Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.com

Overview

General Information

Sample URL:https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.com
Analysis ID:1618675
Infos:

Detection

HTMLPhisher
Score:68
Range:0 - 100
Confidence:100%

Signatures

AI detected phishing page
Yara detected HtmlPhish10
AI detected landing page (webpage, office document or email)
AI detected suspicious URL
HTML page contains obfuscated javascript
Creates files inside the system directory
Deletes files inside the Windows folder
Detected hidden input values containing email addresses (often used in phishing pages)
Detected non-DNS traffic on DNS port
Drops PE files
Drops PE files to the windows directory (C:\Windows)
HTML body contains low number of good links
HTML body with high number of embedded images detected
HTML page contains hidden javascript code
Invalid 'forgot password' link found
No HTML title found
Stores files to the Windows start menu directory
URL contains potential PII (phishing indication)

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 5552 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6908 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1940,i,2719269508634971075,1435348727123418121,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6484 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.com" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
dropped/chromecache_143JoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security

    HTML

    SourceRuleDescriptionAuthorStrings
    2.11.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
      2.12.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
        2.13.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
          2.14.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security

            Sigma Signatures

            No Sigma rule has matched

            Suricata Signatures

            No Suricata rule has matched

            Joe Sandbox Signatures

            Click to jump to signature section

            Show All Signature Results

            Phishing

            barindex
            AI detected phishing page
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comJoe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is classified as 'wellknown'., The legitimate domain for Microsoft is 'microsoft.com'., The URL 'mail67.online' does not match the legitimate domain for Microsoft., The domain 'mail67.online' is suspicious as it does not contain any reference to 'microsoft' and uses a generic TLD '.online'., The presence of a password input field on a non-legitimate domain is a common phishing tactic. DOM: 2.12.pages.csv
            Yara detected HtmlPhish10
            Source: Yara matchFile source: 2.11.pages.csv, type: HTML
            Source: Yara matchFile source: 2.12.pages.csv, type: HTML
            Source: Yara matchFile source: 2.13.pages.csv, type: HTML
            Source: Yara matchFile source: 2.14.pages.csv, type: HTML
            Source: Yara matchFile source: dropped/chromecache_143, type: DROPPED
            AI detected landing page (webpage, office document or email)
            Source: https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.comJoe Sandbox AI: Page contains button: 'VIEW' Source: '1.0.pages.csv'
            AI detected suspicious URL
            Source: https://rnicrosoft-secured-office.squarespace.comJoe Sandbox AI: The URL 'https://rnicrosoft-secured-office.squarespace.com' appears to be a typosquatting attempt targeting the well-known brand Microsoft. The character 'r' is visually similar to 'n', making 'rnicrosoft' look like 'microsoft' at a glance. The use of 'secured-office' in the subdomain suggests an attempt to mimic Microsoft's legitimate services, such as Office 365. The domain 'squarespace.com' is a legitimate platform for hosting websites, but its use here does not align with Microsoft's typical domain structure, increasing the likelihood of user confusion. The combination of visual similarity and misleading subdomain usage strongly suggests a typosquatting attempt.
            HTML page contains obfuscated javascript
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: function _0xc753(_0x5cacff,_0x324120){var _0x3a0603=_0x3a06();return _0xc753=function(_0xc7533f,_0x
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: bob_smith@gmail.com
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: fdsfdsafads@dsada.com
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: Number of links: 0
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: Total embedded image size: 31405
            Source: https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.comHTTP Parser: Base64 decoded: AIzaSyCBTROq6LuvF_IE1r46-T4AeTSV-0d7my8
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: Invalid link: Forgot my password
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: HTML title missing
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: HTML title missing
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: HTML title missing
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: HTML title missing
            Source: https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.comSample URL: PII: bob_smith@gmail.com
            Source: https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.comSample URL: PII: bob_smith@gmail.com
            Source: https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.comSample URL: PII: bob_smith@gmail.com
            Source: https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.comSample URL: PII: bob_smith@gmail.com
            Source: https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.comSample URL: PII: bob_smith@gmail.com
            Source: https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.comSample URL: PII: bob_smith@gmail.com
            Source: https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.comSample URL: PII: bob_smith@gmail.com
            Source: https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.comSample URL: PII: bob_smith@gmail.com
            Source: https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.comSample URL: PII: bob_smith@gmail.com
            Source: https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.comSample URL: PII: bob_smith@gmail.com
            Source: https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.comSample URL: PII: bob_smith@gmail.com
            Source: https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.comSample URL: PII: bob_smith@gmail.com
            Source: https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.comSample URL: PII: bob_smith@gmail.com
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: <input type="password" .../> found
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: No favicon
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: No favicon
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: No favicon
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: No favicon
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: No favicon
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.com&__cf_chl_tk=TvhObfW3EqKiPVX20DhWWvLufS0S7HAvoRFhFheNw40-1739927148-1.0.1.1-YuKpP40JE7RQqPiMu3azvBInxmpV8VND3bMEtC2h0RAHTTP Parser: No favicon
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: No <meta name="author".. found
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: No <meta name="author".. found
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: No <meta name="author".. found
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: No <meta name="author".. found
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: No <meta name="copyright".. found
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: No <meta name="copyright".. found
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: No <meta name="copyright".. found
            Source: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comHTTP Parser: No <meta name="copyright".. found
            Source: global trafficTCP traffic: 192.168.2.16:64716 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:64716 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:64716 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:64716 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:64716 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:64716 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:64716 -> 1.1.1.1:53
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 2.23.77.188
            Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
            Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
            Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
            Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
            Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
            Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
            Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
            Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
            Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
            Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: global trafficHTTP traffic detected: GET /sharepointcoc?e=bob_smith@gmail.com HTTP/1.1Host: rnicrosoft-secured-office.squarespace.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/styles-compressed/user-account-core-adaf6be325b26739da8e-min.en-US.css HTTP/1.1Host: assets.squarespace.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /static/versioned-site-css/672d28f572bca453f1036bff/2/5c5a519771c10ba3470d8101/672d28f572bca453f1036c0b/1613/site.css HTTP/1.1Host: static1.squarespace.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /static/vta/5c5a519771c10ba3470d8101/versioned-assets/1739381320286-8FJE7NMLDZWANM5PXDLU/static.css HTTP/1.1Host: static1.squarespace.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /ik/-dzzysHa3tKUyJJc3KR3RhoeAL-OqN0cIFnRnyMvKZXfecGJXnX1IyvhF2jtFRZLFRSkZ2JtZR9awc4RjQbuwhjUw2whjcZce6MKfcBRiAuTdKu3Scv7f6Rwk3IbMg6BJMJ7f6RBk3IbMg6YJMJ7f6RFk3IbMg6VJMJ7f6Rek3IbMg6sJMHbMdWET_Ge.js HTTP/1.1Host: use.typekit.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /@sqs/polyfiller/1.6/modern.js HTTP/1.1Host: assets.squarespace.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://rnicrosoft-secured-office.squarespace.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /ik/-dzzysHa3tKUyJJc3KR3RhoeAL-OqN0cIFnRnyMvKZXfecGJXnX1IyvhF2jtFRZLFRSkZ2JtZR9awc4RjQbuwhjUw2whjcZce6MKfcBRiAuTdKu3Scv7f6Rwk3IbMg6BJMJ7f6RBk3IbMg6YJMJ7f6RFk3IbMg6VJMJ7f6Rek3IbMg6sJMHbMdWET_Ge.js HTTP/1.1Host: use.typekit.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /content/v1/672d28f572bca453f1036bff/f04044db-e57e-4352-8811-98daa3fb2e8a/IMG_0641+%281%29.png?format=1000w HTTP/1.1Host: images.squarespace-cdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /af/5de54d/00000000000000007735d404/30/l?subset_id=2&fvd=n7&v=3 HTTP/1.1Host: use.typekit.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://rnicrosoft-secured-office.squarespace.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/extract-css-runtime-c255a3b3b51c88603d1f-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://rnicrosoft-secured-office.squarespace.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /@sqs/polyfiller/1.6/modern.js HTTP/1.1Host: assets.squarespace.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/extract-css-moment-js-vendor-c4d588d4255cd4c70fa3-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://rnicrosoft-secured-office.squarespace.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/cldr-resource-pack-0c96ad3f9948c3a7b631-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://rnicrosoft-secured-office.squarespace.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/common-vendors-stable-2965e1fc774101038a7d-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://rnicrosoft-secured-office.squarespace.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.7a52a694fd4248c18775c6aa813a0358.js HTTP/1.1Host: static1.squarespace.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/common-vendors-8921de8f24d51c37e1bd-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://rnicrosoft-secured-office.squarespace.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/common-79e00f5d25543a53dff1-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://rnicrosoft-secured-office.squarespace.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /af/e6e37f/00000000000000007735d426/30/l?subset_id=2&fvd=n5&v=3 HTTP/1.1Host: use.typekit.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://rnicrosoft-secured-office.squarespace.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/extract-css-runtime-c255a3b3b51c88603d1f-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/user-account-core-d80e9a3c45e2451dcc03-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://rnicrosoft-secured-office.squarespace.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /content/v1/672d28f572bca453f1036bff/f04044db-e57e-4352-8811-98daa3fb2e8a/IMG_0641+%281%29.png?format=1000w HTTP/1.1Host: images.squarespace-cdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/cldr-resource-pack-0c96ad3f9948c3a7b631-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/performance-daea797f26ec33aee348-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://rnicrosoft-secured-office.squarespace.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/common-vendors-stable-2965e1fc774101038a7d-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.7a52a694fd4248c18775c6aa813a0358.js HTTP/1.1Host: static1.squarespace.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/common-vendors-8921de8f24d51c37e1bd-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/user-account-core-d80e9a3c45e2451dcc03-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/performance-daea797f26ec33aee348-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/extract-css-moment-js-vendor-c4d588d4255cd4c70fa3-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/common-79e00f5d25543a53dff1-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /static/vta/5c5a519771c10ba3470d8101/scripts/floating-cart.11c2f1b3c1cb2ba0d418.js HTTP/1.1Host: static1.squarespace.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/styles-compressed/941786f6875728a7dbb0-min.en-US.css HTTP/1.1Host: assets.squarespace.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/87977-180b339392f5120f4048-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/2775-0e66db97f5a873a38d07-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/async-gdpr-cookie-banner-1b1ff11b5ba53e1780d9-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /api/census/RecordHit HTTP/1.1Host: rnicrosoft-secured-office.squarespace.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: crumb=BY7YwBVLGCGIM2FjMGY2ZDNlOTU1Y2JhYWE3ODcxMGI1OGU0Y2Fl; ss_cvr=0ca9d481-535e-4ead-a812-76a5352290c8|1739927141237|1739927141237|1739927141237|1; ss_cvt=1739927141237
            Source: global trafficHTTP traffic detected: GET /af/8a06c7/00000000000000007735d42a/30/l?subset_id=2&fvd=i5&v=3 HTTP/1.1Host: use.typekit.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://rnicrosoft-secured-office.squarespace.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /af/ac398f/00000000000000007759c2e7/30/l?subset_id=2&fvd=i7&v=3 HTTP/1.1Host: use.typekit.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://rnicrosoft-secured-office.squarespace.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /static/vta/5c5a519771c10ba3470d8101/scripts/floating-cart.11c2f1b3c1cb2ba0d418.js HTTP/1.1Host: static1.squarespace.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/2775-0e66db97f5a873a38d07-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /api/census/button-render HTTP/1.1Host: rnicrosoft-secured-office.squarespace.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: crumb=BY7YwBVLGCGIM2FjMGY2ZDNlOTU1Y2JhYWE3ODcxMGI1OGU0Y2Fl; ss_cvr=0ca9d481-535e-4ead-a812-76a5352290c8|1739927141237|1739927141237|1739927141237|1; ss_cvt=1739927141237
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/87977-180b339392f5120f4048-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/scripts-compressed/async-gdpr-cookie-banner-1b1ff11b5ba53e1780d9-min.en-US.js HTTP/1.1Host: assets.squarespace.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/default-favicon.ico HTTP/1.1Host: assets.squarespace.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /p.gif?s=2&k=646866_672d28f572bca453f1036bff&ht=tk&h=rnicrosoft-secured-office.squarespace.com&f=26060.26053.26061.26054&a=646866&js=1.21.0&app=typekit&e=js&_=1739927142403 HTTP/1.1Host: p.typekit.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /universal/default-favicon.ico HTTP/1.1Host: assets.squarespace.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /p.gif?s=2&k=646866_672d28f572bca453f1036bff&ht=tk&h=rnicrosoft-secured-office.squarespace.com&f=26060.26053.26061.26054&a=646866&js=1.21.0&app=typekit&e=js&_=1739927142403 HTTP/1.1Host: p.typekit.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /office-sharepoint-document/share/index2.html?e=bob_smith@gmail.com HTTP/1.1Host: mail67.onlineConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /office-sharepoint-document/share/index2.html?e=bob_smith@gmail.com HTTP/1.1Host: mail67.onlineConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://rnicrosoft-secured-office.squarespace.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /api/census/button-click HTTP/1.1Host: rnicrosoft-secured-office.squarespace.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: crumb=BY7YwBVLGCGIM2FjMGY2ZDNlOTU1Y2JhYWE3ODcxMGI1OGU0Y2Fl; ss_cvr=0ca9d481-535e-4ead-a812-76a5352290c8|1739927141237|1739927141237|1739927141237|1; ss_cvt=1739927141237
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=914259c339ad1875 HTTP/1.1Host: mail67.onlineConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.com&__cf_chl_rt_tk=TvhObfW3EqKiPVX20DhWWvLufS0S7HAvoRFhFheNw40-1739927148-1.0.1.1-YuKpP40JE7RQqPiMu3azvBInxmpV8VND3bMEtC2h0RAAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /turnstile/v0/g/0e3e6804b971/api.js?onload=UhLpB4&render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://mail67.onlinesec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=914259c339ad1875 HTTP/1.1Host: mail67.onlineConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: mail67.onlineConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /turnstile/v0/g/0e3e6804b971/api.js?onload=UhLpB4&render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/90vfg/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/902583062:1739923832:Ohl8hsc7f_BvEnbG3rn1s47Bj_ULzOodOvCVJwmuIDM/914259c339ad1875/0Ds919B1CnaFyl5L9NFjoePsYSKFGCqLMj1SnGXb_lM-1739927148-1.2.1.1-8tKDZ31D07kMiyLLl6DZ8cUTCgFndSLXude8wDKWLLcG7IDAGM5pntnCvCi_.UM9 HTTP/1.1Host: mail67.onlineConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=914259d6bcfe422d&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/90vfg/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/90vfg/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=914259d6bcfe422d&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: mail67.onlineConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1583986013:1739924094:3Fo09WgrlnlSwo0Ya5PIsyrbJJLkcg4qabQ8c1KtrnU/914259d6bcfe422d/Ct1tgroLHOYncZ0KyBLuayOy.m9iokablEguFGAKJGI-1739927151-1.1.1.1-mz3g44cUN6nmLFxpr221qjz_EwfucfikPW12iM4k.uDskAvJuQDxppaJWrUzLqX2 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/d/914259d6bcfe422d/1739927152888/OB_8fIdjZfic7WB HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/90vfg/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/d/914259d6bcfe422d/1739927152888/OB_8fIdjZfic7WB HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/pat/914259d6bcfe422d/1739927152895/fcf063e63a7153c316751821b4507547269282e4e2d1a771d800628fc5e8aa78/qhFuU_R96oqMk-j HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/90vfg/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1583986013:1739924094:3Fo09WgrlnlSwo0Ya5PIsyrbJJLkcg4qabQ8c1KtrnU/914259d6bcfe422d/Ct1tgroLHOYncZ0KyBLuayOy.m9iokablEguFGAKJGI-1739927151-1.1.1.1-mz3g44cUN6nmLFxpr221qjz_EwfucfikPW12iM4k.uDskAvJuQDxppaJWrUzLqX2 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1583986013:1739924094:3Fo09WgrlnlSwo0Ya5PIsyrbJJLkcg4qabQ8c1KtrnU/914259d6bcfe422d/Ct1tgroLHOYncZ0KyBLuayOy.m9iokablEguFGAKJGI-1739927151-1.1.1.1-mz3g44cUN6nmLFxpr221qjz_EwfucfikPW12iM4k.uDskAvJuQDxppaJWrUzLqX2 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/902583062:1739923832:Ohl8hsc7f_BvEnbG3rn1s47Bj_ULzOodOvCVJwmuIDM/914259c339ad1875/0Ds919B1CnaFyl5L9NFjoePsYSKFGCqLMj1SnGXb_lM-1739927148-1.2.1.1-8tKDZ31D07kMiyLLl6DZ8cUTCgFndSLXude8wDKWLLcG7IDAGM5pntnCvCi_.UM9 HTTP/1.1Host: mail67.onlineConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: mail67.onlineConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.com&__cf_chl_tk=TvhObfW3EqKiPVX20DhWWvLufS0S7HAvoRFhFheNw40-1739927148-1.0.1.1-YuKpP40JE7RQqPiMu3azvBInxmpV8VND3bMEtC2h0RAAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: mail67.onlineConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=mFrtnScdNVaUPJVsRZ_.qwqDfibg7u_iLqiCSD1UU8U-1739927148-1.2.1.1-K38E8SXo9pitSYOboBWHEfBqRt5B__veiK5JeKbZPIfo0L0Jv91h1n.WR90..k4axcxl4xnOOLV3loCCGhq5MBLgon1gFvKZQ4aldVDMIiySpivnNt9sSfJlwq8tiGurgTUhI6NptJIi6co5OnfpXNuNjNPNzZFHepc9ALWH2emEAJf47Vtul3XhYMdzZuSLb4OQNEo7vlhQ3Si2vF1m7z_MqbEk_wLbY786mpmASq5KXgkMtCCqmZUyJfM_VGitRTlxU_._YTP0.dowaBVKcFLSvbjJaBETQemnNDb7tcLaA_oCKhr7PMjLrc380Od8dDYDcpTe4PGu0LzD5Ep2JA; m1bLj0vYxhztrKHpFJ6TG3PP7K0=jRannCw4KdJg6NuIs7JSgkRiehM; 8WG9J4INFuaqxAsOEyOYTC1MjMg=1739927163; 2YitrQxKHlyorUsOVPlpAn0MHSw=1740013563; Oj_NDR6rKPne1VbdJ9Z2yjRJDUA=yY9ZPFQlcSua6hrgSUzMhRFTIe0; 1GTfD_8syJIV4KCZVmpFrBMLVBM=fPSCk0AST7t8Tl_pqnAbfzdpY2c; z_SJ1sR9Rbgjb2KuaNGYIqcT-_8=24V5fd_SqGfynCsHmAJbl9ySndA
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1Host: mail67.onlineConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=mFrtnScdNVaUPJVsRZ_.qwqDfibg7u_iLqiCSD1UU8U-1739927148-1.2.1.1-K38E8SXo9pitSYOboBWHEfBqRt5B__veiK5JeKbZPIfo0L0Jv91h1n.WR90..k4axcxl4xnOOLV3loCCGhq5MBLgon1gFvKZQ4aldVDMIiySpivnNt9sSfJlwq8tiGurgTUhI6NptJIi6co5OnfpXNuNjNPNzZFHepc9ALWH2emEAJf47Vtul3XhYMdzZuSLb4OQNEo7vlhQ3Si2vF1m7z_MqbEk_wLbY786mpmASq5KXgkMtCCqmZUyJfM_VGitRTlxU_._YTP0.dowaBVKcFLSvbjJaBETQemnNDb7tcLaA_oCKhr7PMjLrc380Od8dDYDcpTe4PGu0LzD5Ep2JA; m1bLj0vYxhztrKHpFJ6TG3PP7K0=jRannCw4KdJg6NuIs7JSgkRiehM; 8WG9J4INFuaqxAsOEyOYTC1MjMg=1739927163; 2YitrQxKHlyorUsOVPlpAn0MHSw=1740013563; Oj_NDR6rKPne1VbdJ9Z2yjRJDUA=yY9ZPFQlcSua6hrgSUzMhRFTIe0; 1GTfD_8syJIV4KCZVmpFrBMLVBM=fPSCk0AST7t8Tl_pqnAbfzdpY2c; z_SJ1sR9Rbgjb2KuaNGYIqcT-_8=24V5fd_SqGfynCsHmAJbl9ySndA
            Source: global trafficHTTP traffic detected: GET /office-sharepoint-document/share/index2.html?e=bob_smith@gmail.com HTTP/1.1Host: mail67.onlineConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=mFrtnScdNVaUPJVsRZ_.qwqDfibg7u_iLqiCSD1UU8U-1739927148-1.2.1.1-K38E8SXo9pitSYOboBWHEfBqRt5B__veiK5JeKbZPIfo0L0Jv91h1n.WR90..k4axcxl4xnOOLV3loCCGhq5MBLgon1gFvKZQ4aldVDMIiySpivnNt9sSfJlwq8tiGurgTUhI6NptJIi6co5OnfpXNuNjNPNzZFHepc9ALWH2emEAJf47Vtul3XhYMdzZuSLb4OQNEo7vlhQ3Si2vF1m7z_MqbEk_wLbY786mpmASq5KXgkMtCCqmZUyJfM_VGitRTlxU_._YTP0.dowaBVKcFLSvbjJaBETQemnNDb7tcLaA_oCKhr7PMjLrc380Od8dDYDcpTe4PGu0LzD5Ep2JA; m1bLj0vYxhztrKHpFJ6TG3PP7K0=jRannCw4KdJg6NuIs7JSgkRiehM; 8WG9J4INFuaqxAsOEyOYTC1MjMg=1739927163; 2YitrQxKHlyorUsOVPlpAn0MHSw=1740013563; Oj_NDR6rKPne1VbdJ9Z2yjRJDUA=yY9ZPFQlcSua6hrgSUzMhRFTIe0; 1GTfD_8syJIV4KCZVmpFrBMLVBM=fPSCk0AST7t8Tl_pqnAbfzdpY2c; z_SJ1sR9Rbgjb2KuaNGYIqcT-_8=24V5fd_SqGfynCsHmAJbl9ySndA; ozUJtamrmi9rwZiz-15FrcsXb04=Bb7RnVB8P6k7khDLPan_0W6uUkE; fmhKaJjMdMUfwNVR23P8Xd5Msxo=1739927164; MnEwdT7RW3xHrko873aUD3_qX5E=1740013564; ozl0-fcTUfxg3OiJk19Uuu7m9K0=Fr-L4hvqUUnNFk3vlhoGiNhzEbY; _yNBSbzzvKcO97q2uD9_oxRmD2g=4qbImVw2kVHzM9nfZN44doHP8nk; nFEjtu9l2qCgwWESEBQnRqvgvIw=1739927165; qptA3eOSGVfAlneVT2-xjPBlCTY=1740013565; miO7Wj7aJCS5mjTGSvFtMs1rgzk=u70QwJ_CaIug-5ZE429p1odIhoM
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/0e3e6804b971/main.js? HTTP/1.1Host: mail67.onlineConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=mFrtnScdNVaUPJVsRZ_.qwqDfibg7u_iLqiCSD1UU8U-1739927148-1.2.1.1-K38E8SXo9pitSYOboBWHEfBqRt5B__veiK5JeKbZPIfo0L0Jv91h1n.WR90..k4axcxl4xnOOLV3loCCGhq5MBLgon1gFvKZQ4aldVDMIiySpivnNt9sSfJlwq8tiGurgTUhI6NptJIi6co5OnfpXNuNjNPNzZFHepc9ALWH2emEAJf47Vtul3XhYMdzZuSLb4OQNEo7vlhQ3Si2vF1m7z_MqbEk_wLbY786mpmASq5KXgkMtCCqmZUyJfM_VGitRTlxU_._YTP0.dowaBVKcFLSvbjJaBETQemnNDb7tcLaA_oCKhr7PMjLrc380Od8dDYDcpTe4PGu0LzD5Ep2JA; m1bLj0vYxhztrKHpFJ6TG3PP7K0=jRannCw4KdJg6NuIs7JSgkRiehM; 8WG9J4INFuaqxAsOEyOYTC1MjMg=1739927163; 2YitrQxKHlyorUsOVPlpAn0MHSw=1740013563; Oj_NDR6rKPne1VbdJ9Z2yjRJDUA=yY9ZPFQlcSua6hrgSUzMhRFTIe0; 1GTfD_8syJIV4KCZVmpFrBMLVBM=fPSCk0AST7t8Tl_pqnAbfzdpY2c; z_SJ1sR9Rbgjb2KuaNGYIqcT-_8=24V5fd_SqGfynCsHmAJbl9ySndA; ozUJtamrmi9rwZiz-15FrcsXb04=Bb7RnVB8P6k7khDLPan_0W6uUkE; fmhKaJjMdMUfwNVR23P8Xd5Msxo=1739927164; MnEwdT7RW3xHrko873aUD3_qX5E=1740013564; ozl0-fcTUfxg3OiJk19Uuu7m9K0=Fr-L4hvqUUnNFk3vlhoGiNhzEbY; _yNBSbzzvKcO97q2uD9_oxRmD2g=4qbImVw2kVHzM9nfZN44doHP8nk; nFEjtu9l2qCgwWESEBQnRqvgvIw=1739927165; qptA3eOSGVfAlneVT2-xjPBlCTY=1740013565; miO7Wj7aJCS5mjTGSvFtMs1rgzk=u70QwJ_CaIug-5ZE429p1odIhoM
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mail67.online/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/picker_verify_sms_b15dda889e9803e9d6befd60000fadf8.png HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mail67.online/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: json.geoiplookup.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://mail67.onlineSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://mail67.online/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/0e3e6804b971/main.js? HTTP/1.1Host: mail67.onlineConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m1bLj0vYxhztrKHpFJ6TG3PP7K0=jRannCw4KdJg6NuIs7JSgkRiehM; 8WG9J4INFuaqxAsOEyOYTC1MjMg=1739927163; 2YitrQxKHlyorUsOVPlpAn0MHSw=1740013563; Oj_NDR6rKPne1VbdJ9Z2yjRJDUA=yY9ZPFQlcSua6hrgSUzMhRFTIe0; 1GTfD_8syJIV4KCZVmpFrBMLVBM=fPSCk0AST7t8Tl_pqnAbfzdpY2c; z_SJ1sR9Rbgjb2KuaNGYIqcT-_8=24V5fd_SqGfynCsHmAJbl9ySndA; ozUJtamrmi9rwZiz-15FrcsXb04=Bb7RnVB8P6k7khDLPan_0W6uUkE; fmhKaJjMdMUfwNVR23P8Xd5Msxo=1739927164; MnEwdT7RW3xHrko873aUD3_qX5E=1740013564; ozl0-fcTUfxg3OiJk19Uuu7m9K0=Fr-L4hvqUUnNFk3vlhoGiNhzEbY; _yNBSbzzvKcO97q2uD9_oxRmD2g=4qbImVw2kVHzM9nfZN44doHP8nk; nFEjtu9l2qCgwWESEBQnRqvgvIw=1739927165; qptA3eOSGVfAlneVT2-xjPBlCTY=1740013565; miO7Wj7aJCS5mjTGSvFtMs1rgzk=u70QwJ_CaIug-5ZE429p1odIhoM
            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: json.geoiplookup.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/jsd/r/0.5297247938192924:1739923825:MXFhBhBivQPWE5aCe1rgbLv5116TCIuaZ9sBRg_Nm10/91425a378e36c327 HTTP/1.1Host: mail67.onlineConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m1bLj0vYxhztrKHpFJ6TG3PP7K0=jRannCw4KdJg6NuIs7JSgkRiehM; 8WG9J4INFuaqxAsOEyOYTC1MjMg=1739927163; 2YitrQxKHlyorUsOVPlpAn0MHSw=1740013563; Oj_NDR6rKPne1VbdJ9Z2yjRJDUA=yY9ZPFQlcSua6hrgSUzMhRFTIe0; 1GTfD_8syJIV4KCZVmpFrBMLVBM=fPSCk0AST7t8Tl_pqnAbfzdpY2c; z_SJ1sR9Rbgjb2KuaNGYIqcT-_8=24V5fd_SqGfynCsHmAJbl9ySndA; ozUJtamrmi9rwZiz-15FrcsXb04=Bb7RnVB8P6k7khDLPan_0W6uUkE; fmhKaJjMdMUfwNVR23P8Xd5Msxo=1739927164; MnEwdT7RW3xHrko873aUD3_qX5E=1740013564; ozl0-fcTUfxg3OiJk19Uuu7m9K0=Fr-L4hvqUUnNFk3vlhoGiNhzEbY; _yNBSbzzvKcO97q2uD9_oxRmD2g=4qbImVw2kVHzM9nfZN44doHP8nk; nFEjtu9l2qCgwWESEBQnRqvgvIw=1739927165; qptA3eOSGVfAlneVT2-xjPBlCTY=1740013565; miO7Wj7aJCS5mjTGSvFtMs1rgzk=u70QwJ_CaIug-5ZE429p1odIhoM
            Source: global trafficHTTP traffic detected: GET /87-89898/2.php HTTP/1.1Host: violin.com.wine0-3m.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /87-89898/2.php HTTP/1.1Host: violin.com.wine0-3m.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /87-89898/2.php HTTP/1.1Host: violin.com.wine0-3m.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /87-89898/2.php HTTP/1.1Host: violin.com.wine0-3m.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /87-89898/2.php HTTP/1.1Host: violin.com.wine0-3m.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /87-89898/2.php HTTP/1.1Host: violin.com.wine0-3m.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /87-89898/2.php HTTP/1.1Host: violin.com.wine0-3m.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /87-89898/2.php HTTP/1.1Host: violin.com.wine0-3m.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /87-89898/2.php HTTP/1.1Host: violin.com.wine0-3m.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /87-89898/2.php HTTP/1.1Host: violin.com.wine0-3m.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /87-89898/2.php HTTP/1.1Host: violin.com.wine0-3m.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /87-89898/2.php HTTP/1.1Host: violin.com.wine0-3m.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /87-89898/2.php HTTP/1.1Host: violin.com.wine0-3m.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /87-89898/2.php HTTP/1.1Host: violin.com.wine0-3m.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /87-89898/2.php HTTP/1.1Host: violin.com.wine0-3m.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /87-89898/2.php HTTP/1.1Host: violin.com.wine0-3m.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /87-89898/2.php HTTP/1.1Host: violin.com.wine0-3m.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /87-89898/2.php HTTP/1.1Host: violin.com.wine0-3m.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /87-89898/2.php HTTP/1.1Host: violin.com.wine0-3m.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /87-89898/2.php HTTP/1.1Host: violin.com.wine0-3m.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /87-89898/2.php HTTP/1.1Host: violin.com.wine0-3m.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficDNS traffic detected: DNS query: rnicrosoft-secured-office.squarespace.com
            Source: global trafficDNS traffic detected: DNS query: images.squarespace-cdn.com
            Source: global trafficDNS traffic detected: DNS query: use.typekit.net
            Source: global trafficDNS traffic detected: DNS query: p.typekit.net
            Source: global trafficDNS traffic detected: DNS query: assets.squarespace.com
            Source: global trafficDNS traffic detected: DNS query: static1.squarespace.com
            Source: global trafficDNS traffic detected: DNS query: www.google.com
            Source: global trafficDNS traffic detected: DNS query: mail67.online
            Source: global trafficDNS traffic detected: DNS query: performance.squarespace.com
            Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
            Source: global trafficDNS traffic detected: DNS query: challenges.cloudflare.com
            Source: global trafficDNS traffic detected: DNS query: aadcdn.msftauth.net
            Source: global trafficDNS traffic detected: DNS query: json.geoiplookup.io
            Source: global trafficDNS traffic detected: DNS query: violin.com.wine0-3m.net
            Source: unknownHTTP traffic detected: POST /api/census/RecordHit HTTP/1.1Host: rnicrosoft-secured-office.squarespace.comConnection: keep-aliveContent-Length: 875sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-CSRF-Token: BY7YwBVLGCGIM2FjMGY2ZDNlOTU1Y2JhYWE3ODcxMGI1OGU0Y2Flsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencoded; charset=UTF-8Accept: application/json, text/plain, */*sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Origin: https://rnicrosoft-secured-office.squarespace.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: crumb=BY7YwBVLGCGIM2FjMGY2ZDNlOTU1Y2JhYWE3ODcxMGI1OGU0Y2Fl; ss_cvr=0ca9d481-535e-4ead-a812-76a5352290c8|1739927141237|1739927141237|1739927141237|1; ss_cvt=1739927141237
            Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Wed, 19 Feb 2025 01:05:47 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeaccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UAcritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UAcross-origin-embedder-policy: require-corpcross-origin-opener-policy: same-origincross-origin-resource-policy: same-originorigin-agent-cluster: ?1permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()referrer-policy: same-originx-content-options: nosniffx-frame-options: SAMEORIGINcf-mitigated: challengeserver-timing: chlray;desc="914259c28b024344"
            Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Wed, 19 Feb 2025 01:05:48 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeaccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UAcritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UAcross-origin-embedder-policy: require-corpcross-origin-opener-policy: same-origincross-origin-resource-policy: same-originorigin-agent-cluster: ?1permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()referrer-policy: same-originx-content-options: nosniffx-frame-options: SAMEORIGINcf-mitigated: challengeserver-timing: chlray;desc="914259c339ad1875"
            Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Wed, 19 Feb 2025 01:05:50 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeaccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UAcritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UAcross-origin-embedder-policy: require-corpcross-origin-opener-policy: same-origincross-origin-resource-policy: same-originorigin-agent-cluster: ?1permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()referrer-policy: same-originx-content-options: nosniffx-frame-options: SAMEORIGINcf-mitigated: challengeserver-timing: chlray;desc="914259d2ebc0c327"
            Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Wed, 19 Feb 2025 01:05:53 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeaccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UAcritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UAcross-origin-embedder-policy: require-corpcross-origin-opener-policy: same-origincross-origin-resource-policy: same-originorigin-agent-cluster: ?1permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()referrer-policy: same-originx-content-options: nosniffx-frame-options: SAMEORIGINcf-mitigated: challengeserver-timing: chlray;desc="914259e3b8a9c327"
            Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Wed, 19 Feb 2025 01:06:03 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeaccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UAcritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UAcross-origin-embedder-policy: require-corpcross-origin-opener-policy: same-origincross-origin-resource-policy: same-originorigin-agent-cluster: ?1permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()referrer-policy: same-originx-content-options: nosniffx-frame-options: SAMEORIGINcf-mitigated: challengeserver-timing: chlray;desc="91425a218ef9c327"
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 321Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: b0432e35-a01e-0075-656a-82ea4b000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Wed, 19 Feb 2025 01:06:08 GMTConnection: closeAkamai-GRN: 0.8b771002.1739927168.1121b79b
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 321Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: 08098150-d01e-00e7-376a-82bb34000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Wed, 19 Feb 2025 01:06:08 GMTConnection: closeAkamai-GRN: 0.8b771002.1739927168.1121b79c
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
            Source: unknownNetwork traffic detected: HTTP traffic on port 64725 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
            Source: unknownNetwork traffic detected: HTTP traffic on port 64748 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
            Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50056
            Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50131 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 64719 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
            Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
            Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
            Source: unknownNetwork traffic detected: HTTP traffic on port 49950 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49973
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
            Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49971
            Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49967 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 64743 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50056 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50066
            Source: unknownNetwork traffic detected: HTTP traffic on port 49893 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50069
            Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 64737 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50107 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49915 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
            Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
            Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49968
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49967
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
            Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
            Source: unknownNetwork traffic detected: HTTP traffic on port 50120 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
            Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50075
            Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50130 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50079
            Source: unknownNetwork traffic detected: HTTP traffic on port 50096 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50108 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49959
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
            Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
            Source: unknownNetwork traffic detected: HTTP traffic on port 49921 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49957
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49955
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
            Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49950
            Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49944 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50086
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50088
            Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50079 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50136 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50096
            Source: unknownNetwork traffic detected: HTTP traffic on port 49955 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
            Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49945
            Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49944
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
            Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
            Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
            Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49945 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50131
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50130
            Source: unknownNetwork traffic detected: HTTP traffic on port 64744 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49968 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 64729 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50132
            Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50135
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50134
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50136
            Source: unknownNetwork traffic detected: HTTP traffic on port 64738 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
            Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49899
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49894
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49893
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
            Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49957 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
            Source: unknownNetwork traffic detected: HTTP traffic on port 64733 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
            Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
            Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 64723 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50066 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
            Source: unknownNetwork traffic detected: HTTP traffic on port 64717 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
            Source: unknownNetwork traffic detected: HTTP traffic on port 49973 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
            Source: unknownNetwork traffic detected: HTTP traffic on port 49923 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
            Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 64745 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 64728 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50132 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
            Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 64740 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64736
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64735
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64738
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64737
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64730
            Source: unknownNetwork traffic detected: HTTP traffic on port 64734 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64731
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64734
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64733
            Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50108
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50107
            Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 64722 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50134 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64746
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64748
            Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50128 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64741
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64740
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64743
            Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64742
            Source: unknownNetwork traffic detected: HTTP traffic on port 49901 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64745
            Source: unknownNetwork traffic detected: HTTP traffic on port 50088 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64744
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50117
            Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49930 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 64746 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 64727 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50128
            Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50129
            Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50120
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
            Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 64741 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49913 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 64735 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
            Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
            Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50098
            Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49894 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 64721 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50075 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50129 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50135 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49937
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
            Source: unknownNetwork traffic detected: HTTP traffic on port 64730 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49932
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49930
            Source: unknownNetwork traffic detected: HTTP traffic on port 64726 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50117 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49971 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50098 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49927
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
            Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49923
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49922
            Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49921
            Source: unknownNetwork traffic detected: HTTP traffic on port 50086 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 64742 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 64736 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49914 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64717
            Source: unknownNetwork traffic detected: HTTP traffic on port 49937 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64719
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49915
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49914
            Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49913
            Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49948 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 64720 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49899 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64725
            Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49959 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64727
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64726
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64729
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64728
            Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64721
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49901
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64720
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49900
            Source: unknownNetwork traffic detected: HTTP traffic on port 50069 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64723
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64722
            Source: unknownNetwork traffic detected: HTTP traffic on port 64731 -> 443
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_576443262
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_576443262\sets.json
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_576443262\manifest.json
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_576443262\LICENSE
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_576443262\_metadata\
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_576443262\_metadata\verified_contents.json
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_576443262\manifest.fingerprint
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1034778216
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1034778216\Google.Widevine.CDM.dll
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1034778216\manifest.json
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1034778216\_metadata\
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1034778216\_metadata\verified_contents.json
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1034778216\manifest.fingerprint
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1416503629
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1416503629\_platform_specific\
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1416503629\_platform_specific\win_x64\
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1416503629\_platform_specific\win_x64\widevinecdm.dll.sig
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1416503629\_platform_specific\win_x64\widevinecdm.dll
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1416503629\LICENSE
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1416503629\manifest.json
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1416503629\_metadata\
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1416503629\_metadata\verified_contents.json
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1416503629\manifest.fingerprint
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\chrome_BITS_5552_1835838729
            Source: classification engineClassification label: mal68.phis.win@25/63@54/355
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
            Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1940,i,2719269508634971075,1435348727123418121,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
            Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.com"
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1940,i,2719269508634971075,1435348727123418121,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: Window RecorderWindow detected: More than 3 window changes detected
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1416503629\_platform_specific\win_x64\widevinecdm.dllJump to dropped file
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1416503629\_platform_specific\win_x64\widevinecdm.dllJump to dropped file
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

            Mitre Att&ck Matrix

            ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
            Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation2
            Browser Extensions            		1
            Process Injection            		21
            Masquerading            		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
            Encrypted Channel            		Exfiltration Over Other Network MediumAbuse Accessibility Features
            CredentialsDomainsDefault AccountsScheduled Task/Job1
            Registry Run Keys / Startup Folder            		1
            Registry Run Keys / Startup Folder            		1
            Process Injection            		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
            Non-Application Layer Protocol            		Exfiltration Over BluetoothNetwork Denial of Service
            Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
            File Deletion            		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
            Application Layer Protocol            		Automated ExfiltrationData Encrypted for Impact
            Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
            Ingress Tool Transfer            		Traffic DuplicationData Destruction

            Screenshots

            Thumbnails

            This section contains all screenshots as thumbnails, including those not shown in the slideshow.


            windows-stand

            Antivirus, Machine Learning and Genetic Malware Detection

            Initial Sample

            SourceDetectionScannerLabelLink
            https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.com0%Avira URL Cloudsafe

            Dropped Files

            SourceDetectionScannerLabelLink
            C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1416503629\_platform_specific\win_x64\widevinecdm.dll0%ReversingLabs

            Unpacked PE Files

            No Antivirus matches

            Domains

            No Antivirus matches

            URLs

            SourceDetectionScannerLabelLink
            https://static1.squarespace.com/static/versioned-site-css/672d28f572bca453f1036bff/2/5c5a519771c10ba3470d8101/672d28f572bca453f1036c0b/1613/site.css0%Avira URL Cloudsafe
            https://assets.squarespace.com/universal/styles-compressed/user-account-core-adaf6be325b26739da8e-min.en-US.css0%Avira URL Cloudsafe
            https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1739381320286-8FJE7NMLDZWANM5PXDLU/static.css0%Avira URL Cloudsafe
            https://use.typekit.net/ik/-dzzysHa3tKUyJJc3KR3RhoeAL-OqN0cIFnRnyMvKZXfecGJXnX1IyvhF2jtFRZLFRSkZ2JtZR9awc4RjQbuwhjUw2whjcZce6MKfcBRiAuTdKu3Scv7f6Rwk3IbMg6BJMJ7f6RBk3IbMg6YJMJ7f6RFk3IbMg6VJMJ7f6Rek3IbMg6sJMHbMdWET_Ge.js0%Avira URL Cloudsafe
            https://images.squarespace-cdn.com/content/v1/672d28f572bca453f1036bff/f04044db-e57e-4352-8811-98daa3fb2e8a/IMG_0641+%281%29.png?format=1000w0%Avira URL Cloudsafe
            https://assets.squarespace.com/universal/scripts-compressed/async-gdpr-cookie-banner-1b1ff11b5ba53e1780d9-min.en-US.js0%Avira URL Cloudsafe
            https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-0c96ad3f9948c3a7b631-min.en-US.js0%Avira URL Cloudsafe
            https://assets.squarespace.com/universal/scripts-compressed/user-account-core-d80e9a3c45e2451dcc03-min.en-US.js0%Avira URL Cloudsafe
            https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-c255a3b3b51c88603d1f-min.en-US.js0%Avira URL Cloudsafe
            https://rnicrosoft-secured-office.squarespace.com/api/census/button-click0%Avira URL Cloudsafe
            https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.7a52a694fd4248c18775c6aa813a0358.js0%Avira URL Cloudsafe
            https://assets.squarespace.com/universal/styles-compressed/941786f6875728a7dbb0-min.en-US.css0%Avira URL Cloudsafe
            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=914259d6bcfe422d&lang=auto0%Avira URL Cloudsafe
            https://assets.squarespace.com/universal/scripts-compressed/2775-0e66db97f5a873a38d07-min.en-US.js0%Avira URL Cloudsafe
            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/90vfg/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/0%Avira URL Cloudsafe
            https://use.typekit.net/af/8a06c7/00000000000000007735d42a/30/l?subset_id=2&fvd=i5&v=30%Avira URL Cloudsafe
            https://assets.squarespace.com/universal/scripts-compressed/common-79e00f5d25543a53dff1-min.en-US.js0%Avira URL Cloudsafe
            https://assets.squarespace.com/universal/scripts-compressed/87977-180b339392f5120f4048-min.en-US.js0%Avira URL Cloudsafe
            https://use.typekit.net/af/5de54d/00000000000000007735d404/30/l?subset_id=2&fvd=n7&v=30%Avira URL Cloudsafe
            https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-2965e1fc774101038a7d-min.en-US.js0%Avira URL Cloudsafe
            https://p.typekit.net/p.gif?s=2&k=646866_672d28f572bca453f1036bff&ht=tk&h=rnicrosoft-secured-office.squarespace.com&f=26060.26053.26061.26054&a=646866&js=1.21.0&app=typekit&e=js&_=17399271424030%Avira URL Cloudsafe
            https://use.typekit.net/af/e6e37f/00000000000000007735d426/30/l?subset_id=2&fvd=n5&v=30%Avira URL Cloudsafe
            https://assets.squarespace.com/universal/scripts-compressed/common-vendors-8921de8f24d51c37e1bd-min.en-US.js0%Avira URL Cloudsafe
            https://use.typekit.net/af/ac398f/00000000000000007759c2e7/30/l?subset_id=2&fvd=i7&v=30%Avira URL Cloudsafe
            https://mail67.online/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=914259c339ad18750%Avira URL Cloudsafe
            https://assets.squarespace.com/universal/scripts-compressed/performance-daea797f26ec33aee348-min.en-US.js0%Avira URL Cloudsafe
            https://rnicrosoft-secured-office.squarespace.com/api/census/RecordHit0%Avira URL Cloudsafe
            https://mail67.online/cdn-cgi/challenge-platform/h/g/flow/ov1/902583062:1739923832:Ohl8hsc7f_BvEnbG3rn1s47Bj_ULzOodOvCVJwmuIDM/914259c339ad1875/0Ds919B1CnaFyl5L9NFjoePsYSKFGCqLMj1SnGXb_lM-1739927148-1.2.1.1-8tKDZ31D07kMiyLLl6DZ8cUTCgFndSLXude8wDKWLLcG7IDAGM5pntnCvCi_.UM90%Avira URL Cloudsafe
            https://mail67.online/favicon.ico0%Avira URL Cloudsafe
            https://rnicrosoft-secured-office.squarespace.com/api/census/button-render0%Avira URL Cloudsafe
            https://a.nel.cloudflare.com/report/v4?s=LPsBY%2BNFLY0XLIYuDYYOjIR7UkSFYT1NcqHw7939I1DAhPaCasZDDOuD51SvEkpz%2BczRSQWV89c871UsZY8oc3JnfuNCNzAGu%2Fi0RgZ%2FizBdFLtn42eKOQdY9iELY1S80%Avira URL Cloudsafe
            https://assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-c4d588d4255cd4c70fa3-min.en-US.js0%Avira URL Cloudsafe
            https://mail67.online/cdn-cgi/challenge-platform/h/g/scripts/jsd/0e3e6804b971/main.js?0%Avira URL Cloudsafe
            https://mail67.online/cdn-cgi/challenge-platform/scripts/jsd/main.js0%Avira URL Cloudsafe
            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/914259d6bcfe422d/1739927152895/fcf063e63a7153c316751821b4507547269282e4e2d1a771d800628fc5e8aa78/qhFuU_R96oqMk-j0%Avira URL Cloudsafe
            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/914259d6bcfe422d/1739927152888/OB_8fIdjZfic7WB0%Avira URL Cloudsafe
            https://aadcdn.msftauth.net/shared/1.0/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png0%Avira URL Cloudsafe
            https://aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_sms_b15dda889e9803e9d6befd60000fadf8.png0%Avira URL Cloudsafe
            https://mail67.online/cdn-cgi/challenge-platform/h/g/jsd/r/0.5297247938192924:1739923825:MXFhBhBivQPWE5aCe1rgbLv5116TCIuaZ9sBRg_Nm10/91425a378e36c3270%Avira URL Cloudsafe
            https://json.geoiplookup.io/0%Avira URL Cloudsafe
            https://violin.com.wine0-3m.net/87-89898/2.php0%Avira URL Cloudsafe
            https://a.nel.cloudflare.com/report/v4?s=VuUKlMKHRw6SrlCMMUFvDDxwR2JZZcitTKZBeT9rOzZMts7gq8AIzTQ0iMihY%2BDD40F%2B121PMUR8i7LoZWn%2Fr1I%2FrZtS5yyKkOdRktnffL4HdGmPGMrVeHQt%2B4StvfXQ0%Avira URL Cloudsafe
            https://a.nel.cloudflare.com/report/v4?s=q0hQ1je%2B7BXWEzGydFScc2CtIXfGmVA%2FVst%2FuBLxXJBJvVTqnxiQop1C%2BAL%2BNGuN%2FInUVdZB8N9WcTtE5GnZ%2F0bEozMduBJgsQU%2FICdYIY9Dz0RWg76sTmMZir0VpMMg0%Avira URL Cloudsafe

            Domains and IPs

            Contacted Domains

            NameIPActiveMaliciousAntivirus DetectionReputation
            s-part-0016.t-0009.t-msedge.net
            		13.107.246.44
            		truefalse
              		high
              performance.squarespace.com
              		35.186.236.0
              		truefalse
                		high
                json.geoiplookup.io
                		104.21.25.148
                		truefalse
                  		high
                  a.nel.cloudflare.com
                  		35.190.80.1
                  		truefalse
                    		high
                    e329293.dscd.akamaiedge.net
                    		92.123.12.139
                    		truefalse
                      		high
                      static.squarespace.map.fastly.net
                      		151.101.128.237
                      		truefalse
                        		high
                        s-part-0017.t-0009.t-msedge.net
                        		13.107.246.45
                        		truefalse
                          		high
                          squarespace.map.fastly.net
                          		151.101.192.238
                          		truefalse
                            		high
                            a1874.dscg1.akamai.net
                            		95.101.54.121
                            		truefalse
                              		high
                              mail67.online
                              		104.21.32.1
                              		truetrue
                                		unknown
                                rnicrosoft-secured-office.squarespace.com
                                		198.185.159.177
                                		truefalse
                                  		high
                                  a726.dscd.akamai.net
                                  		2.22.242.138
                                  		truefalse
                                    		high
                                    challenges.cloudflare.com
                                    		104.18.95.41
                                    		truefalse
                                      		high
                                      www.google.com
                                      		142.250.184.228
                                      		truefalse
                                        		high
                                        prod.squarespace.map.fastly.net
                                        		151.101.128.238
                                        		truefalse
                                          		high
                                          a1988.dscg1.akamai.net
                                          		2.16.202.120
                                          		truefalse
                                            		high
                                            violin.com.wine0-3m.net
                                            		82.221.136.47
                                            		truefalse
                                              		high
                                              use.typekit.net
                                              		unknown
                                              		unknownfalse
                                                		high
                                                images.squarespace-cdn.com
                                                		unknown
                                                		unknownfalse
                                                  		high
                                                  assets.squarespace.com
                                                  		unknown
                                                  		unknownfalse
                                                    		high
                                                    aadcdn.msftauth.net
                                                    		unknown
                                                    		unknownfalse
                                                      		high
                                                      static1.squarespace.com
                                                      		unknown
                                                      		unknownfalse
                                                        		high
                                                        p.typekit.net
                                                        		unknown
                                                        		unknownfalse
                                                          		high

                                                          Contacted URLs

                                                          NameMaliciousAntivirus DetectionReputation
                                                          https://images.squarespace-cdn.com/content/v1/672d28f572bca453f1036bff/f04044db-e57e-4352-8811-98daa3fb2e8a/IMG_0641+%281%29.png?format=1000wfalse
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          https://assets.squarespace.com/universal/scripts-compressed/async-gdpr-cookie-banner-1b1ff11b5ba53e1780d9-min.en-US.jsfalse
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          https://assets.squarespace.com/universal/styles-compressed/941786f6875728a7dbb0-min.en-US.cssfalse
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          https://assets.squarespace.com/universal/scripts-compressed/2775-0e66db97f5a873a38d07-min.en-US.jsfalse
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=914259d6bcfe422d&lang=autofalse
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          https://json.geoiplookup.io/false
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          https://assets.squarespace.com/universal/default-favicon.icofalse
                                                            		high
                                                            https://a.nel.cloudflare.com/report/v4?s=VuUKlMKHRw6SrlCMMUFvDDxwR2JZZcitTKZBeT9rOzZMts7gq8AIzTQ0iMihY%2BDD40F%2B121PMUR8i7LoZWn%2Fr1I%2FrZtS5yyKkOdRktnffL4HdGmPGMrVeHQt%2B4StvfXQfalse
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-c255a3b3b51c88603d1f-min.en-US.jsfalse
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            https://assets.squarespace.com/universal/styles-compressed/user-account-core-adaf6be325b26739da8e-min.en-US.cssfalse
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            https://rnicrosoft-secured-office.squarespace.com/api/census/button-clicktrue
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-2965e1fc774101038a7d-min.en-US.jsfalse
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            https://use.typekit.net/af/8a06c7/00000000000000007735d42a/30/l?subset_id=2&fvd=i5&v=3false
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/914259d6bcfe422d/1739927152888/OB_8fIdjZfic7WBfalse
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            https://mail67.online/cdn-cgi/challenge-platform/h/g/scripts/jsd/0e3e6804b971/main.js?false
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.comtrue
                                                              		unknown
                                                              https://use.typekit.net/af/5de54d/00000000000000007735d404/30/l?subset_id=2&fvd=n7&v=3false
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              https://p.typekit.net/p.gif?s=2&k=646866_672d28f572bca453f1036bff&ht=tk&h=rnicrosoft-secured-office.squarespace.com&f=26060.26053.26061.26054&a=646866&js=1.21.0&app=typekit&e=js&_=1739927142403false
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              https://mail67.online/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=914259c339ad1875false
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              https://mail67.online/cdn-cgi/challenge-platform/h/g/flow/ov1/902583062:1739923832:Ohl8hsc7f_BvEnbG3rn1s47Bj_ULzOodOvCVJwmuIDM/914259c339ad1875/0Ds919B1CnaFyl5L9NFjoePsYSKFGCqLMj1SnGXb_lM-1739927148-1.2.1.1-8tKDZ31D07kMiyLLl6DZ8cUTCgFndSLXude8wDKWLLcG7IDAGM5pntnCvCi_.UM9false
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              https://rnicrosoft-secured-office.squarespace.com/api/census/RecordHittrue
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              https://mail67.online/cdn-cgi/challenge-platform/scripts/jsd/main.jsfalse
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              https://aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_sms_b15dda889e9803e9d6befd60000fadf8.pngfalse
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              https://rnicrosoft-secured-office.squarespace.com/api/census/button-rendertrue
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              https://a.nel.cloudflare.com/report/v4?s=LPsBY%2BNFLY0XLIYuDYYOjIR7UkSFYT1NcqHw7939I1DAhPaCasZDDOuD51SvEkpz%2BczRSQWV89c871UsZY8oc3JnfuNCNzAGu%2Fi0RgZ%2FizBdFLtn42eKOQdY9iELY1S8false
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              https://assets.squarespace.com/@sqs/polyfiller/1.6/modern.jsfalse
                                                                		high
                                                                https://aadcdn.msftauth.net/shared/1.0/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.pngfalse
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-0c96ad3f9948c3a7b631-min.en-US.jsfalse
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.com&__cf_chl_tk=TvhObfW3EqKiPVX20DhWWvLufS0S7HAvoRFhFheNw40-1739927148-1.0.1.1-YuKpP40JE7RQqPiMu3azvBInxmpV8VND3bMEtC2h0RAtrue
                                                                  		unknown
                                                                  https://performance.squarespace.com/api/v1/recordsfalse
                                                                    		high
                                                                    https://static1.squarespace.com/static/versioned-site-css/672d28f572bca453f1036bff/2/5c5a519771c10ba3470d8101/672d28f572bca453f1036c0b/1613/site.cssfalse
                                                                    • Avira URL Cloud: safe
                                                                    		unknown
                                                                    https://assets.squarespace.com/universal/scripts-compressed/user-account-core-d80e9a3c45e2451dcc03-min.en-US.jsfalse
                                                                    • Avira URL Cloud: safe
                                                                    		unknown
                                                                    https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.comtrue
                                                                      		unknown
                                                                      https://use.typekit.net/ik/-dzzysHa3tKUyJJc3KR3RhoeAL-OqN0cIFnRnyMvKZXfecGJXnX1IyvhF2jtFRZLFRSkZ2JtZR9awc4RjQbuwhjUw2whjcZce6MKfcBRiAuTdKu3Scv7f6Rwk3IbMg6BJMJ7f6RBk3IbMg6YJMJ7f6RFk3IbMg6VJMJ7f6Rek3IbMg6sJMHbMdWET_Ge.jsfalse
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.7a52a694fd4248c18775c6aa813a0358.jsfalse
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/90vfg/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/new/normal/auto/false
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://assets.squarespace.com/universal/scripts-compressed/common-79e00f5d25543a53dff1-min.en-US.jsfalse
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://assets.squarespace.com/universal/scripts-compressed/87977-180b339392f5120f4048-min.en-US.jsfalse
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://mail67.online/cdn-cgi/challenge-platform/h/g/jsd/r/0.5297247938192924:1739923825:MXFhBhBivQPWE5aCe1rgbLv5116TCIuaZ9sBRg_Nm10/91425a378e36c327false
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1739381320286-8FJE7NMLDZWANM5PXDLU/static.cssfalse
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://use.typekit.net/af/e6e37f/00000000000000007735d426/30/l?subset_id=2&fvd=n5&v=3false
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://assets.squarespace.com/universal/scripts-compressed/common-vendors-8921de8f24d51c37e1bd-min.en-US.jsfalse
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://violin.com.wine0-3m.net/87-89898/2.phpfalse
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://use.typekit.net/af/ac398f/00000000000000007759c2e7/30/l?subset_id=2&fvd=i7&v=3false
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/914259d6bcfe422d/1739927152895/fcf063e63a7153c316751821b4507547269282e4e2d1a771d800628fc5e8aa78/qhFuU_R96oqMk-jfalse
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://assets.squarespace.com/universal/scripts-compressed/performance-daea797f26ec33aee348-min.en-US.jsfalse
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1false
                                                                        		high
                                                                        https://mail67.online/favicon.icofalse
                                                                        • Avira URL Cloud: safe
                                                                        		unknown
                                                                        https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/floating-cart.11c2f1b3c1cb2ba0d418.jsfalse
                                                                          		high
                                                                          https://assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-c4d588d4255cd4c70fa3-min.en-US.jsfalse
                                                                          • Avira URL Cloud: safe
                                                                          		unknown
                                                                          https://a.nel.cloudflare.com/report/v4?s=q0hQ1je%2B7BXWEzGydFScc2CtIXfGmVA%2FVst%2FuBLxXJBJvVTqnxiQop1C%2BAL%2BNGuN%2FInUVdZB8N9WcTtE5GnZ%2F0bEozMduBJgsQU%2FICdYIY9Dz0RWg76sTmMZir0VpMMgfalse
                                                                          • Avira URL Cloud: safe
                                                                          		unknown

                                                                          World Map of Contacted IPs

                                                                          • No. of IPs < 25%
                                                                          • 25% < No. of IPs < 50%
                                                                          • 50% < No. of IPs < 75%
                                                                          • 75% < No. of IPs

                                                                          Public IPs

                                                                          IPDomainCountryFlagASNASN NameMalicious
                                                                          142.250.185.228
                                                                          		unknownUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          216.58.212.142
                                                                          		unknownUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          13.107.246.45
                                                                          		s-part-0017.t-0009.t-msedge.netUnited States
                                                                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                          13.107.246.44
                                                                          		s-part-0016.t-0009.t-msedge.netUnited States
                                                                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                          104.18.94.41
                                                                          		unknownUnited States
                                                                          		13335CLOUDFLARENETUSfalse
                                                                          82.221.136.47
                                                                          		violin.com.wine0-3m.netIceland
                                                                          		50613THORDC-ASISfalse
                                                                          151.101.0.237
                                                                          		unknownUnited States
                                                                          		54113FASTLYUSfalse
                                                                          151.101.0.238
                                                                          		unknownUnited States
                                                                          		54113FASTLYUSfalse
                                                                          151.101.128.238
                                                                          		prod.squarespace.map.fastly.netUnited States
                                                                          		54113FASTLYUSfalse
                                                                          64.233.166.84
                                                                          		unknownUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          151.101.128.237
                                                                          		static.squarespace.map.fastly.netUnited States
                                                                          		54113FASTLYUSfalse
                                                                          104.21.112.1
                                                                          		unknownUnited States
                                                                          		13335CLOUDFLARENETUSfalse
                                                                          104.21.25.148
                                                                          		json.geoiplookup.ioUnited States
                                                                          		13335CLOUDFLARENETUSfalse
                                                                          142.250.185.163
                                                                          		unknownUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          142.250.186.131
                                                                          		unknownUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          35.190.80.1
                                                                          		a.nel.cloudflare.comUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          142.250.184.228
                                                                          		www.google.comUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          2.16.202.120
                                                                          		a1988.dscg1.akamai.netEuropean Union
                                                                          		16625AKAMAI-ASUSfalse
                                                                          142.250.186.74
                                                                          		unknownUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          142.250.186.35
                                                                          		unknownUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          1.1.1.1
                                                                          		unknownAustralia
                                                                          		13335CLOUDFLARENETUSfalse
                                                                          95.101.54.121
                                                                          		a1874.dscg1.akamai.netEuropean Union
                                                                          		34164AKAMAI-LONGBfalse
                                                                          104.21.32.1
                                                                          		mail67.onlineUnited States
                                                                          		13335CLOUDFLARENETUStrue
                                                                          151.101.192.238
                                                                          		squarespace.map.fastly.netUnited States
                                                                          		54113FASTLYUSfalse
                                                                          2.22.242.138
                                                                          		a726.dscd.akamai.netEuropean Union
                                                                          		20940AKAMAI-ASN1EUfalse
                                                                          142.250.185.234
                                                                          		unknownUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          92.123.12.139
                                                                          		e329293.dscd.akamaiedge.netEuropean Union
                                                                          		16625AKAMAI-ASUSfalse
                                                                          2.19.11.98
                                                                          		unknownEuropean Union
                                                                          		719ELISA-ASHelsinkiFinlandEUfalse
                                                                          104.18.95.41
                                                                          		challenges.cloudflare.comUnited States
                                                                          		13335CLOUDFLARENETUSfalse
                                                                          216.58.206.46
                                                                          		unknownUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          198.185.159.177
                                                                          		rnicrosoft-secured-office.squarespace.comUnited States
                                                                          		53831SQUARESPACEUSfalse
                                                                          239.255.255.250
                                                                          		unknownReserved
                                                                          		unknownunknownfalse
                                                                          142.250.185.195
                                                                          		unknownUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          88.221.110.11
                                                                          		unknownEuropean Union
                                                                          		20940AKAMAI-ASN1EUfalse
                                                                          95.101.54.129
                                                                          		unknownEuropean Union
                                                                          		34164AKAMAI-LONGBfalse
                                                                          35.186.236.0
                                                                          		performance.squarespace.comUnited States
                                                                          		15169GOOGLEUSfalse

                                                                          Private

                                                                          IP
                                                                          192.168.2.16

                                                                          General Information

                                                                          Joe Sandbox version:42.0.0 Malachite
                                                                          Analysis ID:1618675
                                                                          Start date and time:2025-02-19 02:05:01 +01:00
                                                                          Joe Sandbox product:CloudBasic
                                                                          Overall analysis duration:
                                                                          Hypervisor based Inspection enabled:false
                                                                          Report type:full
                                                                          Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                                          Sample URL:https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.com
                                                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                          Number of analysed new started processes analysed:13
                                                                          Number of new started drivers analysed:0
                                                                          Number of existing processes analysed:0
                                                                          Number of existing drivers analysed:0
                                                                          Number of injected processes analysed:0
                                                                          Technologies:
                                                                          • EGA enabled
                                                                          Analysis Mode:stream
                                                                          Analysis stop reason:Timeout
                                                                          Detection:MAL
                                                                          Classification:mal68.phis.win@25/63@54/355

                                                                          Warnings

                                                                          • Exclude process from analysis (whitelisted): svchost.exe
                                                                          • Excluded IPs from analysis (whitelisted): 142.250.185.163, 216.58.212.142, 64.233.166.84, 142.250.186.78, 142.250.185.234, 142.250.186.131, 142.250.185.110
                                                                          • Excluded domains from analysis (whitelisted): fonts.googleapis.com, clients2.google.com, accounts.google.com, redirector.gvt1.com, fonts.gstatic.com, clientservices.googleapis.com, clients.l.google.com
                                                                          • Not all processes where analyzed, report is missing behavior information
                                                                          • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                          • VT rate limit hit for: https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.com

                                                                          Created / dropped Files

                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Feb 19 00:05:37 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                          Category:dropped
                                                                          Size (bytes):2673
                                                                          Entropy (8bit):3.9855080296392864
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:8287B9BB3564321F0E66E5C11E6F35CE
                                                                          SHA1:4BCA4ED69A88F460AA0E47DC301FB401906D2667
                                                                          SHA-256:07112506C171CDDD1525F9AB2892A636A3D9228757FA91879C5FD6672B9CDEF0
                                                                          SHA-512:A5CC311B5F827A85D5180B49216EA1FE3F3683F11E8EDC7187518CB60B20ECC78698AFE1E3499B347C851D0281DC80403EE6624871457FECB1C1A0D2651B2EFA
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:L..................F.@.. ...$+.,.......cj...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ISZ......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VSZ......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VSZ......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VSZ............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VSZ.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............2......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Feb 19 00:05:37 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                          Category:dropped
                                                                          Size (bytes):2675
                                                                          Entropy (8bit):3.9997206120160302
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:31A8F8891F9C4D41660A838DA2F01390
                                                                          SHA1:4227DC63EED11B9633A880AADC2B6B16A74EE5D1
                                                                          SHA-256:F90A2EC491BC0322FFA559111EB08CDCA9897AC649292EB34117B8028C88804D
                                                                          SHA-512:827AC40C70DAE326125502BF6214B17AA67EEB43F0741EC40F7285FE736D9041B299BA0CD8EA2E13A6E073A8EF90B3EC31A59419E002349F1CD70FDC0AE83696
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:L..................F.@.. ...$+.,.... ..bj...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ISZ......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VSZ......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VSZ......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VSZ............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VSZ.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............2......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                          Category:dropped
                                                                          Size (bytes):2689
                                                                          Entropy (8bit):4.009558834707125
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:7CA96905A939D717AC966EB917D9466C
                                                                          SHA1:2AEBB3198A7212931533833F690600B50860EF81
                                                                          SHA-256:6CDF28B205DEB5ECB103641249E70E0AF85024C0A52C48BE1FFBE5A6A3933462
                                                                          SHA-512:E0B613DCCAD3BF065919BB4DFD74C52BE338CB626703B993BC5453B5770AEEEF1BF37754B4560054BF67646174EC529A247F5D964B493146243BB7A89B845F08
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ISZ......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VSZ......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VSZ......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VSZ............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............2......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Feb 19 00:05:37 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                          Category:dropped
                                                                          Size (bytes):2677
                                                                          Entropy (8bit):4.000255638708377
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:04FC6636AD1AA6EC5DC639F880D8A2E1
                                                                          SHA1:54E45F84590D87074B27238A87059726271287D3
                                                                          SHA-256:802AEF3693FB5CFA658CBD06669A6BAA06F6FE57AA555CBB97F0600D4ABACD29
                                                                          SHA-512:F9756236A239B7D40C5AF4DA4D8F3E98E7AB5A1E7563FD944F80176BE28A1EC98257B7AE3C45E450B9BDA58F30E514E03ACDD324A5638B8E83FB2D36C2E57C9D
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:L..................F.@.. ...$+.,.......bj...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ISZ......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VSZ......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VSZ......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VSZ............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VSZ.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............2......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Feb 19 00:05:37 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                          Category:dropped
                                                                          Size (bytes):2677
                                                                          Entropy (8bit):3.9841381149837973
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:7B719BD248E9D2E588E6A3543A4D3322
                                                                          SHA1:CC9E69DCD502034A1CCE1A1975F1EBE6163B6BEC
                                                                          SHA-256:62446DB15BE8E7601A264560832D8A85597A8C7AD08D4AC4A72A822EA5B78B19
                                                                          SHA-512:13CC2BF6790D41DD529724E0D15624AAB531393901F2629D52754E79E37890D182974C7F45998037526EF6227839EF38F7434B098264764AD9CB26704E7B10B7
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:L..................F.@.. ...$+.,....}C.cj...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ISZ......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VSZ......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VSZ......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VSZ............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VSZ.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............2......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Feb 19 00:05:37 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                          Category:dropped
                                                                          Size (bytes):2679
                                                                          Entropy (8bit):3.998784468001258
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:A22839D26DF472B2219EE2F85516009E
                                                                          SHA1:641CB3D798D4A86958B12891068B5F5507AC20F3
                                                                          SHA-256:B383627915DBFBBBFA0DF34FD2CFE27F5776008007B662D0560993CBA2AA1313
                                                                          SHA-512:4DE1113F59C09ED4B6A6C79BCFF4AE009C125925D05F65AC0B763748CCA2F2B3E3DF73F48D2AF456924C7F2F80E12CBD293712572AADA62223F0EDA438775C94
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:L..................F.@.. ...$+.,......bj...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ISZ......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VSZ......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VSZ......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VSZ............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VSZ.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............2......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                          C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1034778216\_metadata\verified_contents.json

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):1778
                                                                          Entropy (8bit):6.02086725086136
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:3E839BA4DA1FFCE29A543C5756A19BDF
                                                                          SHA1:D8D84AC06C3BA27CCEF221C6F188042B741D2B91
                                                                          SHA-256:43DAA4139D3ED90F4B4635BD4D32346EB8E8528D0D5332052FCDA8F7860DB729
                                                                          SHA-512:19B085A9CFEC4D6F1B87CC6BBEEB6578F9CBA014704D05C9114CFB0A33B2E7729AC67499048CB33823C884517CBBDC24AA0748A9BB65E9C67714E6116365F1AB
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiJHb29nbGUuV2lkZXZpbmUuQ0RNLmRsbCIsInJvb3RfaGFzaCI6Im9ZZjVLQ2Z1ai1MYmdLYkQyWFdBS1E5Nkp1bTR1Q2dCZTRVeEpGSExSNWMifSx7InBhdGgiOiJtYW5pZmVzdC5qc29uIiwicm9vdF9oYXNoIjoiYk01YTJOU1d2RkY1LW9Tdml2eFdqdXVwZ05pblVGakdPQXRrLTBJcGpDZyJ9XSwiZm9ybWF0IjoidHJlZWhhc2giLCJoYXNoX2Jsb2NrX3NpemUiOjQwOTZ9XSwiaXRlbV9pZCI6Im5laWZhb2luZGdnZmNqaWNmZmtncG1ubHBwZWZmYWJkIiwiaXRlbV92ZXJzaW9uIjoiMS4wLjI3MzguMCIsInByb3RvY29sX3ZlcnNpb24iOjF9","signatures":[{"header":{"kid":"publisher"},"protected":"eyJhbGciOiJSUzI1NiJ9","signature":"KTPeHzS0ybFaz3_br3ASYWHjb6Ctul92067u2JMwtNYYm-4KxLiSkJZNBIzhm6hNSEW2p5kUEvHD0TjhhFGCZnWm9titj2bqJayCOAGxZb5BO74JJCRfy5Kwr1KSS4nvocsZepnHBmCiG2OV3by-Lyf1h1uU3X3bDfD92O0vJzrA8rwL2LrwIk-BolLo5nlM0I_MZwg8DhZ8SFBu9GGRVB2XrailDrv4SgupFE9gqA1HY6kjRjoyoAHbRRxZdBNNt9IKNdxNyaF9NcNRY8dAedNQ9Tw3YNp5jB7R9lcjO4knn58RdH2h_GiJ4l96StcXA4e7cqbJ77P-c

                                                                          C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1034778216\manifest.fingerprint

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with no line terminators
                                                                          Category:dropped
                                                                          Size (bytes):66
                                                                          Entropy (8bit):3.974403644129192
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:D30A5BBC00F7334EEDE0795D147B2E80
                                                                          SHA1:78F3A6995856854CAD0C524884F74E182F9C3C57
                                                                          SHA-256:A08C1BC41DE319392676C7389048D8B1C7424C4B74D2F6466BCF5732B8D86642
                                                                          SHA-512:DACF60E959C10A3499D55DC594454858343BF6A309F22D73BDEE86B676D8D0CED10E86AC95ECD78E745E8805237121A25830301680BD12BFC7122A82A885FF4B
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:1.c900ba9a2d8318263fd43782ee6fd5fb50bad78bf0eb2c972b5922c458af45ed

                                                                          C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1034778216\manifest.json

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):145
                                                                          Entropy (8bit):4.595307058143632
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:BBC03E9C7C5944E62EFC9C660B7BD2B6
                                                                          SHA1:83F161E3F49B64553709994B048D9F597CDE3DC6
                                                                          SHA-256:6CCE5AD8D496BC5179FA84AF8AFC568EEBA980D8A75058C6380B64FB42298C28
                                                                          SHA-512:FB80F091468A299B5209ACC30EDAF2001D081C22C3B30AAD422CBE6FEA7E5FE36A67A8E000D5DD03A30C60C30391C85FA31F3931E804C351AB0A71E9A978CC0F
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:{. "manifest_version": 2,. "name": "windows-mf-cdm",. "version": "1.0.2738.0",. "accept_arch": [. "x64",. "x86_64",. "x86_64h". ].}

                                                                          C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1416503629\LICENSE

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text
                                                                          Category:dropped
                                                                          Size (bytes):473
                                                                          Entropy (8bit):4.388167319950301
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:F6719687BED7403612EAED0B191EB4A9
                                                                          SHA1:DD03919750E45507743BD089A659E8EFCEFA7AF1
                                                                          SHA-256:AFB514E4269594234B32C873BA2CD3CC8892E836861137B531A40A1232820C59
                                                                          SHA-512:DD14A7EAE05D90F35A055A5098D09CD2233D784F6AC228B5927925241689BFF828E573B7A90A5196BFDD7AAEECF00F5C94486AD9E3910CFB07475FCFBB7F0D56
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:Google LLC and its affiliates ("Google") own all legal right, title and.interest in and to the content decryption module software ("Software") and.related documentation, including any intellectual property rights in the.Software. You may not use, modify, sell, or otherwise distribute the Software.without a separate license agreement with Google. The Software is not open.source software...If you are interested in licensing the Software, please contact.www.widevine.com.

                                                                          C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1416503629\_metadata\verified_contents.json

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):1550
                                                                          Entropy (8bit):5.9461543350675905
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:98B310FC33843D771DA0089FA155EDB2
                                                                          SHA1:5690A43F43673B947EB4C433CB4F5488A287E29C
                                                                          SHA-256:28F09A4AF935D2894689CC00658D597257422CAFF20A01055EFD8E78AD5E829F
                                                                          SHA-512:E76830974EA54C94E857179CA0DA893E088034367CA5C33E71C1016B788E737D65AB49AD9A9E6FEB85385B963AF5C13DB0A91E3F3072AC91600E91A1CEA0AB6F
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiJMSUNFTlNFIiwicm9vdF9oYXNoIjoicjdVVTVDYVZsQ05MTXNoenVpelR6SWlTNkRhR0VUZTFNYVFLRWpLQ0RGayJ9LHsicGF0aCI6Il9wbGF0Zm9ybV9zcGVjaWZpYy93aW5feDY0L3dpZGV2aW5lY2RtLmRsbCIsInJvb3RfaGFzaCI6IjIyaDRkdGc4WEx5b2pnb3h3STdVUWppQTRXZ1ZMSFg1YV9oWVZaTFpBNUEifSx7InBhdGgiOiJfcGxhdGZvcm1fc3BlY2lmaWMvd2luX3g2NC93aWRldmluZWNkbS5kbGwuc2lnIiwicm9vdF9oYXNoIjoiMDJOMUd3N2toUmZhRzFiQmZfelhqZFZfSmJDU3NKaDVabjJ4QXpnSGRpRSJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiJKYWNDM1ZPSnpIc0hmR3RPQnNINjJiM3FkS25EZEZNNGlZYlFrOEozMkNjIn1dLCJmb3JtYXQiOiJ0cmVlaGFzaCIsImhhc2hfYmxvY2tfc2l6ZSI6NDA5Nn1dLCJpdGVtX2lkIjoib2ltb21wZWNhZ25hamRlamdubmppam9iZWJhZWlnZWsiLCJpdGVtX3ZlcnNpb24iOiI0LjEwLjI4MzAuMCIsInByb3RvY29sX3ZlcnNpb24iOjF9","signatures":[{"header":{"kid":"publisher"},"protected":"eyJhbGciOiJSUzI1NiJ9","signature":"KnESAO6ts6E14P0aoVwC_yghkUn7_i9PCMh0NvK44eLJL04dv

                                                                          C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1416503629\_platform_specific\win_x64\widevinecdm.dll

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                          Category:dropped
                                                                          Size (bytes):19236784
                                                                          Entropy (8bit):7.70214269860876
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:9D76604A452D6FDAD3CDAD64DBDD68A1
                                                                          SHA1:DC7E98AD3CF8D7BE84F6B3074158B7196356675B
                                                                          SHA-256:EB98FA2CFE142976B33FC3E15CF38A391F079E01CF61A82577B15107A98DEA02
                                                                          SHA-512:EDD0C26C0B1323344EB89F315876E9DEB460817FC7C52FAEDADAD34732797DAD0D73906F63F832E7C877A37DB4B2907C071748EDFAD81EA4009685385E9E9137
                                                                          Malicious:false
                                                                          Antivirus:
                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                          Reputation:unknown
                                                                          Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....Gf.........." ......o.........P.l......................................p].....c.%...`A..........................................!.......!...... ]......`[..$...f%..!...0].0:....!.8.....................!.(...`cp.@...........p.!..............................text.....o.......o................. ..`.rdata..x.....o.......o.............@..@.data...pv8...".......".............@....pdata...$...`[..&....#.............@..@.00cfg..0.....\.......$.............@..@.gxfg... (....\..*....$.............@..@.retplne......\.......%..................rodata.......\.......%............. ..`.tls..........\.......%.............@..._RDATA..\.....]...... %.............@..@malloc_h......]......"%............. ..`.rsrc........ ]......$%.............@..@.reloc..0:...0]..<...*%.............@..B................................................................................................

                                                                          C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1416503629\_platform_specific\win_x64\widevinecdm.dll.sig

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:data
                                                                          Category:dropped
                                                                          Size (bytes):1427
                                                                          Entropy (8bit):7.572464059652219
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:A19EC48B4B28F3AA9C32150DCA8C0E39
                                                                          SHA1:02981E40B643C2A987D47BF58F42B7F3CA5AAF07
                                                                          SHA-256:D363751B0EE48517DA1B56C17FFCD78DD57F25B092B09879667DB10338077621
                                                                          SHA-512:718A24E1FB45AB0FD3DB5A5C45B0E0061D9061D8615E2A8D6DB2150BF72267E96774094A6FC07A250D5BBBC5133A1CB635D8F7ADC5B1751FA99327FCE9555941
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:....0...0...........6cd/+J.v{..B...0...*.H........0}1.0...U....US1.0...U....Washington1.0...U....Kirkland1.0...U....Google1.0...U....Widevine1"0 ..U....widevine-codesign-root-ca0...171013173909Z..271011173909Z0y1.0...U....US1.0...U....Washington1.0...U....Kirkland1.0...U....Google1.0...U....Widevine1.0...U....widevine-vmp-codesign0.."0...*.H.............0.........2F..8.e..-....$r...{^........0.%.HA...sA"D.q.=6...#.J.N.......&..k;.+...<xF.......B8.)S....o..|Ci.F.A6....J.......Y..4..{.5u.9N...=...#.M..s.F!j.f%&ld.R...?!Ot@......#.f..O..[.V.p0y....+...S.].....M.=.9...>.. ........>.:....1tl.....`D/c..j..........0..0...U......L...cC.E..R.n...$.0...U.#..0....=..tW....!.B.#U).0...U....0.0...U........0...U.%..0...+.......0...+.....y........0...*.H.............g.."..[..t{.4~.,.G....4K.....(x$...} .*...N..b|d......h..u6?.L.(&.Oup...$!...4R. 5.-...s...K/..U[..[.+.sAX*.~...^0..ba>;.#....x...b.-1...E..l....S.n.a....)U .q..C>d:...<[..F5...7...[.-.l}.T Lc.X..Qf...z..:.Q..e.m

                                                                          C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1416503629\manifest.fingerprint

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with no line terminators
                                                                          Category:dropped
                                                                          Size (bytes):66
                                                                          Entropy (8bit):3.9232676497295262
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:5BFBCC6E7AA3E9C1570C5C73F38FA8EA
                                                                          SHA1:497BAFA5658C6CE8C8010D12F104EEBEC7A1BAE2
                                                                          SHA-256:84470096167EA43C0880B39FE44B42F552014E4F85B66805C2935C542BA3CB8E
                                                                          SHA-512:41BBED6CC317FF190189D63D6D5910D30E23A5160E5FF5F635FF408AAB13452DA8174556D7120DB176701435A3329A93A7450583404D56C34A37B67F1A332EDC
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:1.567f5df81ea0c9bdcfb7221f0ea091893150f8c16e3012e4f0314ba3d43f1632

                                                                          C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_1416503629\manifest.json

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):1001
                                                                          Entropy (8bit):4.774546324439748
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:2FF237ADBC218A4934A8B361BCD3428E
                                                                          SHA1:EFAD279269D9372DCF9C65B8527792E2E9E6CA7D
                                                                          SHA-256:25A702DD5389CC7B077C6B4E06C1FAD9BDEA74A9C37453388986D093C277D827
                                                                          SHA-512:BAFD91699019AB756ADF13633B825D9D9BAE374CA146E8C05ABC70C931D491D421268A6E6549A8D284782898BC6EB99E3017FBE3A98E09CD3DFECAD19F95E542
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:{. "manifest_version": 2,. "update_url": "https://clients2.google.com/service/update2/crx",. "name": "WidevineCdm",. "description": "Widevine Content Decryption Module",. "version": "4.10.2830.0",. "minimum_chrome_version": "68.0.3430.0",. "x-cdm-module-versions": "4",. "x-cdm-interface-versions": "10",. "x-cdm-host-versions": "10",. "x-cdm-codecs": "vp8,vp09,avc1,av01",. "x-cdm-persistent-license-support": true,. "x-cdm-supported-encryption-schemes": [. "cenc",. "cbcs". ],. "icons": {. "16": "imgs/icon-128x128.png",. "128": "imgs/icon-128x128.png". },. "platforms": [. {. "os": "win",. "arch": "x64",. "sub_package_path": "_platform_specific/win_x64/". },. {. "os": "win",. "arch": "x86",. "sub_package_path": "_platform_specific/win_x86/". },. {. "os": "win",. "arch": "arm64",. "sub_package_path": "_platform_specific/win_arm64/". }. ],. "accept_arch": [. "x64",. "x86_64",. "x86_64h". ].

                                                                          C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_576443262\LICENSE

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text
                                                                          Category:dropped
                                                                          Size (bytes):1558
                                                                          Entropy (8bit):5.11458514637545
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:EE002CB9E51BB8DFA89640A406A1090A
                                                                          SHA1:49EE3AD535947D8821FFDEB67FFC9BC37D1EBBB2
                                                                          SHA-256:3DBD2C90050B652D63656481C3E5871C52261575292DB77D4EA63419F187A55B
                                                                          SHA-512:D1FDCC436B8CA8C68D4DC7077F84F803A535BF2CE31D9EB5D0C466B62D6567B2C59974995060403ED757E92245DB07E70C6BDDBF1C3519FED300CC5B9BF9177C
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:// Copyright 2015 The Chromium Authors. All rights reserved..//.// Redistribution and use in source and binary forms, with or without.// modification, are permitted provided that the following conditions are.// met:.//.// * Redistributions of source code must retain the above copyright.// notice, this list of conditions and the following disclaimer..// * Redistributions in binary form must reproduce the above.// copyright notice, this list of conditions and the following disclaimer.// in the documentation and/or other materials provided with the.// distribution..// * Neither the name of Google Inc. nor the names of its.// contributors may be used to endorse or promote products derived from.// this software without specific prior written permission..//.// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS.// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT.// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR.// A PARTICULAR

                                                                          C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_576443262\_metadata\verified_contents.json

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):1864
                                                                          Entropy (8bit):6.016071477261241
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:C763E190E16A6AB7278BCD19A87EE814
                                                                          SHA1:80387096F161B93A1E2BFE5D0DC4A3F03253C17B
                                                                          SHA-256:D0B9603572E0EA17449A0EAEE36DD1BCC034F01B27852E4A47B16BB2CD718C47
                                                                          SHA-512:CEB9CA402DF3A3D836AEFD2BE8C6137F306660A2F9BBFE491467A45F797CEB58BDAB5985FA4E896B719FA4644F6F9A7BF4E18EF098663E8AF4D61972BEDA414A
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiJMSUNFTlNFIiwicm9vdF9oYXNoIjoiUGIwc2tBVUxaUzFqWldTQnctV0hIRkltRlhVcExiZDlUcVkwR2ZHSHBWcyJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiJxeGI0QVFNLUZOa2RyZEhBNUMzREJjTHRCb1B6X2p6M2RQMWxwNzlYUUE4In0seyJwYXRoIjoic2V0cy5qc29uIiwicm9vdF9oYXNoIjoiUmNuMkdaOUo2VmZVaE05VkxmaXRwbTJSRTFjd2E2QmRtTTZxTXhHSVRBOCJ9XSwiZm9ybWF0IjoidHJlZWhhc2giLCJoYXNoX2Jsb2NrX3NpemUiOjQwOTZ9XSwiaXRlbV9pZCI6ImdvbnBlbWRna2pjZWNkZ2JuYWFiaXBwcGJtZ2ZnZ2JlIiwiaXRlbV92ZXJzaW9uIjoiMjAyNS4yLjEyLjAiLCJwcm90b2NvbF92ZXJzaW9uIjoxfQ","signatures":[{"header":{"kid":"publisher"},"protected":"eyJhbGciOiJSUzI1NiJ9","signature":"aTpzdRi_xiuaKaWwRYfy_Yr5ZTfo_lptoFSXyG3jKaARbgHpO9uH_VYBl5_U1-CioAoUdRmQY_LzdxXBXIIUKl1nOiFkPK4WWWkhK_Ddnem_R0tmUoMFYfaIwu5BvZG2m76_K0GF7L17W0qIP1A1KtK5y_vWJ21LJOkEV8bugpE_yE-VBxLUrAdQYV8jWGBbt6Me-60g9f9swMPalRz1DhixbOzdnUTY8UNx84OAnW29uVVxp0Dk-S-

                                                                          C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_576443262\manifest.fingerprint

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with no line terminators
                                                                          Category:dropped
                                                                          Size (bytes):66
                                                                          Entropy (8bit):3.8839822796016237
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:29C67C9443BA1281E826D6994B89A2ED
                                                                          SHA1:57DB143FAA3476F1575EB778539F6984C701D047
                                                                          SHA-256:5F7886667309D2C54F7121541D0DE1C8097E10B6D9BBB3926C2BCC538DFC3210
                                                                          SHA-512:212C93D94E97C397E23A9A71DC0975A9A4049EC27A2E22F2B2DE272624351D13E425647D010DB41228B6A12ADDA85DBB16AD6CF381EA2EC93ED4ED6926A911B0
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:1.ca4b57e7736ca30dcc3245eb2e2d03f79f739a7864fcacc3b31ac08a67e3a1b9

                                                                          C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_576443262\manifest.json

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):85
                                                                          Entropy (8bit):4.405077845741412
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:5CADF08593AC029AE32BCEEB0817D249
                                                                          SHA1:6A3BC9ECF1EF7BD5B34933382B5FF6DEFD12E20F
                                                                          SHA-256:AB16F801033E14D91DADD1C0E42DC305C2ED0683F3FE3CF774FD65A7BF57400F
                                                                          SHA-512:2FBAE0417DC0D86CC631C38ECC44684D356AD707D8F1A21899EB3A82376A6D76EEA88697B0C6DE180C60FFC43B062C7ACEA71D35E120600EB9A1AC992F5EF858
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:{. "manifest_version": 2,. "name": "First Party Sets",. "version": "2025.2.12.0".}

                                                                          C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5552_576443262\sets.json

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):9911
                                                                          Entropy (8bit):4.629482317597247
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:A37E1072FA7492570CDBD9E27A629C1A
                                                                          SHA1:B5D56FADC8824351C34C0C6E85151FD8FD7CC3E3
                                                                          SHA-256:B9671DF54E93450E6805481DD78D34B866BAF3FD1269C1358CC273DA33B69CEE
                                                                          SHA-512:6372E18C9551E16EC6F879C4300509464AFA52AB5A033F54117E498B80FF3C4F21AD0CD1BD2ECFB081565597FE0E83BD86364529698F7B1A03BF6201BE7D5D35
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:{"primary":"https://bild.de","associatedSites":["https://welt.de","https://autobild.de","https://computerbild.de","https://wieistmeineip.de"],"serviceSites":["https://www.asadcdn.com"]}.{"primary":"https://blackrock.com","associatedSites":["https://blackrockadvisorelite.it","https://cachematrix.com","https://efront.com","https://etfacademy.it","https://ishares.com"]}.{"primary":"https://cafemedia.com","associatedSites":["https://cardsayings.net","https://nourishingpursuits.com"]}.{"primary":"https://caracoltv.com","associatedSites":["https://noticiascaracol.com","https://bluradio.com","https://shock.co","https://bumbox.com","https://hjck.com"]}.{"primary":"https://carcostadvisor.com","ccTLDs":{"https://carcostadvisor.com":["https://carcostadvisor.be","https://carcostadvisor.fr"]}}.{"primary":"https://citybibleforum.org","associatedSites":["https://thirdspace.org.au"]}.{"primary":"https://cognitiveai.ru","associatedSites":["https://cognitive-ai.ru"]}.{"primary":"https://datasign.jp","as

                                                                          Chrome Cache Entry: 121

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Web Open Font Format (Version 2), TrueType, length 7840, version 1.0
                                                                          Category:downloaded
                                                                          Size (bytes):7840
                                                                          Entropy (8bit):7.967369628682015
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:8D91EC1CA2D8B56640A47117E313A3E9
                                                                          SHA1:A9E9BAFE64666F4595051A0E895B47A5FA39E67E
                                                                          SHA-256:78BC3AA78FAEC288BBB3BF26C9A0FA4EB67B1E69DA94A17233C5CAB60525EFDB
                                                                          SHA-512:BD3A864BD45F39EE83EE79BA4469A156AD8FF3DD33D8AAE11E3EDD97B29C2EF7F610AC851726041251E34B0108F618A2F945038BF6C0DE9A7982E0D643CDFCFB
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
                                                                          Preview:wOF2..............?....M.............................`..T....h..6..6.$..h. ..B.....2EF.....d+.U......t........F.h!....9e..'..\Wf[..feB......t...V3.d..?B.S.D..d..=.bKB........p..G.bI.z...5.<.'.D.U,D..3.....^...m..\Z5....-....O.....V.ko.....*.e./".........p.d.......2.4...o..P'.h.\..2VAX}.8.....N5.[...3.>....So.eb......#jZm6....>.% ....,[......+.~..Z..;..'.._....6/.o.-..B...pw)Y.*.X.VT4..ES.L..,S..t:'.t.....ex<..[........Al6..a....#...Q._...k..J8}Vo....9..Mzh.&...p$.a.a..e\.M..3u.....*N................H........}..E..^..cd.).K.G=.'...<.l.....S......%.....$.IL.I.....y.....3-...I..Tq.>?...m...{..w.....+........_..<H..}jA^t.?..>........W.0:= .D.$C.)m...^....Q.)8...x...i..'.A(..@r>.[..-....\..~..{...:......|.W...|.Z.o...)v!(&.....I../?8..jX.........2.gc...$)..v..Ph)".........W.].....\.]SdLox....#.k.y.;.....a(.-...7..G..j...{U.4...T....X....#L..y..VR..#.Hc..a..M.LZ.J\.E.....T^.+q.!.lo.....V.....>7F.t.)..Q.....VJe..~cF.....+.u..JX8e....p........

                                                                          Chrome Cache Entry: 122

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):662448
                                                                          Entropy (8bit):5.855429238034622
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:FCA378EB5E776CAF1334AB47258594AC
                                                                          SHA1:DAFE61E58CDEDC34109DBA7E9171F4AAB578E6E9
                                                                          SHA-256:59E24B78949F0A7F77E32B1DE0D14E754794F29C90958FC0976FBC9823309996
                                                                          SHA-512:AEA2243A659052F96D4354C88A2DB3DD0EFF669236E3F55771B21EAFD2925DF1AC5D47D9D19A4373F0A47DFB8A185AD3178871C4CBCAC9611E366748D95D9225
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://assets.squarespace.com/universal/scripts-compressed/common-vendors-8921de8f24d51c37e1bd-min.en-US.js
                                                                          Preview:(function() {var cs=Object.defineProperty,ls=Object.defineProperties;var fs=Object.getOwnPropertyDescriptors;var oi=Object.getOwnPropertySymbols;var ds=Object.prototype.hasOwnProperty,ms=Object.prototype.propertyIsEnumerable;var cn=(f,c)=>(c=Symbol[f])?c:Symbol.for("Symbol."+f);var ii=(f,c,o)=>c in f?cs(f,c,{enumerable:!0,configurable:!0,writable:!0,value:o}):f[c]=o,Nn=(f,c)=>{for(var o in c||(c={}))ds.call(c,o)&&ii(f,o,c[o]);if(oi)for(var o of oi(c))ms.call(c,o)&&ii(f,o,c[o]);return f},si=(f,c)=>ls(f,fs(c));var Gr=(f,c,o)=>new Promise((u,t)=>{var l=E=>{try{h(o.next(E))}catch(T){t(T)}},_=E=>{try{h(o.throw(E))}catch(T){t(T)}},h=E=>E.done?u(E.value):Promise.resolve(E.value).then(l,_);h((o=o.apply(f,c)).next())}),ln=function(f,c){this[0]=f,this[1]=c},ui=(f,c,o)=>{var u=(_,h,E,T)=>{try{var y=o[_](h),b=(h=y.value)instanceof ln,v=y.done;Promise.resolve(b?h[0]:h).then(p=>b?u(_==="return"?_:"next",h[1]?{done:p.done,value:p.value}:p,E,T):E({value:p,done:v})).catch(p=>u("throw",p,E,T))}catch(p){

                                                                          Chrome Cache Entry: 123

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                          Category:dropped
                                                                          Size (bytes):89739
                                                                          Entropy (8bit):5.154250600170183
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:19981E077894F46D4CA7B4BC089598A4
                                                                          SHA1:2708CCFF621EA41AC9A9FBBB8567209C79FFEB18
                                                                          SHA-256:DB668AF76B9091361E3FD6BEC46825BB542AF193AD7C6E6B84D54686BD29D521
                                                                          SHA-512:0905B4160B858C59192E8865B738286E169381D3597DB6F0CBA637589BE50F5B0931209229B900399F1063B84A41E0FE5972856D4D37DB56A4E8FBD88A4A6AFF
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:(()=>{var u={544791:(_,i,a)=>{var m={"./en.json":266331,"src/main/webapp/universal/node_modules/@sqs/i18n-cldr/packs/en.json":266331};function e(n){var r=o(n);return a(r)}function o(n){if(!a.o(m,n)){var r=new Error("Cannot find module '"+n+"'");throw r.code="MODULE_NOT_FOUND",r}return m[n]}e.keys=function(){return Object.keys(m)},e.resolve=o,_.exports=e,e.id=544791},266331:_=>{"use strict";_.exports=JSON.parse(`{"version":"1.9.2","cldr":"45.0.0","checksum":"aac66006","language":"en","defaultTag":"en-Latn-US","scripts":{"Latn":{"strings":"E_Afar_Abkhazian_Acehnese_Acoli_Adangme_Adyghe_Avestan_Tunisian Arabic_Afrikaans_Afrihili_Aghem_Ainu_Akan_Akkadian_Alabama_Aleut_Gheg Albanian_Southern Altai_Amharic_Aragonese_Old English_Angika_Arabic_Aramaic_Mapuche_Araona_Arapaho_Algerian Arabic_Najdi Arabic_Arawak_Moroccan Arabic_Egyptian Arabic_Assamese_Asu_American Sign Language_Asturian_Avaric_Kotava_Awadhi_Aymara_Azerbaijani_Bashkir_Baluchi_Balinese_Bavarian_Basaa_Bamun_Batak Toba_Ghomala_Belar

                                                                          Chrome Cache Entry: 124

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:SVG Scalable Vector Graphics image
                                                                          Category:downloaded
                                                                          Size (bytes):3202
                                                                          Entropy (8bit):4.236796532981122
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:7D2B8F25545A2894E2721E9FE528E34C
                                                                          SHA1:D0DAE76F4BF5C04ACD5FCDF1BCB12908099E328C
                                                                          SHA-256:797BDA35D13E5130FE5A14E0069C31B46EC1AF6EA47F2D300309803BB4D2608C
                                                                          SHA-512:FE1F84AF0BA1100B2A90EE6FBFBD3763EF34D1A3BF045345538302ECE7D37EAADC9A9CD0E09C2030E62B13A55E118A2417B27F14336C271758BFB3E256906385
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://res.cdn.office.net/assets/framework/microsoft.svg
                                                                          Preview:<svg id="MSLogo" width="99" height="22" xmlns="http://www.w3.org/2000/svg">..<g fill="none" fill-rule="evenodd">..<path fill="#737474"..d="m34.64 12.07-.58 1.65h-.04c-.1-.39-.28-.93-.56-1.63l-3.14-7.9h-3.08v12.56h2.03V9.03l-.03-1.7c-.01-.34-.05-.6-.06-.81h.05c.1.47.2.83.28 1.07l3.78 9.16h1.42l3.75-9.24c.08-.21.17-.62.25-1h.05c-.05.92-.1 1.76-.1 2.26v7.98h2.17V4.2h-2.96l-3.23 7.88z"../>..<path d="M0 20.96h98.15V0H0z" />..<path fill="#737474"..d="M42.87 16.75h2.11v-9h-2.11zm1.08-12.82c-.35 0-.66.12-.9.35a1.17 1.17 0 0 0-.38.88c0 .35.12.64.37.87.25.23.55.34.9.34s.67-.11.92-.34c.25-.23.38-.52.38-.86 0-.34-.13-.64-.37-.88a1.26 1.26 0 0 0-.92-.36m8.53 3.73a5.9 5.9 0 0 0-1.19-.12c-.97 0-1.83.2-2.57.62-.74.4-1.3 1-1.7 1.74a5.57 5.57 0 0 0-.01 4.9c.37.7.9 1.23 1.58 1.6.67.38 1.45.57 2.31.57 1.01 0 1.87-.2 2.56-.6l.03-.02v-1.94l-.1.07c-.3.23-.65.4-1.03.54a3.12 3.12 0 0 1-1.01.2c-.83 0-1.5-.26-1.98-.78a3 3 0 0 1-.73-2.14c0-.9.25-1.65.76-2.2a2.6 2.6 0 0 1 1.98-.81c.7 0 1.38.23 2.02.7l.09.06V8.01L5

                                                                          Chrome Cache Entry: 125

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (17630)
                                                                          Category:downloaded
                                                                          Size (bytes):18271
                                                                          Entropy (8bit):5.537765520612535
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:34D26947FF71A62A1387A37474715F67
                                                                          SHA1:B8859F1F86212FF10E5E1A13865DD53D8977BD5F
                                                                          SHA-256:024F22DDBEFCB79EC6FD341B54B4E9DE3B99425606AFEF2A279884050B77F99B
                                                                          SHA-512:5C1794222B3C3686D353E5AB95E863B3FE44CB57F27798E1FB80B700F08A969767206CBCED1ED87F463D4870E4A4A3D998C4327D5C76AAB22FFCB73E264F53F8
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://assets.squarespace.com/universal/scripts-compressed/async-gdpr-cookie-banner-1b1ff11b5ba53e1780d9-min.en-US.js
                                                                          Preview:(self.webpackChunkextract_css=self.webpackChunkextract_css||[]).push([[84467],{264667:(p,o)=>{"use strict";Object.defineProperty(o,"__esModule",{value:!0}),o.default=void 0;var t;(function(s){s.SUB_FOOTER="SUB_FOOTER",s.PILL="PILL",s.HIDDEN="HIDDEN"})(t||(t={}));var v=t;o.default=v,p.exports=o.default},845076:(p,o)=>{var t,v;/*!. Copyright (c) 2018 Jed Watson.. Licensed under the MIT License (MIT), see. http://jedwatson.github.io/classnames.*/(function(){"use strict";var s={}.hasOwnProperty;function S(){for(var i=[],g=0;g<arguments.length;g++){var u=arguments[g];if(u){var O=typeof u;if(O==="string"||O==="number")i.push(u);else if(Array.isArray(u)){if(u.length){var n=S.apply(null,u);n&&i.push(n)}}else if(O==="object")if(u.toString===Object.prototype.toString)for(var c in u)s.call(u,c)&&u[c]&&i.push(c);else i.push(u.toString())}}return i.join(" ")}p.exports?(S.default=S,p.exports=S):(t=[],v=function(){return S}.apply(o,t),v!==void 0&&(p.exports=v))})()},418008:(p,o,t)=>{var v="Expecte

                                                                          Chrome Cache Entry: 127

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text
                                                                          Category:downloaded
                                                                          Size (bytes):4007
                                                                          Entropy (8bit):5.3227077179046764
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:0CA8D1AFD327526FD46AE2C16200183F
                                                                          SHA1:71C00AD5624661FBD55E2B28AAB6323AD249A3E8
                                                                          SHA-256:21A427B0542EECB3D22300745DE6FCF2A4D7839E9F23AFA0AEBD4EABA719A5F5
                                                                          SHA-512:B3247A7D2CE647845DB3FC27D6223B6291504F852B6EA14C7D043F683D357539FB4B6A19BBFD4C2E33A0B4663C3797B73AD890F45C44BB11CF076881D212BB8A
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:"https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300"
                                                                          Preview:/* latin-ext */.@font-face {. font-family: 'Poppins';. font-style: italic;. font-weight: 300;. src: url(https://fonts.gstatic.com/s/poppins/v22/pxiDyp8kv8JHgFVrJJLm21lVGdeOcEg.woff2) format('woff2');. unicode-range: U+0100-02BA, U+02BD-02C5, U+02C7-02CC, U+02CE-02D7, U+02DD-02FF, U+0304, U+0308, U+0329, U+1D00-1DBF, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;.}./* latin */.@font-face {. font-family: 'Poppins';. font-style: italic;. font-weight: 300;. src: url(https://fonts.gstatic.com/s/poppins/v22/pxiDyp8kv8JHgFVrJJLm21lVF9eO.woff2) format('woff2');. unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+0304, U+0308, U+0329, U+2000-206F, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;.}./* latin-ext */.@font-face {. font-family: 'Poppins';. font-style: normal;. font-weight: 300;. src: url(https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLDz8Z1JlFc-K.woff2) format('w

                                                                          Chrome Cache Entry: 128

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):229720
                                                                          Entropy (8bit):5.618694903866853
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:89351B76769E7D5F6B5D29DB2B5C6845
                                                                          SHA1:4FC0882EC85BF4CF1228CEFBD521ECA001A7BCCC
                                                                          SHA-256:08A5270BF6A44C9BD109CF1DEAF1F757149609469EC93C571EDAD8E2FB031814
                                                                          SHA-512:0C3BE364D31BB19FEB412AF3FD0E8BD3443E740EF63BD036A9B25BCF95C63836B28BB564AACB7C17368C32CF37427DE630BFED23B7D67CBB4CF101F232DADDD7
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://assets.squarespace.com/universal/scripts-compressed/user-account-core-d80e9a3c45e2451dcc03-min.en-US.js
                                                                          Preview:(self.webpackChunkextract_css=self.webpackChunkextract_css||[]).push([[73657,88978,38903,80660,21990,49323],{420409:(P,t)=>{"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var e;(function(a){a.CUSTOMER_NOTIFICATION="customer_notification",a.MEMBER_AREA_ACCESS_PAGE="member_area_access_page",a.MEMBER_AREA_BLOCK="member_area_block",a.MEMBER_IMPORT_LINK="member_import_link",a.OTP_MEMBERSHIP_PURCHASE="otp_membership_purchase",a.ORDER_CONFIRMATION_PAGE="order_confirmation_page",a.ORDER_STATUS_PAGE="order_status_page",a.PAYWALL_PAGE="paywall_page",a.SIGNUP="signup"})(e||(e={}));var l=e;t.default=l,P.exports=t.default},85110:(P,t)=>{"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var e;(function(a){a.BEFORE_ENROLLMENT_DATES_PERIOD=1,a.AFTER_ENROLLMENT_DATES_PERIOD=2})(e||(e={}));var l=e;t.default=l,P.exports=t.default},47963:(P,t)=>{"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var e;(function(a){a.C

                                                                          Chrome Cache Entry: 131

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (13233)
                                                                          Category:downloaded
                                                                          Size (bytes):13406
                                                                          Entropy (8bit):5.525251224123568
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:10A139E00B77152F126BE387F5C57DE0
                                                                          SHA1:3D2702577D4695066D13CAB041DACA159D0EA398
                                                                          SHA-256:F83C1CDB8D1B801FFCC9C1069E513D7B4DAE033CD39AAFE0BC36F63253A201ED
                                                                          SHA-512:F07C8C44AE8A09E8128F283042129013CA6A81235F964456C950829308AE8A1907163563CC8517740E9C0E7162FFF1C99C93844483B5896B1451226401D271EE
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://assets.squarespace.com/universal/scripts-compressed/2775-0e66db97f5a873a38d07-min.en-US.js
                                                                          Preview:(self.webpackChunkextract_css=self.webpackChunkextract_css||[]).push([[2775],{26666:l=>{l.exports={"2a55ca78e8124468fd12f5631b591477":"Cookie banner","5c9e9d0cbf6046deb40eaa0a5c1722df":"These cookies provide quantitative measures of website visitors. With the usage of these cookies we are able to count visits and traffic sources to improve the performance of our site.","5d34f2ee7358fc231e5c0fb44bb6194d":"Close","67db752e6310686617e98c22c85b3963":"Necessary","6bf1c5ed97ddc6828e7cd5159df2a240":"Performance and Analytics","74472054366bb6c5316e7afadad1093e":"These cookies are used by advertising companies to serve ads that are relevant to your interests.","7f55fe8fa38cccf52495082b8a3b514e":"Required to enable core site functionality and to remember user preferences and choices, such as language preferences or customized settings.",ab24934bbb24336ecf14f4c74753cb74:"On",b14f9710c8c55c42330cec28b8e5a412:"Manage previously selected cookie options",bd5b0ea753d0acb71633f9924dd99e2e:"Advertising"

                                                                          Chrome Cache Entry: 132

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):1459325
                                                                          Entropy (8bit):4.898343732670476
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:F76717074F84C26F3E8535641AE4A334
                                                                          SHA1:80782AC0DF31FF85C6E17ED5B55C27473D21BC2D
                                                                          SHA-256:44B3B00C9F326747E0B179F2A42D5484B525108CD5EDB7B71399C868F1E9F47B
                                                                          SHA-512:ED1184D389F0B1004E080AF3B55ADE659EBF4E9F9F0CF45919AB31733A2AAD138DFD964199771AB97CED7A84F06FF4D021CBC286C233700B36807E4585591919
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://static1.squarespace.com/static/versioned-site-css/672d28f572bca453f1036bff/2/5c5a519771c10ba3470d8101/672d28f572bca453f1036c0b/1613/site.css
                                                                          Preview::root{--accent-hsl:204.39,79.49%,38.24%;--black-hsl:0,0%,0%;--darkAccent-hsl:209.23,52.7%,70.98%;--lightAccent-hsl:240,10.53%,92.55%;--safeDarkAccent-hsl:204.39,79.49%,38.24%;--safeInverseAccent-hsl:0,0%,100%;--safeInverseDarkAccent-hsl:0,0%,100%;--safeInverseLightAccent-hsl:0,0%,100%;--safeLightAccent-hsl:204.39,79.49%,38.24%;--white-hsl:0,0%,100%}:root{--course-item-nav-text-color:hsla(var(--black-hsl),1);--tweak-blog-item-pagination-icon-color:hsla(var(--black-hsl),1);--tweak-summary-block-read-more-color-on-background:hsla(var(--black-hsl),1);--tweak-quote-block-source-color-on-background:hsla(var(--black-hsl),1);--paragraphSmallColor:hsla(var(--black-hsl),1);--list-section-simple-button-background-color:hsla(var(--safeDarkAccent-hsl),1);--gradientHeaderBorderColor:hsla(var(--black-hsl),1);--tweak-summary-block-header-text-color-on-background:hsla(var(--black-hsl),1);--tweak-summary-block-background-color:hsla(var(--lightAccent-hsl),1);--tweak-blog-alternating-side-by-side-list-rea

                                                                          Chrome Cache Entry: 134

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Web Open Font Format (Version 2), CFF, length 19708, version 1.0
                                                                          Category:downloaded
                                                                          Size (bytes):19708
                                                                          Entropy (8bit):7.989090487633814
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:E7A90585767A939A080E168CF1A51638
                                                                          SHA1:54A94247DAAE158036416B4D2F21B26F70862C29
                                                                          SHA-256:A3283838EF4976DCBA844FB7C4CF8C454E7680BACA21C597D3DD97DB1A9E2492
                                                                          SHA-512:408922F945EEC830BF68D781F2EEAB209E401C9E75A1AF855E9D0B9CF6F851304B3668124F571FFEF9A3B8128DB60FAC980EAEEDDDFB3DB336F5037D885D8DD4
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://use.typekit.net/af/5de54d/00000000000000007735d404/30/l?subset_id=2&fvd=n7&v=3
                                                                          Preview:wOF2OTTO..L.......|...L..........................:..A?DYNA..?GDYN....b.`..~.6.$..L....o. ..{...8..t..jR......pS.?...o.......G.0...=Ig[I.T"........,..V.....T..h*'.?O..@.7..0H.~7...-M......i1+..E.......[...7.....J.)..v....[...6=..;.f.......n.$H....KG#....`..XH.!`..V....c..X*1.4u.|..y\...2.Ir.......C."JE...T..B.CM.F..U}...K..].oz....I^T..z{.."..._.N...)...n .....l......+......81D.!...f.R0..M........]..?......0...e...R.[....Tm.\....r.Re.u.]%....-.?.W"..N.+..|.....B.+..."..)9.X.T.j.N...M....N*.;w.i\..c.{.."...,1[..m...wv...<.k<.......r"4..xRi.....p%4M........P...H..r..H.@.f.J.L...j.t.......^P.T.i..}Yek..j.w...T...43..x.C.0..u.........t..0.F.......X.Y..C.N..p.3U(.(.Ff.z.........O.....>c..C..s..v.D...._jQ$.L......F.y2S.SB...j.ub....X.)22..ya..Y....D...K.*...V."##Q.zC..jKo.%*...d..P.M:H.F..:ld....N......2.:'=w..K......U..v....x...#..c.#.....'....~...g...b...6.Mbk.Z.`>.Y..a.....}g?X%v......@..30.....5Fh..~......7.nM..Yg.../....o..R...._8...N..u.s....c.D>..p

                                                                          Chrome Cache Entry: 138

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:HTML document, ASCII text, with very long lines (17793)
                                                                          Category:downloaded
                                                                          Size (bytes):19227
                                                                          Entropy (8bit):3.7245029149034568
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:D84ED44F88A14A0ACD9EE2CC2DD7642A
                                                                          SHA1:A7A8B4F3CBC113EFCFAF91E164D982FDAA18F2EF
                                                                          SHA-256:F526382AB00715B4B8FD5FF91AD5A8B28FF00EF36794E870180EA321EBCAFD1B
                                                                          SHA-512:63A37AB73B0709C647109DE5B7C94069B57E73F72956CC8508AF81B694675E1D9AA322567552EFB37FFD759D1400169FE8ABBFB834477BAF78BA5CF3ED6A6175
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.com
                                                                          Preview:<!DOCTYPE html>.<html>.<head>.<meta charset="utf-8" />.<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />.<meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" />.<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />.<meta name="robots" content="noindex, nofollow" />. Start: Ad code and script tags for header of page -->. End: Ad code and script tags for header of page -->.<script type="text/javascript" charset="utf-8" data-cfasync="false">eval(decodeURIComponent(escape('\x28\x66\x75\x6E\x63\x74\x69\x6F\x6E\x28\x29\x7B\x0A\x20\x20\x20\x20\x20\x20\x20\x20\x76\x61\x72\x20\x61\x20\x3D\x20\x66\x75\x6E\x63\x74\x69\x6F\x6E\x28\x29\x20\x7B\x74\x72\x79\x7B\x72\x65\x74\x75\x72\x6E\x20\x21\x21\x77\x69\x6E\x64\x6F\x77\x2E\x61\x64\x64\x45\x76\x65\x6E\x74\x4C\x69\x73\x74\x65\x6E\x65\x72\x7D\x20\x63\x61\x74\x63\x68\x28\x65\x29\x20\x7B\x72\x65\x74\x75\x72\x6E\x20\x21\x31\x7D\x20\x7D\x2C\x0A\x20\x20\x20\x20\x20\x20\x20\x20\x62\x20\x3

                                                                          Chrome Cache Entry: 140

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
                                                                          Category:downloaded
                                                                          Size (bytes):7748
                                                                          Entropy (8bit):7.975193180895361
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:A09F2FCCFEE35B7247B08A1A266F0328
                                                                          SHA1:0DA2D17E738F46D2A09E6FB7969DA451719A9820
                                                                          SHA-256:CD36DE204ACA2D5FA263A731F7C20009B5E3D754BA1F1E03C33E93A48F3E7446
                                                                          SHA-512:5E3F9A298003B84250EC6801E08AD2A4FF8845D4C3E13EA61BEC37DA24D26EDE13B436257882124CC0C27E9A323BA92E7D23C6AD3F48A7B75535F5ED98813A0E
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
                                                                          Preview:wOF2.......D......?p.................................`..T..0....6..6.$..h. ..H....82EF.....E...........W...b.....b..l...Qc/.....G4.]Rc..C...9J....>W..A.#..~.$.-.....}.......$-.........B1..;<....=.FO... R..%......9.E.s..M6.k.-_.^.?...._...lI..59Y.f|..&..J..<8....e.zip".......q...u.?Y.....I.:MA.d.Y....0>..E.....a...H...:.....A.j.h.P.......A.+.l/j........d....r)Y>..V..@E\Q.k.E..(....6..yf.)s..O..z..........`Q.La'N.t V$.. t".ZDb......U.A.........p~.TW.K....y..^.(.;....K.TO.l... {s..M$ ....!....a..^.y...._...H..e.lKD.#..9.$...!&.19.9I..R-..b...TD&...j...xol.[...~.!.q.%..M..>...k.K.{5......+..U....34........[R.GZF.s}&...#g.P..Y..zF..-&..Y.i.3...I_3..Q.....`i....F{.z..>0....N...16.i.@.........5D3..>.._o.0M+5qI.ds..o...1v.!zx..T..b.w.:.....z$...s..x...v...e.&.[.qb.P..Gt....D.3.. ..W.^f.C(...t..`.|..0.Z.C|..)...0....Y.Q...m.k...-VmS..6p..%7.o(0p..4..S7..i\.....v.k.+S)J....+..../....xv.9.W..nR.CG..f..|....Y...'W.....|b<.wN@....-[....l.P4#..=...[

                                                                          Chrome Cache Entry: 141

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
                                                                          Category:downloaded
                                                                          Size (bytes):61
                                                                          Entropy (8bit):3.990210155325004
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:9246CCA8FC3C00F50035F28E9F6B7F7D
                                                                          SHA1:3AA538440F70873B574F40CD793060F53EC17A5D
                                                                          SHA-256:C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
                                                                          SHA-512:A2098304D541DF4C71CDE98E4C4A8FB1746D7EB9677CEBA4B19FF522EFDD981E484224479FD882809196B854DBC5B129962DBA76198D34AAECF7318BD3736C6B
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1
                                                                          Preview:.PNG........IHDR...............s....IDAT.....$.....IEND.B`.

                                                                          Chrome Cache Entry: 143

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:HTML document, Unicode text, UTF-8 text, with very long lines (22960), with CRLF, CR line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):117233
                                                                          Entropy (8bit):5.805664679059334
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:C5BFE3C758B2F452F17AE1F72DC7446D
                                                                          SHA1:8DCC815402F1DA35A59AB26133C789876EABC118
                                                                          SHA-256:5776DFE5E79AD2E425FE6ABFC84988A18402DD4DA29F4EDCF6881C999F94F9CE
                                                                          SHA-512:F00C55F8136120E82053F014FD82EE04B4B05E0A673CFFCBB97A72D3AEDB397E3DC3CB88057683F0536618DD9153C5BC66E58ECD0B092A64556D31715F536C79
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://mail67.online/office-sharepoint-document/share/index2.html?e=bob_smith@gmail.com
                                                                          Preview:<!DOCTYPE html>..<html class="" dir="ltr" lang="en">..<head>..<meta charset="utf-8"/>..<meta content="IE=edge" http-equiv="X-UA-Compatible"/>..<meta content="width=device-width, initial-scale=1.0, maximum-scale=2.0, user-scalable=yes" name="viewport"/>..<meta name="robots" content="noindex">......<style>..html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}a{background-color:transparent}a:active,a:hover{outline:0}img{border:0}button,input{color:inherit;font:inherit;margin:0}button{text-transform:none}button,input[type="submit"]{-webkit-appearance:button;cursor:pointer}button::-moz-focus-inner,input::-moz-focus-inner{border:0;padding:0}*{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}*:before,*:after{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}input,button{font-family:inherit;font-size:inherit}a:focus{outline:thin dotted;outline-offset:-2px;outline:5px auto -webkit-focus-ring

                                                                          Chrome Cache Entry: 145

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 513
                                                                          Category:dropped
                                                                          Size (bytes):276
                                                                          Entropy (8bit):7.316609873335077
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:4E3510919D29D18EEB6E3E8B2687D2F5
                                                                          SHA1:31522A9EC576A462C3F1FFA65C010D4EB77E9A85
                                                                          SHA-256:1707BE1284617ACC0A66A14448207214D55C3DA4AAF25854E137E138E089257E
                                                                          SHA-512:DFAD29E3CF9E51D1749961B47382A5151B1F3C98DEABF2B63742EB6B7F7743EE9B605D646A730CF3E087D4F07E43107C8A01FF5F68020C7BF933EBA370175682
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:...........Q=o. ..+.......=t....E.k["...../g;n.,....{.......2....*e.......J).*8..).5.....>,.ih...^s...&M.Ta..m........C.N5.G.!.-...}.9.~........u.3..@i..qK.U.......E.........S.......A.....6...G..g...,f3g.5F..I...G@<..L.:`.N&.?R....d..(.7._....z.L.......s....

                                                                          Chrome Cache Entry: 147

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Unicode text, UTF-8 text, with very long lines (43878), with NEL line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):117609
                                                                          Entropy (8bit):5.452021285934095
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:93A2AEA230D421D550375C528B22583E
                                                                          SHA1:E8D88B00DB1C30510928A7C6618F0F7CFFA9B4C2
                                                                          SHA-256:54E832663426C696B1F603379026E5E15720E8C812BBBC60D63AA2AD8A479F75
                                                                          SHA-512:2BA5180B32FCD62B7A430E75C8CD8022076563299F055AD99B836AFBAEB39D205D825B2848E0686F7E136502EAAE91B39B4659D6C1F6A0895C16FA5515494EED
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://assets.squarespace.com/@sqs/polyfiller/1.6/modern.js
                                                                          Preview:(()=>{var t,r={481:(t,r,e)=>{var n=e(8807),o=e(8427),i=TypeError;t.exports=function(t){if(n(t))return t;throw i(o(t)+" is not a function")}},2420:(t,r,e)=>{var n=e(1758),o=e(8427),i=TypeError;t.exports=function(t){if(n(t))return t;throw i(o(t)+" is not a constructor")}},5946:(t,r,e)=>{var n=e(8807),o=String,i=TypeError;t.exports=function(t){if("object"==typeof t||n(t))return t;throw i("Can't set "+o(t)+" as a prototype")}},3288:(t,r,e)=>{var n=e(6982),o=e(6042),i=e(189).f,a=n("unscopables"),s=Array.prototype;null==s[a]&&i(s,a,{configurable:!0,value:o(null)}),t.exports=function(t){s[a][t]=!0}},5158:(t,r,e)=>{"use strict";var n=e(3100).charAt;t.exports=function(t,r,e){return r+(e?n(t,r).length:1)}},5712:(t,r,e)=>{var n=e(3521),o=TypeError;t.exports=function(t,r){if(n(r,t))return t;throw o("Incorrect invocation")}},1843:(t,r,e)=>{var n=e(1188),o=String,i=TypeError;t.exports=function(t){if(n(t))return t;throw i(o(t)+" is not an object")}},7603:t=>{t.exports="undefined"!=typeof ArrayBuffer&

                                                                          Chrome Cache Entry: 148

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (39341)
                                                                          Category:dropped
                                                                          Size (bytes):39521
                                                                          Entropy (8bit):5.3286793613306385
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:50A45F31007A805405E999B6F6DA212A
                                                                          SHA1:6FF82BC52895BDEC2CF632C85E90B2BA51F553EE
                                                                          SHA-256:9D247C72CD4B4E0EDEA4A54CE95A652982B80E98AA1B81E04062C6627C0E1DA0
                                                                          SHA-512:5E5BCF9C1013F4E4B9AB2C0C31414639ACB6F9A36638821831D1EB0B3FC8EB6360398AC4C0F3FD03A6B17EFB0B09FB3DFC586763F4A4DCEC240586B361ACF526
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:"use strict";(self.webpackChunkextract_css=self.webpackChunkextract_css||[]).push([[52730,69078],{843383:(x,_)=>{Object.defineProperty(_,"__esModule",{value:!0}),_.default=void 0;var A;(function(f){f.MAIN_CONTENT=1,f.CONTENT_COLLECTION=1,f.PAGE=2,f.SPLASH_PAGE=3,f.CONTENT_ITEM=50,f.NOT_FOUND=100,f.ERROR=101,f.SEARCH=102,f.LOCK_SCREEN=103,f.POPUP_OVERLAY=104,f.PROTECTED_CONTENT=105,f.MEMBER_AREA_ACCESS_DENIED=106,f.PAYWALL=107,f.SHOW_CART=200,f.CHECKOUT=201,f.ORDER_CONFIRMED=202,f.DONATE=203,f.CONTRIBUTION_CONFIRMED=204,f.COMMERCE_CART_V2=205,f.SUBSCRIPTION_CONFIRMED=206,f.ORDER_RECEIVED=207,f.MEMBERSHIP_CONFIRMED=208,f.REVIEWS_REQUEST=209,f.DIGITAL_PRODUCT_COMPOSER_PREVIEW=210,f.ORDER_STATUS=211,f.NEWSLETTER_UNSUBSCRIBE=300,f.COMMERCE_EMAIL_PREVIEW=301,f.SSO_PAGE=400})(A||(A={}));var L=A;_.default=L,x.exports=_.default},294997:(x,_,A)=>{var L;L={value:!0};var f=A(769078),g=F(A(843383)),M=A(648083);function P(l,v,E){return v in l?Object.defineProperty(l,v,{value:E,enumerable:!0,configur

                                                                          Chrome Cache Entry: 150

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:PNG image data, 97 x 52, 8-bit/color RGB, non-interlaced
                                                                          Category:downloaded
                                                                          Size (bytes):61
                                                                          Entropy (8bit):4.068159130770306
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:048EAD9A84C4E61F91EF984F0EE02C03
                                                                          SHA1:1539392239DD96E0067503BA09D30433F9449C35
                                                                          SHA-256:A917BB88A6653BECBA23C599588EFEB444F2C80F582704467DFB2DEBB66601D5
                                                                          SHA-512:D3544DA12E147445C3B74C9EDEF9A54E6ABB7D11477A83F983C2654E926A53F360802CE593FF6B0DA2204CFAD2F21FA216857B1E79DF1F0A0E99B1788636E776
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/914259d6bcfe422d/1739927152888/OB_8fIdjZfic7WB
                                                                          Preview:.PNG........IHDR...a...4......'......IDAT.....$.....IEND.B`.

                                                                          Chrome Cache Entry: 151

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (65467)
                                                                          Category:dropped
                                                                          Size (bytes):264716
                                                                          Entropy (8bit):5.227099029324711
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:7A52A694FD4248C18775C6AA813A0358
                                                                          SHA1:C6176D228D4029A9E307347FAE277591C7D685B6
                                                                          SHA-256:E05C0BF4D0355A76DE73673C1DF19A0B4CD006B3E90810C30A1FAC5DB194182A
                                                                          SHA-512:0172A014406D3FE479913157A3A8328114A290E30141CC9E23680DE20F3C91929AAB93126C91DF0A15A73A6B03F031459AC833B56DDECC37B908927EEDD0D468
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:/*! For license information please see site-bundle.js.LICENSE.txt */.!function(t,e){if("object"==typeof exports&&"object"==typeof module)module.exports=e();else if("function"==typeof define&&define.amd)define([],e);else{var r=e();for(var n in r)("object"==typeof exports?exports:t)[n]=r[n]}}(self,(function(){return function(){var t,e,r,n,o={44564:function(t,e,r){"use strict";r.r(e),r.d(e,{ResizeObserver:function(){return q},ResizeObserverEntry:function(){return E},ResizeObserverSize:function(){return u}});var n,o=[],i="ResizeObserver loop completed with undelivered notifications.";!function(t){t.BORDER_BOX="border-box",t.CONTENT_BOX="content-box",t.DEVICE_PIXEL_CONTENT_BOX="device-pixel-content-box"}(n||(n={}));var a,c=function(t){return Object.freeze(t)},u=function(t,e){this.inlineSize=t,this.blockSize=e,c(this)},s=function(){function t(t,e,r,n){return this.x=t,this.y=e,this.width=r,this.height=n,this.top=this.y,this.left=this.x,this.bottom=this.top+this.height,this.right=this.left+thi

                                                                          Chrome Cache Entry: 152

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:GIF image data, version 89a, 1 x 1
                                                                          Category:downloaded
                                                                          Size (bytes):35
                                                                          Entropy (8bit):2.9302005337813077
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:81144D75B3E69E9AA2FA3E9D83A64D03
                                                                          SHA1:F0FBC60B50EDF5B2A0B76E0AA0537B76BF346FFC
                                                                          SHA-256:9B9265C69A5CC295D1AB0D04E0273B3677DB1A6216CE2CCF4EFC8C277ED84B39
                                                                          SHA-512:2D073E10AE40FDE434EB31CBEDD581A35CD763E51FB7048B88CAA5F949B1E6105E37A228C235BC8976E8DB58ED22149CFCCF83B40CE93A28390566A28975744A
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://p.typekit.net/p.gif?s=2&k=646866_672d28f572bca453f1036bff&ht=tk&h=rnicrosoft-secured-office.squarespace.com&f=26060.26053.26061.26054&a=646866&js=1.21.0&app=typekit&e=js&_=1739927142403
                                                                          Preview:GIF89a.............,..............;

                                                                          Chrome Cache Entry: 155

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Web Open Font Format (Version 2), CFF, length 20096, version 1.0
                                                                          Category:downloaded
                                                                          Size (bytes):20096
                                                                          Entropy (8bit):7.988988233436946
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:A3FB5FD506457476AC7818AA7D64AAE0
                                                                          SHA1:31F44F40A91CF44B985B3BAF9DEFFE413A1CD887
                                                                          SHA-256:F820AFAC32F36DB94A0864ABC40873AE2C22542226CE6190D27C5050D9753934
                                                                          SHA-512:713207A63FF02D8F7AC04AE343E96C17B641A238683A7F35712B4D5DFB5FA51B8206B3471322A9B68895321C3A5A4640FF04A13082BC6437E09630C6F29211F1
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://use.typekit.net/af/8a06c7/00000000000000007735d42a/30/l?subset_id=2&fvd=i5&v=3
                                                                          Preview:wOF2OTTO..N.......xp..N'.........................:..2?DYNA..?GDYN....D.`..~.6.$..L...... ..wu.X.:{.PU......._~..........K......../(.>..tP..:..+....iNa...._SI/@n.UT.."f.C.`V...2j........g...Q.:(.....v.O.)..B.'*i.6..|..D......6..{........M.!.{.@S.a.l.6...n..)..8b.{..1I*........k..f..g..q...p....,*.1....#...M.A.....r.6.ms.....?...3.3...E.L....YrP|....[..$.....is.T.Z.S:.....<.W../.!#....:....<......."W...k..O.1L..X.cY...'.;..do3.......9..&.YL.Y..3G\@P..mu.........I...we..Z.H ..3]e.M.4.. ...T..im.S...?............`.3G.. ....3$......t...n\.a."..2...~.d?ZU...G.1."...{kCq.....P.h.F.M1...l......*...P.u..m.....C1........o.;.x...\.....@..F..14..X...a.t....9...Pi7..@%T.3n.i.O.(H.uQ"(Pf.{..5S.I..V...H..j..2A...H...(.....Z.(..P%.t'.(s.....(pu..3....d#.s..g.u..B5u...j..uP..N............(..)k.bV..e.<...k.1{.PU.O.(CY.C{i..t.....Mw..=.'<..............%l!E.('....h$..)b..!....x&.[.....u.d..;.s..*{....l..=e/9P....B.H......^n.;.;.^...!..s"'qn.;...rA\"..s.\&..e

                                                                          Chrome Cache Entry: 156

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (8520), with no line terminators
                                                                          Category:dropped
                                                                          Size (bytes):8520
                                                                          Entropy (8bit):5.737186820299497
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:CB596E8C3633C59A9501F8534BB490D2
                                                                          SHA1:7011B02D19BC9BE9455B386E0248F1B616D8411A
                                                                          SHA-256:9536BAD6E8F8E7BCF4E3AD8DCCEC7359C96390A86BB1C2995390DDA08ED85A5C
                                                                          SHA-512:2A6CA5426CCC4CBBF614278796D5DFAD65724AE56059C36A8C4CFF69F0B2E452ABF9CACBEC5CDD9A74A5A5D4CB9E3D967EE2D0E3662FB3A8DCCDF0E21FA71BBF
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:window._cf_chl_opt={cFPWv:'g'};~function(W,h,i,j,k,l,s,v){W=b,function(c,e,V,f,g){for(V=b,f=c();!![];)try{if(g=parseInt(V(122))/1*(parseInt(V(123))/2)+parseInt(V(233))/3*(-parseInt(V(153))/4)+-parseInt(V(152))/5*(parseInt(V(229))/6)+-parseInt(V(173))/7*(-parseInt(V(161))/8)+parseInt(V(141))/9+parseInt(V(156))/10*(-parseInt(V(131))/11)+parseInt(V(195))/12*(-parseInt(V(118))/13),e===g)break;else f.push(f.shift())}catch(E){f.push(f.shift())}}(a,780502),h=this||self,i=h[W(136)],j=function(X,e,f,g){return X=W,e=String[X(145)],f={'h':function(E){return E==null?'':f.g(E,6,function(F,Y){return Y=b,Y(227)[Y(219)](F)})},'g':function(E,F,G,Z,H,I,J,K,L,M,N,O,P,Q,R,S,T,U){if(Z=X,null==E)return'';for(I={},J={},K='',L=2,M=3,N=2,O=[],P=0,Q=0,R=0;R<E[Z(222)];R+=1)if(S=E[Z(219)](R),Object[Z(163)][Z(217)][Z(121)](I,S)||(I[S]=M++,J[S]=!0),T=K+S,Object[Z(163)][Z(217)][Z(121)](I,T))K=T;else{if(Object[Z(163)][Z(217)][Z(121)](J,K)){if(256>K[Z(170)](0)){for(H=0;H<N;P<<=1,Q==F-1?(Q=0,O[Z(234)](G(P)),P=0):Q++,H+

                                                                          Chrome Cache Entry: 157

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Unicode text, UTF-8 text, with very long lines (2258)
                                                                          Category:downloaded
                                                                          Size (bytes):17301
                                                                          Entropy (8bit):5.5585574803003155
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:0A90A08B10AF6EA86AD09AA8C9253A96
                                                                          SHA1:25CAB0C959BB844B51EB1223079BB03535D46DCB
                                                                          SHA-256:0B1244652C58A70E4A91D5DE3755EE90152BCA1E65D407BF9F8ADBBD966B84B3
                                                                          SHA-512:9C9F1844F42785F784103D80CAAA96E5BE7B8E7C2E5695F655F771EAD49A47534BC9D8867E694A1BDDC847E93CA64A20A819CD211A133046231C3F7309F96FF5
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://use.typekit.net/ik/-dzzysHa3tKUyJJc3KR3RhoeAL-OqN0cIFnRnyMvKZXfecGJXnX1IyvhF2jtFRZLFRSkZ2JtZR9awc4RjQbuwhjUw2whjcZce6MKfcBRiAuTdKu3Scv7f6Rwk3IbMg6BJMJ7f6RBk3IbMg6YJMJ7f6RFk3IbMg6VJMJ7f6Rek3IbMg6sJMHbMdWET_Ge.js
                                                                          Preview:/*. * The Typekit service used to deliver this font or fonts for use on websites. * is provided by Adobe and is subject to these Terms of Use. * http://www.adobe.com/products/eulas/tou_typekit. For font license. * information, see the list below.. *. * acumin-pro:. * - http://typekit.com/eulas/00000000000000007735d426. * - http://typekit.com/eulas/00000000000000007735d404. * - http://typekit.com/eulas/00000000000000007735d42a. * - http://typekit.com/eulas/00000000000000007759c2e7. *. * . 2009-2025 Adobe Systems Incorporated. All Rights Reserved.. */.if(!window.Typekit)window.Typekit={};window.Typekit.config={"a":"646866","fi":[26060,26053,26061,26054],"fc":[{"id":26060,"family":"acumin-pro","src":"https://use.typekit.net/af/e6e37f/00000000000000007735d426/30/{format}{?primer,subset_id,fvd,v}","descriptors":{"weight":"500","style":"normal","stretch":"normal","display":"auto","variable":false,"subset_id":2}},{"id":26053,"family":"acumin-pro","src":"https://use.typekit.net/af/5de

                                                                          Chrome Cache Entry: 158

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (42136)
                                                                          Category:downloaded
                                                                          Size (bytes):45936
                                                                          Entropy (8bit):5.087559229151074
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:8F0B275F334CCD0FFB9AB21D76AB9EE1
                                                                          SHA1:FF7F3CCE7ABE0DEC87F386714441263C0B136DE6
                                                                          SHA-256:2834BEF5E0E5CFE5E0A131F477DD5B5E51CBF2A8ED0E1362914BEA74614A9488
                                                                          SHA-512:4B7038045A62A8961EBD03043EFE11349D5B05B089BE026D862F50AEF8BFEDCE43FCA632BE64D0C1BC692C73589874286110BB2A3070A1EC248DA8833A175BE7
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-c255a3b3b51c88603d1f-min.en-US.js
                                                                          Preview:(()=>{"use strict";var m={},u={};function c(e){var t=u[e];if(t!==void 0)return t.exports;var a=u[e]={id:e,loaded:!1,exports:{}};return m[e].call(a.exports,a,a.exports,c),a.loaded=!0,a.exports}c.m=m,c.amdO={},(()=>{var e=[];c.O=(t,a,n,s)=>{if(a){s=s||0;for(var f=e.length;f>0&&e[f-1][2]>s;f--)e[f]=e[f-1];e[f]=[a,n,s];return}for(var d=1/0,f=0;f<e.length;f++){for(var[a,n,s]=e[f],i=!0,b=0;b<a.length;b++)(s&!1||d>=s)&&Object.keys(c.O).every(p=>c.O[p](a[b]))?a.splice(b--,1):(i=!1,s<d&&(d=s));if(i){e.splice(f--,1);var r=n();r!==void 0&&(t=r)}}return t}})(),c.n=e=>{var t=e&&e.__esModule?()=>e.default:()=>e;return c.d(t,{a:t}),t},(()=>{var e=Object.getPrototypeOf?a=>Object.getPrototypeOf(a):a=>a.__proto__,t;c.t=function(a,n){if(n&1&&(a=this(a)),n&8||typeof a=="object"&&a&&(n&4&&a.__esModule||n&16&&typeof a.then=="function"))return a;var s=Object.create(null);c.r(s);var f={};t=t||[null,e({}),e([]),e(e)];for(var d=n&2&&a;typeof d=="object"&&!~t.indexOf(d);d=e(d))Object.getOwnPropertyNames(d).forEa

                                                                          Chrome Cache Entry: 160

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:PNG image data, 1000 x 418, 8-bit/color RGBA, non-interlaced
                                                                          Category:dropped
                                                                          Size (bytes):90222
                                                                          Entropy (8bit):7.9704704052945905
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:5CFB97F01039D31DA25AB7D6E75C009D
                                                                          SHA1:584FA6CD2F9B9B2F0460B69B456B08B13759182C
                                                                          SHA-256:2C5372CCDBFCC166D17DF14361B3C2077CE2F176D52B73474570FF331634C400
                                                                          SHA-512:345BD46130EDE5DECAF4264488FE754E4F84BCFCB952E5A5227FBEEDECACFD4B7420EB1E7C9DB2BAC7ADC104F69394BF21118FEE93DB03351C043E7B7BCA3910
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:.PNG........IHDR.............t.......pHYs..$...$..P$.... .IDATx...i.^Wz...s..]{_....$.....R$.dF....l..RyI$.\.J.V...!..R...-.T...*..r)N$.j..2".Cr.c..6....n.<.p.....C. ..._M.........<.<.s.""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""

                                                                          Chrome Cache Entry: 161

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
                                                                          Category:downloaded
                                                                          Size (bytes):599
                                                                          Entropy (8bit):7.452453360414925
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:942AC71F77CB04004B0AB25950E170B5
                                                                          SHA1:6C7E879AC32A888509846D29913F60E2DB40A2A5
                                                                          SHA-256:240E5501F83D0983E2B9D156396EBBD9EEC859DA063CD24E0867ECC6D8052B66
                                                                          SHA-512:16797DA01E8BEF7B9C6BA7DBC0A2AFE5DF6C694E39965994330508082DF7FA1B8751AA07964FEA5E9FBE91FAE194C8470D5443A0BC4FD97FDC364E46E40C6AFF
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://aadcdn.msauth.net/shared/1.0/content/images/picker_verify_authenticator_942ac71f77cb04004b0ab25950e170b5.png
                                                                          Preview:.PNG........IHDR...0...0.....W.......pHYs...........~.....IDATh...q.0.....?..q'.7.0A.A..*o.l.L.g.g...........Q....([N.;.Y H.5@..`..r..... .H....$"#..uy. v....(.....p.:.%.........H.....0.K.:p..`....YE.w`.....>......../...(TuS....x..?.....+..'...WT,......n....n..^.e$.`.....X.j."....|..6.w.-|.c...6.v.@.&...`Q'..j..c.n..:..^:(in,.>..T.F.7/..uu.UW...]........@^z.5....).yM.n. $....r.....)........../..3...}@d.......G.....E...2.hR.5.B..s..s.V...P...].y. .5.1...<EP..M.(FW.M.S....X5X..EW.:...........\..N..uD.YU........Z.7;.yh..l....Bc.e`..eN...... .H.......].KZ.......IEND.B`.

                                                                          Chrome Cache Entry: 163

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:HTML document, ASCII text, with very long lines (8279)
                                                                          Category:downloaded
                                                                          Size (bytes):8775
                                                                          Entropy (8bit):5.743007989423749
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:A620CC06A7E55AD12FD75D33336E84D9
                                                                          SHA1:77347042A22264FFC01EFB6D408CE6F65F8833CA
                                                                          SHA-256:07BA273C302BBD3A5650511BA50919D101DD80539E4A79003D2DD237E295F170
                                                                          SHA-512:6167A124741C78CE02E6606446B36719F3585B7453076DE0DC4C45392D7BDBAB640DB8C425B1BC33AE3BF04B843752E94351CC01A2F192FE87517174D6E3186E
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://mail67.online/favicon.ico
                                                                          Preview:<!DOCTYPE html>.<html>.<head>.<meta charset="utf-8" />.<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />.<meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" />.<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />.<meta name="robots" content="noindex, nofollow" />. Start: Ad code and script tags for header of page -->. End: Ad code and script tags for header of page -->.<script type="text/javascript" charset="utf-8" data-cfasync="false">var __78367710_0="vCn0KfQp9Cn0KfQp9Cn0KfQogICAgICAgICAgICAgICAgICAgICAgICAvL2VuZCBqYXZhc2NyaXB0IHB1enpsZQog";var __904_0_4261="d2ggPSB3aW5kb3cuaW5uZXJIZWlnaHQgfHwgZG9jdW1lbnQuZG9jdW1lbnRFbGVtZW50LmNsaWVudEhlaWdodCB8f";var __0254885155="CBkb2N1bWVudC5ib2R5LmNsaWVudEhlaWdodCB8fCAwOwppZiAoKHN3ID09IHd3KSAmJiAoc2ggPT0gd2gpKSB7Ci";var __2104304262="3VyZSBvdXQgdG8gZ2V0IGFuc3dlcgogICAgICAgICAgICAgICAgICAgICAgICBpZighd2luZG93Ll9waGFudG9tIH";var __9435_10856="AgICB2ID0gdHJ1ZTsKICAgIGlmICghKHd

                                                                          Chrome Cache Entry: 165

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Web Open Font Format (Version 2), TrueType, length 19260, version 1.0
                                                                          Category:downloaded
                                                                          Size (bytes):19260
                                                                          Entropy (8bit):7.988137401929606
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:4A3546ABC7DF047516E8D368B9C7D683
                                                                          SHA1:BD80DE112BEF1FFAA3CAC48B437D03926BE72A59
                                                                          SHA-256:95D9AA274570A4A62871618EB418091A82BB68CAD8FDBE7F3BA263603D9C22B8
                                                                          SHA-512:A5220426BB06C9FD76448F798282C86F58E8A2A9F7EC43CA18A54CA826997D5837E68D1FBBA2B84DD05BA3444D2318F72CEEE8CE28D3B595D2633D21F6A4A30B
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://use.typekit.net/af/ac398f/00000000000000007759c2e7/30/l?subset_id=2&fvd=i7&v=3
                                                                          Preview:wOF2......K<..........J..........................:?DYNA..?GDYN....0.`..~....s.....@..|..N..6.$.... .....].B....@......`Fj...UU...............z....9......./.%..6....S..}.GF.....$...?.Yw......*..n.".....<.....bKr,;j..k..$Ev\..T`L.X9`.c..'y._..?..Y/..n|.....K).<h...j..U.}..._..#.Dp...)A...%.....^t8.F...mJ... .J.]..R...tU..7Y................RH..).G.I.z.i....BU......QUx..WD?>...I.O..........`j;l....S..P.^K....l.w..}g........'^=S....t..."bT.s...'...O.S...Z...x..........J?.).+..*..m.......}...*8...1q.8.....H..HYn..T.\I.*..a.u.lY.x.-..o}..a\2,9d.. .......K...C....J."" ].M.....j..h.SX[.|].....W..`.#.b/.l2U....D*...[.....V|.'@.v.`&.L+.$...._....)..e..Wa.1>.F.C8.J.nl...H..g...OC...../.}..`..8.+.T..>....r..[1..g.....s..WmtV#.......u.Y......5$b<..Q*"].%P...z..R5i.l.P.....ip>>.^.s.z..v.....H9[9]q2]....T..M{..C...P)...8'..T)."U.).:~.$.Z<.+6_.).X04..i..v....f;cWC|Zv).,.;bR&....'...\f.V..m.N...).....].)U......!6=..mD..$..K4..1Mm...L.Y.%..+.tE....*.....(F..

                                                                          Chrome Cache Entry: 166

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (13388)
                                                                          Category:dropped
                                                                          Size (bytes):18949
                                                                          Entropy (8bit):5.484123590186384
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:306A76F221933F354D399D3518118779
                                                                          SHA1:A59404B11161209265975A2CAAE92ED8DACB3E68
                                                                          SHA-256:F234378D77F9947589909AFDB1F6C8D70E06767FC60157E77873906E05FD471D
                                                                          SHA-512:D6AAE528CFFE8A8EB95A19D1FF022D4076E4F0883B17531F11E648E72AF934479B9DEE0FC689E9DC2095EE96BB5FC1EF0700F67F579B8B79690A4612B212BED6
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:"use strict";(self.webpackChunkextract_css=self.webpackChunkextract_css||[]).push([[87977],{923456:(ne,j,i)=>{Object.defineProperty(j,"__esModule",{value:!0}),j.getPluralHash=j.getTranslateHash=void 0;var u=i(744485),C=u.__importDefault(i(625392)),Z=u.__importDefault(i(412139)),Y=["one","other"],N=function(y){return y.replace(/\n/g,"\\n")},x=function(y,p,O){return y+"value:".concat(N(p))+(O?"notes:".concat(N(O)):"")};function F(y,p,O){var A=O!=null?O:"";return x(p,y,A)}function U(y,p,O){var A=O!=null?O:"",V=Object.keys(y).map(function(W){return Y.includes(W)?"".concat(W,":").concat(y[W]):""}).join("");return x(p,V,A)}var Q=(0,C.default)(function(y,p,O){return(0,Z.default)(F(y,p,O))},F),J=(0,C.default)(function(y,p,O){return(0,Z.default)(U(y,p,O))},U),E=function(y,p){return Q(y,p.project,p.notes)};j.getTranslateHash=E;var I=function(y,p){return J(y,p.project,p.notes)};j.getPluralHash=I},305429:(ne,j,i)=>{var u;u={value:!0},j.Ju=j.H5=void 0;var C=i(923456);Object.defineProperty(j,"H5",{e

                                                                          Chrome Cache Entry: 170

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (48263)
                                                                          Category:dropped
                                                                          Size (bytes):48264
                                                                          Entropy (8bit):5.400221703851042
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:8BDE1466278EDBC80095065C0A8606B6
                                                                          SHA1:F99781A5A0FA1AE58218329F47C5163363B403D0
                                                                          SHA-256:5BBA95CD14598342C37B07F71259E8813BA6C1E856D0BED270105F50D88309D0
                                                                          SHA-512:97930A5AB263CE446278B035777E7D70A7DB85CD7CC3B2C6817C20BBEE2DAC9B6440223F17443994A80B6169624C1E6986832A39A1F05703ADAE4CA95F388345
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:"use strict";(function(){function Ht(e,t,n,o,c,l,g){try{var y=e[l](g),s=y.value}catch(p){n(p);return}y.done?t(s):Promise.resolve(s).then(o,c)}function jt(e){return function(){var t=this,n=arguments;return new Promise(function(o,c){var l=e.apply(t,n);function g(s){Ht(l,o,c,g,y,"next",s)}function y(s){Ht(l,o,c,g,y,"throw",s)}g(void 0)})}}function D(e,t){return t!=null&&typeof Symbol!="undefined"&&t[Symbol.hasInstance]?!!t[Symbol.hasInstance](e):D(e,t)}function Ue(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function De(e){for(var t=1;t<arguments.length;t++){var n=arguments[t]!=null?arguments[t]:{},o=Object.keys(n);typeof Object.getOwnPropertySymbols=="function"&&(o=o.concat(Object.getOwnPropertySymbols(n).filter(function(c){return Object.getOwnPropertyDescriptor(n,c).enumerable}))),o.forEach(function(c){Ue(e,c,n[c])})}return e}function Sr(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertyS

                                                                          Chrome Cache Entry: 171

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (451), with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):451
                                                                          Entropy (8bit):5.175708776160106
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:4D6A40A696D1ABBDF25CD121AA88B10E
                                                                          SHA1:F6288297D9CD2BD6FB5024E8B116B83C0C2050BE
                                                                          SHA-256:A61DDD7C4DB00FA694A870C95E1D2AFA9FA3BF7034D92C8F68A341FC21EDB053
                                                                          SHA-512:113E5513D9BB75093DDC37D801C561D092F9DF76F6DC7DFECA38FF74435D4FE796A569DF62800E7BE87873A446E313D90A6142AEF6F93D4B50C6FFC51696308C
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/floating-cart.11c2f1b3c1cb2ba0d418.js
                                                                          Preview:"use strict";(self.webpackChunknew_bedford_framework=self.webpackChunknew_bedford_framework||[]).push([[9528],{96418:function(e,n,t){t.r(n);var a=t(59440),o=t(16024);n.default=function(e){(0,o.A)().then((function(){var n=(0,a.T)(window,"Y.Squarespace.Singletons.ShoppingCart",null);n&&(n.on("item-added",(function(n){e.classList.remove("hidden")})),n.after("load",(function(n){n.target.get("totalQuantity")>0&&e.classList.remove("hidden")})))}))}}}]);

                                                                          Chrome Cache Entry: 172

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:JSON data
                                                                          Category:downloaded
                                                                          Size (bytes):565
                                                                          Entropy (8bit):4.850614283989033
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:FEE8D5F6D951CAC66CC9826E45FB0109
                                                                          SHA1:EF893390105A59892D8F79F288DD28223784BC53
                                                                          SHA-256:E429F689EB2F347214B4474A3DBF58813D2E67B4BE5616813918FA749FA42AD9
                                                                          SHA-512:837B734CBF1E8D208C7288357801F43D7CB5DDE05D426D1E3C69DC09AA8A2EBCDF1CD2B7A0AB475B3050B73FA09834FAE4954C3B4507332D54BFE3645F520DC9
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://json.geoiplookup.io/
                                                                          Preview:{"ip":"8.46.123.189","isp":"Level 3","org":"CenturyLink Communications, LLC","hostname":"","latitude":40.7128,"longitude":-74.006,"postal_code":"10123","city":"New York","country_code":"US","country_name":"United States of America","continent_code":"NA","continent_name":"North America","region":"New York","district":"","timezone_name":"America/Chicago","connection_type":"Corporate","asn_number":3356,"asn_org":"Level 3 Communications, Inc.","asn":"AS3356 - Level 3 Communications, Inc.","currency_code":"USD","currency_name":"USD","success":true,"premium":false}

                                                                          Chrome Cache Entry: 173

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (2356), with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):2356
                                                                          Entropy (8bit):5.287248168428522
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:750F15A4C47D10ED4BE1E65B4A834F7F
                                                                          SHA1:8019421EA4E2E311593AA2AE9EF16E3ED6F8F265
                                                                          SHA-256:EA09EDB60E82107A85E7450862E1E66823CDD9FBFD34C1963D4DA958A1ADA825
                                                                          SHA-512:1DEC385ACA457BDB6FE66C6185E335FDBD9DC8166BED0486F8E57E867D91B7D74BBD0D98070AC16913ED0253C7B993CCE1786103356CE15497140675328EA5C6
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://assets.squarespace.com/universal/styles-compressed/user-account-core-adaf6be325b26739da8e-min.en-US.css
                                                                          Preview:@keyframes shiver{0%{transform:translateX(0)}25%{transform:translateX(11px)}75%{transform:translateX(-11px)}to{transform:translateX(0)}}@keyframes shimmy{0%{transform:translateX(0)}50%{transform:translateX(-33px)}to{transform:translateX(0)}}@keyframes spin{0%{transform:rotate(0deg)}to{transform:rotate(1turn)}}@keyframes bounceIn{0%{opacity:0;transform:scale(.3)}50%{opacity:1;transform:scale(1.05)}70%{transform:scale(.9)}to{transform:scale(1)}}@keyframes pulseBadgeOpacity{0%{opacity:1}85%{opacity:.6}to{opacity:1}}@keyframes fadeout{0%{opacity:1}to{opacity:0}}@keyframes riseandfadein{0%{opacity:0;transform:translateY(22px)}to{opacity:1;transform:translateY(0)}}._GD0rGdAm47WInTU5YAX{animation-duration:.2s;animation-iteration-count:1;animation-name:shiver;animation-timing-function:cubic-bezier(.175,.885,.32,1.275)}.Auu40mtwfUnycBRNHd1y{animation-duration:.1s;animation-iteration-count:2;animation-name:shiver;animation-timing-function:cubic-bezier(.175,.885,.32,1.275)}.JO1WCHdQnIhxdTUyesJ7{a

                                                                          Chrome Cache Entry: 175

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Unicode text, UTF-8 text, with very long lines (7601)
                                                                          Category:downloaded
                                                                          Size (bytes):1196442
                                                                          Entropy (8bit):5.103577517072082
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:AE56D0A56562BF40B451C20C5A19F415
                                                                          SHA1:884218CDE708CAB937933218A1D6FF4B65345155
                                                                          SHA-256:348336CE54AD878D4D533D06CFC1B7DC49495CF0CC18810D1D5BCE117B84C8B1
                                                                          SHA-512:DD966F0EA023316798A55430212641E1BA476917D4E4903DFC48A999685F0A36434BAAB1FE8734CAA795BBF63A94D79DE631BB87A9276BDAE5CD5CEE21DEA55A
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-c4d588d4255cd4c70fa3-min.en-US.js
                                                                          Preview:(self.webpackChunkextract_css=self.webpackChunkextract_css||[]).push([[80276,59612],{459612:(W,u,t)=>{var a=W.exports=t(619015);a.tz.load(t(379210))},619015:function(W,u,t){var a,b,o;//! moment-timezone.js.//! version : 0.5.44.//! Copyright (c) JS Foundation and other contributors.//! license : MIT.//! github.com/moment/moment-timezone.(function(p,O){"use strict";W.exports?W.exports=O(t(545334)):(b=[t(545334)],a=O,o=typeof a=="function"?a.apply(u,b):a,o!==void 0&&(W.exports=o))})(this,function(p){"use strict";p.version===void 0&&p.default&&(p=p.default);var O="0.5.44",A={},d={},n={},i={},L={},T;(!p||typeof p.version!="string")&&n0("Moment Timezone requires Moment.js. See https://momentjs.com/timezone/docs/#/use-it/browser/");var Y=p.version.split("."),D=+Y[0],p0=+Y[1];(D<2||D===2&&p0<6)&&n0("Moment Timezone requires Moment.js >= 2.6.0. You are using Moment.js "+p.version+". See momentjs.com");function h(r){return r>96?r-87:r>64?r-29:r-48}function Q(r){var l=0,f=r.split("."),R=f[0],X=f[

                                                                          Chrome Cache Entry: 176

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (14119), with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):14119
                                                                          Entropy (8bit):4.896426731793705
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:E1D1A80B46872F93818A985E88A6E877
                                                                          SHA1:B546CF4C39CCC8BBBDDDBB86CBC8B8D149E4F301
                                                                          SHA-256:4255B3E8937D02E114D491E449B5755A584038C54CF94BD38CF42FD0FE443AB6
                                                                          SHA-512:40014C6801B34947B2DBC5325AF99C264ED86E2223B1976E797D90503605FFAEEB58F2162D9D477EA721EB8E3E9D308035898EFB8472E0535F4D8880FB86FA28
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://assets.squarespace.com/universal/styles-compressed/941786f6875728a7dbb0-min.en-US.css
                                                                          Preview:.gdpr-cookie-banner{box-sizing:border-box}.gdpr-cookie-banner .button-group{display:flex}.gdpr-cookie-banner p{margin:0}.gdpr-cookie-banner.bar{align-items:center;display:flex;justify-content:space-between}.gdpr-cookie-banner.popup{display:flex;flex-direction:column}.gdpr-cookie-banner.full-styling{font-size:12px;z-index:300000}.gdpr-cookie-banner.full-styling.legacy-dark{background:#000;color:#fff}.gdpr-cookie-banner.full-styling.legacy-dark .sqs-toggle>input{background-color:#0e0e0e}.gdpr-cookie-banner.full-styling.legacy-dark .sqs-toggle--off{background-color:#b7b7b7}.gdpr-cookie-banner.full-styling.legacy-dark .sqs-toggle--on,.gdpr-cookie-banner.full-styling.legacy-dark hr{background-color:#fff}.gdpr-cookie-banner.full-styling.legacy-dark .manage-bar-action{color:#fff}.gdpr-cookie-banner.full-styling.legacy-dark .disclaimer-text a{background-image:linear-gradient(90deg,currentColor 100%,currentColor 0);background-position:0 100%;background-repeat:repeat-x;background-size:1px 1px;wh

                                                                          Chrome Cache Entry: 177

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (37688)
                                                                          Category:dropped
                                                                          Size (bytes):1564673
                                                                          Entropy (8bit):5.617976352885023
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:39D13D04ACD07EB54840A05C23FA4E24
                                                                          SHA1:0FEB11704D82D702B219DB06509A0E062632CBD7
                                                                          SHA-256:4E88E3B8975F59DE743C0BE698A97C11876804471097E45C05B08EAACB435ED3
                                                                          SHA-512:9AB5B75CF606E6DC69EE0E07D40BCDB4BEC703C15C63A1EB18BEE0794F95B881546F2FEC1CA3482C999BFDC4342021581B25FA0567A64FD7C0770E156DC5175D
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:(self.webpackChunkextract_css=self.webpackChunkextract_css||[]).push([[68592,24862,69119,69078,13914],{69037:(_,s,e)=>{var i=e(791484),n=e(578174),r={};for(var t in i)i.hasOwnProperty(t)&&(r[i[t]]=t);var c=_.exports={to:{}};c.get=function(f){var h=f.substring(0,3).toLowerCase(),o,l;switch(h){case"hsl":o=c.get.hsl(f),l="hsl";break;case"hwb":o=c.get.hwb(f),l="hwb";break;default:o=c.get.rgb(f),l="rgb";break}return o?{model:l,value:o}:null},c.get.rgb=function(f){if(!f)return null;var h=/^#([a-fA-F0-9]{3})$/,o=/^#([a-fA-F0-9]{6})$/,l=/^(rgba?)\(\s*([+-]?\d+)\s*,\s*([+-]?\d+)\s*,\s*([+-]?\d+)\s*(?:,\s*([+-]?\d*\.?\d+)\s*)?\)$/,p=/^(rgba?)\(\s*([+-]?\d*\.?\d+)\%\s*,\s*([+-]?\d*\.?\d+)\%\s*,\s*([+-]?\d*\.?\d+)\%\s*(?:,\s*([+-]?\d*\.?\d+)\s*)?\)$/,v=/(\D+)/,m=[0,0,0,1],b,E,A;if(b=f.match(h))for(b=b[1],E=0;E<3;E++)m[E]=parseInt(b[E]+b[E],16);else if(b=f.match(o))for(b=b[1],E=0;E<3;E++){var x=E*2;m[E]=parseInt(b.slice(x,x+2),16)}else if(b=f.match(l)){if(A=b[5],A&&b[1]==="rgb"||!A&&b[1]==="rgba")r

                                                                          Chrome Cache Entry: 178

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
                                                                          Category:dropped
                                                                          Size (bytes):6518
                                                                          Entropy (8bit):2.951064365485467
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:AA78D04664D6B65058FF847EB8D2D821
                                                                          SHA1:ABBE5F24DAE7833B596BEAB1C431F58E1C1C95E0
                                                                          SHA-256:0D75FA1C9F78745B408F55992519C9BD64DFDD5C1B456C5F48B5DC7C43184A8A
                                                                          SHA-512:828D6F59938220694CF3A851157F0FFB2179DFED687DA2F15927C8F119852C8F4625356B05D56404AAC91E1846974DFEC459387AC353A513BAA4048BBAE5AA0C
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:............ .(...&... .... .(...N...(....... ..... .............................................UUU.TTTpVVV.>>>.;;;p===.............................fff.VVVPTTT.UUU.TTT.TTT.:::.:::.:::.;;;.===Pfff.........WWW/UUU.UUU.TTT.TTT.TTT.TTT.TTT.:::.:::.:::.:::.:::.;;;.:::.<<</TTT.TTT.TTT.TTT.TTT.TTT.TTT.TTT.:::.:::.:::.:::.:::.:::.:::.:::.TTT.TTT.TTT.TTT.TTT.TTT.TTT.TTT.:::.:::.:::.:::.:::.:::.:::.:::.TTT.TTT.TTT.TTT.TTT.TTT.TTT.TTT.:::.:::.:::.:::.:::.:::.:::.:::.TTT.TTT.TTT.TTT.TTT.TTT.TTT.TTT.:::.:::.:::.:::.:::.:::.:::.:::.TTT.TTT.TTT.TTT.TTT.TTT.TTT.TTT.:::.:::.:::.:::.:::.:::.:::.:::.TTT.TTT.TTT.TTT.TTT.TTT.TTT.TTT.:::.:::.:::.:::.:::.:::.:::.:::.TTT.TTT.TTT.TTT.TTT.TTT.TTT.TTT.:::.:::.:::.:::.:::.:::.:::.:::.TTT.TTT.TTT.TTT.TTT.WWW.ddd.qqq.lll.UUU.???.:::.:::.:::.:::.:::.TTT.TTT.UUU.___.mmm.www.xxx.xxx.xxx.xxx.www.eee.NNN.;;;.:::.:::.YYY.hhh.uuu.xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.sss.]]].CCC.}}}/yyy.yyy.xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.xxx.yyy.yyy.}}}/............{{{Oyyy.xxx.xx

                                                                          Chrome Cache Entry: 179

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:HTML document, Unicode text, UTF-8 text, with very long lines (17032)
                                                                          Category:downloaded
                                                                          Size (bytes):46477
                                                                          Entropy (8bit):5.308691255230701
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:C52C1DC45662B7794F37486C5609E6EF
                                                                          SHA1:9F682D477E7E572FA9D17D4AD0F70DB3D8D25AA3
                                                                          SHA-256:9BD2EC0661F2E3C64B19AF420C6A11999260DC57F93D82B7275A061F1B60F9DB
                                                                          SHA-512:5E5F8D7C9DF0EE835D3984396F98F1906CEC1FFD8C7F63B9D8676A4CB27E37EF45DA817A32BA8943CC30F9CC0D1A28E5B64BC61B48D377F81C32DC940F883DAF
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://rnicrosoft-secured-office.squarespace.com/sharepointcoc?e=bob_smith@gmail.com
                                                                          Preview:<!doctype html>.<html xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb="http://www.facebook.com/2008/fbml" lang="en-US" >. <head>. <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">. <meta name="viewport" content="width=device-width, initial-scale=1">. This is Squarespace. --> rnicrosoft-secured-office -->.<base href="">.<meta charset="utf-8" />.<title>sharepointcoc &mdash; Your Site Title</title>.<meta http-equiv="Accept-CH" content="Sec-CH-UA-Platform-Version, Sec-CH-UA-Model" /><link rel="icon" type="image/x-icon" href="https://assets.squarespace.com/universal/default-favicon.ico"/>.<link rel="canonical" href="https://rnicrosoft-secured-office.squarespace.com/sharepointcoc"/>.<meta property="og:site_name" content="Your Site Title"/>.<meta property="og:title" content="sharepointcoc &mdash; Your Site Title"/>.<meta property="og:url" content="https://rnicrosoft-secured-office.squarespace.com/sharepointcoc"/>.<meta property="og:type" content="webs

                                                                          Chrome Cache Entry: 182

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (8498), with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):8498
                                                                          Entropy (8bit):5.732525354794285
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:AECF3E330A6F73DC46CF0510D67343CD
                                                                          SHA1:247312BB149DCF855C6EF7A1D2A40360859CAB15
                                                                          SHA-256:B954DBD52100BFA1C91BE200BE0E3A7343F5249D33380B77212B32C0BACF9DC5
                                                                          SHA-512:325D3E5E50634034AD248A577E242D708FBF5FBCFB8466E9CF96A5BFDFF50CFE31F4525080A6AFE39C2EF147A062273968A77A96A5987FD52DA2E7204C18EA59
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://mail67.online/cdn-cgi/challenge-platform/h/g/scripts/jsd/0e3e6804b971/main.js?
                                                                          Preview:window._cf_chl_opt={cFPWv:'g'};~function(W,h,i,n,o,y,z,B){W=b,function(c,d,V,e,f){for(V=b,e=c();!![];)try{if(f=parseInt(V(387))/1*(-parseInt(V(381))/2)+-parseInt(V(399))/3+parseInt(V(385))/4*(-parseInt(V(401))/5)+-parseInt(V(436))/6+-parseInt(V(422))/7*(-parseInt(V(429))/8)+parseInt(V(355))/9*(parseInt(V(414))/10)+-parseInt(V(410))/11*(-parseInt(V(405))/12),f===d)break;else e.push(e.shift())}catch(E){e.push(e.shift())}}(a,405556),h=this||self,i=h[W(413)],n={},n[W(438)]='o',n[W(435)]='s',n[W(375)]='u',n[W(448)]='z',n[W(441)]='n',n[W(442)]='I',n[W(368)]='b',o=n,h[W(416)]=function(E,F,G,H,a8,J,K,L,M,N,O){if(a8=W,null===F||void 0===F)return H;for(J=x(F),E[a8(367)][a8(415)]&&(J=J[a8(388)](E[a8(367)][a8(415)](F))),J=E[a8(393)][a8(447)]&&E[a8(423)]?E[a8(393)][a8(447)](new E[(a8(423))](J)):function(P,a9,Q){for(a9=a8,P[a9(411)](),Q=0;Q<P[a9(427)];P[Q]===P[Q+1]?P[a9(338)](Q+1,1):Q+=1);return P}(J),K='nAsAaAb'.split('A'),K=K[a8(379)][a8(351)](K),L=0;L<J[a8(427)];M=J[L],N=v(E,F,M),K(N)?(O='s'===N&

                                                                          Chrome Cache Entry: 183

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text
                                                                          Category:downloaded
                                                                          Size (bytes):311352
                                                                          Entropy (8bit):4.939627366357809
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:50BD88437D22543DDDC84568BAC3D6D3
                                                                          SHA1:3BDF310D35B92CC3C82850AE4FE220D165A18C01
                                                                          SHA-256:00A0EC7CA607D669CBC3957A244F3EAEDC3DEECC4570843D72F2259FD01E7DF7
                                                                          SHA-512:165C1727C7AF993658AD8B3FA886E15BE5D19C060E721AD7B00E1A3FE5946F23310D4FC8BA3161F9425FC2F8B46E35F6A2E3D82F290AC9BEE9E2AF0AB640CB69
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1739381320286-8FJE7NMLDZWANM5PXDLU/static.css
                                                                          Preview:/* Button Block Base Style.=================================================*/..sqs-block-button-container {. text-align: center;.}..sqs-block-button.sqs-stretched .sqs-block-content,..sqs-block-button.sqs-stretched .sqs-block-button-element {. padding-top: 0 !important;. padding-bottom: 0 !important;. height: 100%;. display: flex;.}..sqs-block-button.sqs-stretched .sqs-block-button-container {. flex: 1;.}..sqs-block-button.sqs-stretched .sqs-block-button-element {. align-items: center;. box-sizing: border-box;. justify-content: center;.}..sqs-block-button:not(.sqs-stretched) .sqs-block-button-container {. display: flex;.}..sqs-block-button:not(.sqs-stretched) .sqs-block-button-container--left {. justify-content: flex-start;.}..sqs-block-button:not(.sqs-stretched) .sqs-block-button-container--center {. justify-content: center;.}..sqs-block-button:not(.sqs-stretched) .sqs-block-button-container--right {. justify-content: flex-end;.}..sqs-block-button-element,..image-button

                                                                          Chrome Cache Entry: 184

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Web Open Font Format (Version 2), CFF, length 19448, version 1.0
                                                                          Category:downloaded
                                                                          Size (bytes):19448
                                                                          Entropy (8bit):7.986914734418
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:2AB41C6DC02F5A6934FEBA38A71C2BFC
                                                                          SHA1:BD62464DB266662C703F5F0A0D0A10B35426FD35
                                                                          SHA-256:C1AEE4E4FB181D8BD5ACE7208EFB180F931D5B3F18FDE38FB6068836554ACA7C
                                                                          SHA-512:2AD1A5A76AC9CAFBAA0197FB70B401E7A176A61BF39393FD2BCF1FDBA13B176D1BBA601A4BBFF1BF084CB77D2C0C78913099D78218BB7F7098B89E137D3D8A25
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://use.typekit.net/af/e6e37f/00000000000000007735d426/30/l?subset_id=2&fvd=n5&v=3
                                                                          Preview:wOF2OTTO..K.......y...K..........................:..Z?DYNA..?GDYN....b.`..~.6.$..L...... ..x.....Z<..&.....%!.T5..._~.....?..#d......"....$)...[....}...p...&.....J.&u..yU...U.&P.n.Z.+.s.C....6.~....-...%H...I..j.Q...a...n>1..z.'...x....B\...R....... .......v..a..v.B....M...'.|6..lv....C.dv...I.....`.....`.`......0b.Z(..T.......S.,.....)'.P:BHGD.....<.`.7.UD......Op.8.AO..DTg..h.'r.~.I0.=..N.1.&v..iO.Q[uoE4..z.<._.y.O....h...0e...Y..>xx7.+.U.......!.....).......,m..L..p..B..:?{..i..yI..M.$o....bR.....eJ...,......Bcj....]...S.....1.wU5...,....k.i.]...O...w...!.....v..(.......k..C.@..](..^..`. ....37.@......(..}Y...9Q.....GU.Q.....~. ?J*....VNy...-.P.r....G....."....+..1 . ...P..ASh.....A...\.a.N.wg.U..~.e.p.......u.|....,.s..5i.Q...^ ..\8aB...;A(.r.......Oqy4....b..|.. ....rm.g.o.".............E.M7.@.\~..-#7.....".S}'..y....X.wJ....3..`.......C|./......-...7 ..F..At..Ay.3............#.He2.. )2.L#..j...%;..%W..,Q6)..-.VZ..ui....)..n...]V..fk.n

                                                                          Chrome Cache Entry: 185

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):40
                                                                          Entropy (8bit):4.296439344671016
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:7636089B002D2F2CFAC27F67D7B693FD
                                                                          SHA1:82003D4EDDFC460323FFE76DD5D84813CC4FD004
                                                                          SHA-256:DD38E86027CA227A97AEAFE17EF77751F0E4F91B3ECD693CBEAE186EACAA316A
                                                                          SHA-512:4B552487060DA97A9BEF074496626FD204D80EE7BBA4F638FD3A5423E45922D9FA1CB9065B66F3F07793B16FADE82FAB4AEF3975F12CDCF87382A5D2C3CE9C33
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISHgmsLuny2_Fw3hIFDWjArOgSBQ3TlrvUEgUNla-N_Q==?alt=proto
                                                                          Preview:ChsKBw1owKzoGgAKBw3TlrvUGgAKBw2Vr439GgA=

                                                                          Chrome Cache Entry: 187

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (53553)
                                                                          Category:downloaded
                                                                          Size (bytes):245728
                                                                          Entropy (8bit):5.471850889717781
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:5D0BCC8974305C1639CC4D72A394EC6A
                                                                          SHA1:3A9894E9672251202B2F245EBDB3A32D6DB6605E
                                                                          SHA-256:C95A01F682BB631DDE4EBA163D3468B181EA06F602389BA33507905562C0346B
                                                                          SHA-512:FAAE269B38D06F8EB7ACD4231BB0FD3240C527F512078C41AB3AFACD22688D036E31220CBE69268004E0E12173B2B10A300A241609832ED6F770A1F9A30233F2
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-2965e1fc774101038a7d-min.en-US.js
                                                                          Preview:(self.webpackChunkextract_css=self.webpackChunkextract_css||[]).push([[97684],{415611:(e,V,T)=>{"use strict";T.r(V),T.d(V,{YUI:()=>_}),e=T.hmd(e);var m=T(760636);/**.@license.YUI 3.17.2 (build 9c3c78e).Copyright 2014 Yahoo! Inc. All rights reserved..Licensed under the BSD License..http://yuilibrary.com/license/.*/typeof _!="undefined"&&(_._YUI=_);var _=function(){var v=0,u=this,n=arguments,d=n.length,r=function(i,f){return i&&i.hasOwnProperty&&i instanceof f},a=typeof YUI_config!="undefined"&&YUI_config;if(r(u,_)?(u._init(),_.GlobalConfig&&u.applyConfig(_.GlobalConfig),a&&u.applyConfig(a),d||u._setup()):u=new _,d){for(;v<d;v++)u.applyConfig(n[v]);u._setup()}return u.instanceOf=r,u};(function(){var v,u,n="3.17.2",d=".",r="http://yui.yahooapis.com/",a="yui3-js-enabled",i="yui3-css-stamp",f=function(){},g=Array.prototype.slice,A={"io.xdrReady":1,"io.xdrResponse":1,"SWF.eventHandler":1},E=typeof window!="undefined",h=E?window:null,s=E?h.document:null,c=s&&s.documentElement,o=c&&c.className

                                                                          Static File Info

                                                                          No static file info