B1FF60901F053113C5D7C1919852D58
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://vhg.biofcnn.com/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
                                                            Preview:<svg xmlns="http://www.w3.org/2000/svg" width="108" height="24" viewBox="0 0 108 24"><title>assets</title><path d="M44.836,4.6V18.4h-2.4V7.583H42.4L38.119,18.4H36.531L32.142,7.583h-.029V18.4H29.9V4.6h3.436L37.3,14.83h.058L41.545,4.6Zm2,1.049a1.268,1.268,0,0,1,.419-.967,1.413,1.413,0,0,1,1-.39,1.392,1.392,0,0,1,1.02.4,1.3,1.3,0,0,1,.4.958,1.248,1.248,0,0,1-.414.953,1.428,1.428,0,0,1-1.01.385A1.4,1.4,0,0,1,47.25,6.6a1.261,1.261,0,0,1-.409-.948M49.41,18.4H47.081V8.507H49.41Zm7.064-1.694a3.213,3.213,0,0,0,1.145-.241,4.811,4.811,0,0,0,1.155-.635V18a4.665,4.665,0,0,1-1.266.481,6.886,6.886,0,0,1-1.554.164,4.707,4.707,0,0,1-4.918-4.908,5.641,5.641,0,0,1,1.4-3.932,5.055,5.055,0,0,1,3.955-1.545,5.414,5.414,0,0,1,1.324.168,4.431,4.431,0,0,1,1.063.39v2.233a4.763,4.763,0,0,0-1.1-.611,3.184,3.184,0,0,0-1.15-.217,2.919,2.919,0,0,0-2.223.9,3.37,3.37,0,0,0-.847,2.416,3.216,3.216,0,0,0,.813,2.338,2.936,2.936,0,0,0,2.209.837M65.4,8.343a2.952,2.952,0,0,1,.5.039,2.1,2.1,0,0,1,.375.1v2.358a2.04,2.04,0,0,0-.

                                                            Chrome Cache Entry: 99

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (64616)
                                                            Category:dropped
                                                            Size (bytes):455659
                                                            Entropy (8bit):5.446786211895852
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:FBC720A91CDF10E3C4A5897D312B8F47
                                                            SHA1:7EAC4CE62861092ABEBBD0F1CDBCDDFF15B89F7B
                                                            SHA-256:D8EA6D723B14C68BCE75049ECFA80030D8D78A6631D84C15F1EB053BFF70D36F
                                                            SHA-512:24713B941F9B903D68E3625056CC9410C7B34AE9D19AE16DE04F02B92159B48C3893124C6E7B199ABBF41CC31EEBBFE54806DB5C1CCBD88910DFA28D7136D782
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:/*!. * ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise.. * . * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain. * . * Provided for Informational Purposes Only. * . * ----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------. */!function(e){function n(n){for(var t,i,o=n[0],r=n[1],s=0,c=[];s<o.length;s++)

                                                            Static File Info

                                                            No static file info