Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
FW_ Remittance Address.msg

Overview

General Information

Sample name:FW_ Remittance Address.msg
Analysis ID:1637510
MD5:6da6bb7455dd9590d573de58b1aadbae
SHA1:f77719c4ca021b342dd3b30c554322e802d7daa4
SHA256:c89a92570c0d054fefab328ed2025ca8d82456eae1af3298064e52ec33b6465e
Infos:

Detection

Score:48
Range:0 - 100
Confidence:100%

Signatures

AI detected suspicious elements in Email content
Javascript uses Clearbit API to dynamically determine company logos
Connects to many different domains
Detected hidden input values containing email addresses (often used in phishing pages)
Detected non-DNS traffic on DNS port
HTML page contains hidden javascript code
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
Queries the volume information (name, serial number etc) of a device
Sigma detected: Office Autorun Keys Modification
Sigma detected: Suspicious Office Outbound Connections
Stores large binary data to the registry

Classification

Process Tree

  • System is w10x64_ra
  • OUTLOOK.EXE (PID: 7036 cmdline: "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /f "C:\Users\user\Desktop\FW_ Remittance Address.msg" MD5: 91A5292942864110ED734005B7E005C0)
    • ai.exe (PID: 6196 cmdline: "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "15CFAF29-63DD-42FE-BBC5-C0A0E87A6499" "16DFE07F-372E-48A0-A383-25AB30F0CC33" "7036" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx" MD5: EC652BEDD90E089D9406AFED89A8A8BD)
    • chrome.exe (PID: 4624 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://visitor.constantcontact.com/do?p=un&m=001YVgHbnH7eDQQV63tItgAqg%3D&ch=884d362c-d1c8-11ef-8be9-fa163e4540a0&ca=174843df-15c1-4a35-ad49-f35a74f5bdb5 MD5: E81F54E6C1129887AEA47E7D092680BF)
      • chrome.exe (PID: 4660 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1968,i,14447550478320950860,2945761902221996654,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2204 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 3952 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://visitor.constantcontact.com/do?p=oo&m=001YVgHbnH7eDQQV63tItgAqg%3D&ch=884d362c-d1c8-11ef-8be9-fa163e4540a0&ca=174843df-15c1-4a35-ad49-f35a74f5bdb5 MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 1252 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.constantcontact.com/legal/customer-contact-data-notice MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

Sigma detected: Office Autorun Keys Modification
Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 , EventID: 13, EventType: SetValue, Image: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE, ProcessId: 7036, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Addins\OneNote.OutlookAddin\1
Sigma detected: Suspicious Office Outbound Connections
Source: Network ConnectionAuthor: X__Junior (Nextron Systems): Data: DestinationIp: 192.168.2.16, DestinationIsIpv6: false, DestinationPort: 49779, EventID: 3, Image: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE, Initiated: true, ProcessId: 7036, Protocol: tcp, SourceIp: 208.75.122.11, SourceIsIpv6: false, SourcePort: 443

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

barindex
AI detected suspicious elements in Email content
Source: EmailJoe Sandbox AI: Detected potential phishing email: The sender email address 'accountsreceivable-teamjdc.com@shared1.ccsend.com' is suspicious and doesn't match the legitimate company domain. The email requests changes to banking/payment information, which is a common phishing tactic to redirect funds. Despite professional appearance and inclusion of contact details, the email uses Constant Contact mass mailing service instead of official company infrastructure
Javascript uses Clearbit API to dynamically determine company logos
Source: https://transcend-cdn.com/cm/ceb33a79-6942-496d-82eb-e6af9c7658ef/airgap.jsHTTP Parser: // copyright 2025 transcend inc. all rights reserved.// learn more at https://transcend.io/consent-managementself.transcend=object.assign({"country":"us","countryregion":"md"},self.transcend);self.transcend=object.assign({readyqueue:[],ready(c){this.readyqueue.push(c)},showconsentmanager(){this.ready((t)=>{t.showconsentmanager()})}},self.transcend);self.airgap=object.assign({readyqueue:[],ready(c){this.readyqueue.push(c)},purposes:{"usedefault":false,"types":{"advertising":{"name":"advertising","description":"these cookies and tracking technologies allow us to deliver content, including advertisements, relevant to your specific interests. this content may be delivered on our websites or on third party websites or services. they allow us to understand and improve the relevancy of our advertisements. they may track personal information, including your ip address.","defaultconsent":"auto","showinconsentmanager":true,"configurable":true,"essential":false,"trackingtype":"advertising","optoutsignals":["dnt"]}...
Source: https://visitor.constantcontact.com/do?p=un&m=001YVgHbnH7eDQQV63tItgAqg%3D&ch=884d362c-d1c8-11ef-8be9-fa163e4540a0&ca=174843df-15c1-4a35-ad49-f35a74f5bdb5HTTP Parser: ltam@santaclaraca.gov
Source: https://www.constantcontact.com/legal/customer-contact-data-noticeHTTP Parser: Base64 decoded: 1741881917.000000
Source: EmailClassification: Invoice Scam
Source: https://www.constantcontact.com/legal/customer-contact-data-noticeHTTP Parser: No favicon
Source: https://www.constantcontact.com/legal/customer-contact-data-noticeHTTP Parser: No favicon
Source: https://www.constantcontact.com/legal/customer-contact-data-noticeHTTP Parser: No favicon
Source: https://www.constantcontact.com/legal/customer-contact-data-noticeHTTP Parser: No favicon
Source: https://www.constantcontact.com/legal/customer-contact-data-noticeHTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 104.16.233.42:443 -> 192.168.2.16:49787 version: TLS 1.2
Source: unknownHTTPS traffic detected: 143.204.98.111:443 -> 192.168.2.16:49786 version: TLS 1.2
Source: unknownHTTPS traffic detected: 143.204.98.111:443 -> 192.168.2.16:49785 version: TLS 1.2
Source: unknownHTTPS traffic detected: 143.204.98.111:443 -> 192.168.2.16:49784 version: TLS 1.2
Source: unknownHTTPS traffic detected: 143.204.98.111:443 -> 192.168.2.16:49780 version: TLS 1.2
Source: unknownHTTPS traffic detected: 143.204.98.111:443 -> 192.168.2.16:49783 version: TLS 1.2
Source: unknownHTTPS traffic detected: 143.204.98.111:443 -> 192.168.2.16:49782 version: TLS 1.2
Source: unknownHTTPS traffic detected: 143.204.98.111:443 -> 192.168.2.16:49781 version: TLS 1.2
Source: unknownHTTPS traffic detected: 208.75.122.11:443 -> 192.168.2.16:49779 version: TLS 1.2
Source: unknownNetwork traffic detected: DNS query count 47
Source: global trafficTCP traffic: 192.168.2.16:49718 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:49840 -> 1.1.1.1:53
Source: Joe Sandbox ViewIP Address: 18.245.86.20 18.245.86.20
Source: Joe Sandbox ViewIP Address: 35.210.130.15 35.210.130.15
Source: Joe Sandbox ViewIP Address: 104.16.80.73 104.16.80.73
Source: Joe Sandbox ViewJA3 fingerprint: 6271f898ce5be7dd52b0fc260d0662b3
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.35
Source: unknownTCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.35
Source: unknownTCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
Source: unknownTCP traffic detected without corresponding DNS query: 184.30.131.245
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
Source: unknownTCP traffic detected without corresponding DNS query: 184.30.131.245
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /legal/customer-contact-data-notice HTTP/1.1Host: www.constantcontact.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1Host: www.constantcontact.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.constantcontact.com/legal/customer-contact-data-noticeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000
Source: global trafficHTTP traffic detected: GET /static/CTCTDisplay[slnt,wght]-152418edda0911ee12161c3d4f75f1bd.woff2 HTTP/1.1Host: www.constantcontact.comConnection: keep-aliveOrigin: https://www.constantcontact.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.constantcontact.com/legal/customer-contact-data-noticeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000
Source: global trafficHTTP traffic detected: GET /795-ea2cb0342a7779db787c.js HTTP/1.1Host: www.constantcontact.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.constantcontact.com/legal/customer-contact-data-noticeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000
Source: global trafficHTTP traffic detected: GET /favicon.ico?version=${maven.build.timestamp} HTTP/1.1Host: www.constantcontact.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visitor.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1
Source: global trafficHTTP traffic detected: GET /app-d67bdc0dc814037e7183.js HTTP/1.1Host: www.constantcontact.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.constantcontact.com/legal/customer-contact-data-noticeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1
Source: global trafficHTTP traffic detected: GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1Host: static.cloudflareinsights.comConnection: keep-aliveOrigin: https://www.constantcontact.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico?version=${maven.build.timestamp} HTTP/1.1Host: www.constantcontact.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visitor.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1
Source: global trafficHTTP traffic detected: GET /favicon-32x32.png?version=${maven.build.timestamp} HTTP/1.1Host: www.constantcontact.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visitor.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1
Source: global trafficHTTP traffic detected: GET /page-data/app-data.json HTTP/1.1Host: www.constantcontact.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.constantcontact.com/legal/customer-contact-data-noticeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1
Source: global trafficHTTP traffic detected: GET /page-data/legal/customer-contact-data-notice/page-data.json HTTP/1.1Host: www.constantcontact.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.constantcontact.com/legal/customer-contact-data-noticeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1
Source: global trafficHTTP traffic detected: GET /favicon-32x32.png?version=${maven.build.timestamp} HTTP/1.1Host: www.constantcontact.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visitor.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1If-None-Match: "9ea5242b7fbe2b11db9b1edbb51d28eb"
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1Host: www.constantcontact.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1
Source: global trafficHTTP traffic detected: GET /page-data/sq/d/3792814546.json HTTP/1.1Host: www.constantcontact.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.constantcontact.com/legal/customer-contact-data-noticeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1; _ga_5MXW8FEZLZ=GS1.2.1741881927.1.1.1741881927.0.0.0
Source: global trafficHTTP traffic detected: GET /favicon-32x32.png?version=${maven.build.timestamp} HTTP/1.1Host: www.constantcontact.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1
Source: global trafficHTTP traffic detected: GET /page-data/app-data.json HTTP/1.1Host: www.constantcontact.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1; _ga_5MXW8FEZLZ=GS1.2.1741881927.1.1.1741881927.0.0.0
Source: global trafficHTTP traffic detected: GET /manifest.webmanifest HTTP/1.1Host: www.constantcontact.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://www.constantcontact.com/legal/customer-contact-data-noticeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /scripts/jquery-3.6.0.min.js HTTP/1.1Host: www.constantcontact.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.constantcontact.com/legal/customer-contact-data-noticeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1
Source: global trafficHTTP traffic detected: GET /page-data/legal/customer-contact-data-notice/page-data.json HTTP/1.1Host: www.constantcontact.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1; _ga_5MXW8FEZLZ=GS1.2.1741881927.1.1.1741881927.0.0.0
Source: global trafficHTTP traffic detected: GET /letters/images/CPE/referralLogos/H-Stacked-FC-WhiteBG-Email-Footer.png HTTP/1.1Accept: */*User-Agent: Mozilla/4.0 (compatible; ms-office; MSOffice 16)Accept-Encoding: gzip, deflateHost: imgssl.constantcontact.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /04f941d2901/177dccd7-17f4-4ec9-9928-8d94e484b956.jpg HTTP/1.1Accept: */*User-Agent: Mozilla/4.0 (compatible; ms-office; MSOffice 16)Accept-Encoding: gzip, deflateHost: files.constantcontact.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /04f941d2901/2b9a89f1-d188-4eda-abf2-a3d192e18742.jpg HTTP/1.1Accept: */*User-Agent: Mozilla/4.0 (compatible; ms-office; MSOffice 16)Accept-Encoding: gzip, deflateHost: files.constantcontact.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /04f941d2901/5d06fa19-b192-472b-8d1f-95edbea0506d.jpg HTTP/1.1Accept: */*User-Agent: Mozilla/4.0 (compatible; ms-office; MSOffice 16)Accept-Encoding: gzip, deflateHost: files.constantcontact.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /04f941d2901/a1ff3c76-cd3c-425f-943d-d3ba2f049947.png HTTP/1.1Accept: */*User-Agent: Mozilla/4.0 (compatible; ms-office; MSOffice 16)Accept-Encoding: gzip, deflateHost: files.constantcontact.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /04f941d2901/5c0b30a7-26b1-4012-b08c-837ac1353656.jpg HTTP/1.1Accept: */*User-Agent: Mozilla/4.0 (compatible; ms-office; MSOffice 16)Accept-Encoding: gzip, deflateHost: files.constantcontact.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /04f941d2901/0f47d2b7-8828-4b1e-9140-08fd1c798136.png HTTP/1.1Accept: */*User-Agent: Mozilla/4.0 (compatible; ms-office; MSOffice 16)Accept-Encoding: gzip, deflateHost: files.constantcontact.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /04f941d2901/36c18ac6-3b83-464a-ab75-394044fefcd8.jpg HTTP/1.1Accept: */*User-Agent: Mozilla/4.0 (compatible; ms-office; MSOffice 16)Accept-Encoding: gzip, deflateHost: files.constantcontact.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /on.jsp?ca=174843df-15c1-4a35-ad49-f35a74f5bdb5&a=1138922659648&c=884816d8-d1c8-11ef-8be9-fa163e4540a0&ch=884d362c-d1c8-11ef-8be9-fa163e4540a0 HTTP/1.1Accept: */*User-Agent: Mozilla/4.0 (compatible; ms-office; MSOffice 16)Accept-Encoding: gzip, deflateHost: a9hjrwebb.cc.rs6.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /favicon-32x32.png?v=9d6cc04e04a2e8962b4fd50aab7d5834 HTTP/1.1Host: www.constantcontact.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.constantcontact.com/legal/customer-contact-data-noticeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1; _ga_5MXW8FEZLZ=GS1.2.1741881927.1.1.1741881927.0.0.0
Source: global trafficHTTP traffic detected: GET /page-data/sq/d/3792814546.json HTTP/1.1Host: www.constantcontact.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1; _ga_5MXW8FEZLZ=GS1.2.1741881927.1.1.1741881927.0.0.0
Source: global trafficHTTP traffic detected: GET /favicon-32x32.png?version=${maven.build.timestamp} HTTP/1.1Host: www.constantcontact.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1; _ga_5MXW8FEZLZ=GS1.2.1741881927.1.1.1741881927.0.0.0If-None-Match: "9ea5242b7fbe2b11db9b1edbb51d28eb"
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/f3b948d8acb8/main.js? HTTP/1.1Host: www.constantcontact.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1; _ga_5MXW8FEZLZ=GS1.2.1741881927.1.1.1741881927.0.0.0
Source: global trafficHTTP traffic detected: GET /sdk/bc-v4.min.html HTTP/1.1Host: consentcdn.cookiebot.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://www.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /762-920a8b7a6bad65c67128.js HTTP/1.1Host: www.constantcontact.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.constantcontact.com/legal/customer-contact-data-noticeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1; _ga_5MXW8FEZLZ=GS1.2.1741881927.1.1.1741881927.0.0.0
Source: global trafficHTTP traffic detected: GET /885-c6ab99de4274741d5f09.js HTTP/1.1Host: www.constantcontact.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.constantcontact.com/legal/customer-contact-data-noticeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1; _ga_5MXW8FEZLZ=GS1.2.1741881927.1.1.1741881927.0.0.0
Source: global trafficHTTP traffic detected: GET /favicon-32x32.png?v=9d6cc04e04a2e8962b4fd50aab7d5834 HTTP/1.1Host: www.constantcontact.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1; _ga_5MXW8FEZLZ=GS1.2.1741881927.1.1.1741881927.0.0.0
Source: global trafficHTTP traffic detected: GET /component---src-templates-page-js-98af8adc14446a505281.js HTTP/1.1Host: www.constantcontact.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.constantcontact.com/legal/customer-contact-data-noticeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1; _ga_5MXW8FEZLZ=GS1.2.1741881927.1.1.1741881927.0.0.0
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/jsd/r/0.35751653717062615:1741879640:CNUcV7cozHKyR_wCVk9Yi7hswV7J2y-X40lA3iPZQr0/91fcc5a138783910 HTTP/1.1Host: www.constantcontact.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1; _ga_5MXW8FEZLZ=GS1.2.1741881927.1.1.1741881927.0.0.0
Source: global trafficHTTP traffic detected: GET /consentconfig/36973317-3a13-4d05-864e-97fcc940b9ee/constantcontact.com/configuration.js HTTP/1.1Host: consentcdn.cookiebot.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/jsd/r/0.35751653717062615:1741879640:CNUcV7cozHKyR_wCVk9Yi7hswV7J2y-X40lA3iPZQr0/91fcc5a138783910 HTTP/1.1Host: www.constantcontact.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1; _ga_5MXW8FEZLZ=GS1.2.1741881927.1.1.1741881927.0.0.0
Source: global trafficHTTP traffic detected: GET /scripts/ctctUtil.js?_=1741881936021 HTTP/1.1Host: www.constantcontact.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.constantcontact.com/legal/customer-contact-data-noticeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1; _ga_5MXW8FEZLZ=GS1.2.1741881927.1.1.1741881927.0.0.0; cf_clearance=4eQ4l6.XM.y7Ve3nGdcPf0xF__NchmpscpJTqCF5.xM-1741881934-1.2.1.1-qK1.vFtcHbngGCk_WKnBxWoBzKbEYYKs_pLKbFLBExVJrC84eHz5aQIvt1HHlq9_Ej2bbsE6epHHYtgXHoTEBDO66xTWrYfk6g6Rvq0DL_FLPKJ59v4JyVO_DiwgclEVfH0SedRQC1hB4ZKUekLzUBS5vO24IDS1TEOPYsUHnrEaGbkV8eCBeqwAekVh9SDWCV339IZ.NpHP6StcUfl74facC0MT6Ala6z77hvQ6vSR6OErumqW48iuREFjtrA0mZoC60XKlyQ3ZxEPhm8jV.wu8X9vxblQCacYy2y9v.dZsKVo5U1ZT665dgP4XehbruSXWdFu62eOBoYQsV6KUk6MNd3WIL2pPur715NKaTkk; CookieConsent={stamp:%27-1%27%2Cnecessary:true%2Cpreferences:true%2Cstatistics:true%2Cmarketing:true%2Cmethod:%27implied%27%2Cver:1%2Cutc:1741881936439%2Cregion:%27US-24%27}
Source: global trafficHTTP traffic detected: GET /en_US/fbevents.js HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /cc/main/2/i.gif HTTP/1.1Host: datacloud.tealiumiq.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TAPID=cc/main>0195904117c8002f5d697b12d2840506f004206700918|
Source: global trafficHTTP traffic detected: GET /td/ga/rul?tid=G-14T5LGLSQ3&gacid=966117682.1741881922&gtm=45je53c0v876446385za200&dma=0&gcs=G111&gcd=13n3n3n3n5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=102482433~102587591~102640600~102717422~102788824~102791784~102814060~102825837&z=1978089680 HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://www.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ping.min.js HTTP/1.1Host: cdn.pdst.fmConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-138462344-1&cid=8e2d2f52-03bf-4059-b384-fd520a862e7f&jid=1431150393&gjid=57940353&_gid=1883563040.1741881922&_u=QKCAiAABBAAAAGAAI~&z=244736177 HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /li.lms-analytics/insight.min.js HTTP/1.1Host: snap.licdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /attribution_trigger?pid=10362&time=1741881953639&url=https%3A%2F%2Fwww.constantcontact.com%2Flegal%2Fcustomer-contact-data-notice HTTP/1.1Host: px.ads.linkedin.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: *sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.constantcontact.comAttribution-Reporting-Eligible: trigger;event-sourceAttribution-Reporting-Support: web=osSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /integrations/referral-tag/referral-tag.js HTTP/1.1Host: apps.rokt.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /attribution_trigger?pid=10362&time=1741881953639&url=https%3A%2F%2Fwww.constantcontact.com%2Flegal%2Fcustomer-contact-data-notice HTTP/1.1Host: px.ads.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ads/pixel.js HTTP/1.1Host: www.redditstatic.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /up_loader.1.1.0.js HTTP/1.1Host: js.adsrvr.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ulog/_error?utid=cc/main/202502211746&e0=ge%3A%3A8%3A%3A%2F%2Ftags.tiqcdn.com%2Futag%2Fcc%2Fmain%2Fprod%2Futag.js%3A%3ACannot%20read%20properties%20of%20undefined%20(reading%20%27toString%27) HTTP/1.1Host: uconnect.tealiumiq.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TAPID=cc/main>0195904117c8002f5d697b12d2840506f004206700918|
Source: global trafficHTTP traffic detected: GET /rs?id=d67acd2f2ce94a3298a7fd993f8959e8&t=homepage HTTP/1.1Host: tags.w55c.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /signals/config/577881999014440?v=2.9.187&r=stable&domain=www.constantcontact.com&hme=9d6c2cc137748d003f279fac8d52b2defc993e1177ef802e0d5b230c72882031&ex_m=71%2C123%2C108%2C112%2C62%2C4%2C101%2C70%2C16%2C98%2C90%2C51%2C55%2C177%2C180%2C192%2C188%2C189%2C191%2C29%2C102%2C53%2C78%2C190%2C172%2C175%2C185%2C186%2C193%2C134%2C41%2C198%2C195%2C196%2C34%2C147%2C15%2C50%2C202%2C201%2C136%2C18%2C40%2C1%2C43%2C66%2C67%2C68%2C72%2C94%2C17%2C14%2C97%2C93%2C92%2C109%2C52%2C111%2C39%2C110%2C30%2C95%2C26%2C173%2C176%2C144%2C87%2C57%2C85%2C33%2C74%2C0%2C96%2C32%2C28%2C83%2C84%2C89%2C47%2C46%2C88%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C58%2C63%2C65%2C76%2C54%2C103%2C27%2C77%2C9%2C8%2C81%2C48%2C21%2C105%2C104%2C106%2C99%2C10%2C20%2C3%2C38%2C75%2C19%2C5%2C91%2C82%2C44%2C35%2C86%2C2%2C36%2C64%2C42%2C107%2C45%2C80%2C69%2C113%2C61%2C60%2C31%2C100%2C59%2C56%2C49%2C79%2C73%2C24%2C114 HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /track/pxl/?adv=yw07q9d&ct=0:kbyng1v&fmt=3&td1=SiteVisit&td2=prospect&td3=1 HTTP/1.1Host: insight.adsrvr.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ads/conversions-config/v1/pixel/config/t2_asz5vrmj_telemetry HTTP/1.1Host: www.redditstatic.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Origin: https://www.constantcontact.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /pixels/t2_asz5vrmj/config HTTP/1.1Host: pixel-config.reddit.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Origin: https://www.constantcontact.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ulog/_error?utid=cc/main/202502211746&e0=ge%3A%3A8%3A%3A%2F%2Ftags.tiqcdn.com%2Futag%2Fcc%2Fmain%2Fprod%2Futag.js%3A%3ACannot%20read%20properties%20of%20undefined%20(reading%20%27toString%27) HTTP/1.1Host: uconnect.tealiumiq.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TAPID=cc/main>0195904117c8002f5d697b12d2840506f004206700918|
Source: global trafficHTTP traffic detected: GET /com.snowplowanalytics.snowplow/tp2 HTTP/1.1Host: p.tvpixel.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: sp=bca10c66-af17-4283-ba20-0d3f7cfbf92b
Source: global trafficHTTP traffic detected: GET /horizon/constantcontact?T=B&u=https%3A%2F%2Fwww.constantcontact.com%2Flegal%2Fcustomer-contact-data-notice&t=1741881957733&v=1741881957890&S=0&N=0&P=0&z=1 HTTP/1.1Host: ingest.quantummetric.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /rs?sccid=42b92883-63d4-1e56-4bc0-6737f4dbf5d0&scc=1&id=d67acd2f2ce94a3298a7fd993f8959e8&t=homepage HTTP/1.1Host: tags.w55c.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: wfivefivec=pVmMfwDu1TSL4k2
Source: global trafficHTTP traffic detected: GET /tap.php?v=8981&nid=2307&put=b252c8a9-905f-4ead-ba6d-e608a9a2deb6&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP/1.1Host: pixel.rubiconproject.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ads/conversions-config/v1/pixel/config/t2_asz5vrmj_telemetry HTTP/1.1Host: www.redditstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /pixels/t2_asz5vrmj/config HTTP/1.1Host: pixel-config.reddit.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /horizon/constantcontact?T=B&u=https%3A%2F%2Fwww.constantcontact.com%2Flegal%2Fcustomer-contact-data-notice&t=1741881957733&v=1741881960232&H=6802d367668238a853cb4a23&s=05c3023596ee6f2b0a6531ee8e14b75e&Q=1&Y=1&X=ea4d8fc29e00400680d4659ddca154be&z=1 HTTP/1.1Host: ingest.quantummetric.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /horizon/constantcontact?T=B&u=https%3A%2F%2Fwww.constantcontact.com%2Flegal%2Fcustomer-contact-data-notice&t=1741881957733&v=1741881960237&H=6802d367668238a853cb4a23&s=05c3023596ee6f2b0a6531ee8e14b75e&U=abb379ab45c754b4a4911049ae977136&Q=2&S=0&N=0&z=1 HTTP/1.1Host: ingest.quantummetric.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /rs?sccid=42b92883-63d4-1e56-4bc0-6737f4dbf5d0&scc=1&id=d67acd2f2ce94a3298a7fd993f8959e8&t=homepage HTTP/1.1Host: tags.w55c.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: wfivefivec=pVmMfwDu1TSL4k2
Source: global trafficHTTP traffic detected: GET /track/cmf/rubicon?gdpr=0 HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.constantcontact.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TDID=b252c8a9-905f-4ead-ba6d-e608a9a2deb6; TDCPM=CAESFgoHcnViaWNvbhILCPzDxq_flPE9EAUYBSgBMgsIqJnJ3PWU8T0QBUIPIg0IARIJCgV0aWVyMxABWgd5dzA3cTlkYAFyB3J1Ymljb24.
Source: chromecache_187.11.drString found in binary or memory: Math.round(q);t["gtm.videoElapsedTime"]=Math.round(f);t["gtm.videoPercent"]=r;t["gtm.videoVisible"]=u;return t},Rk:function(){e=sb()},Nd:function(){d()}}};var cc=wa(["data-gtm-yt-inspected-"]),EG=["www.youtube.com","www.youtube-nocookie.com"],FG,GG=!1; equals www.youtube.com (Youtube)
Source: chromecache_187.11.drString found in binary or memory: if(!(f||g||k||m.length||n.length))return;var q={Vh:f,Th:g,Uh:k,Bi:m,Ci:n,pf:p,Rb:e},r=z.YT;if(r)return r.ready&&r.ready(d),e;var u=z.onYouTubeIframeAPIReady;z.onYouTubeIframeAPIReady=function(){u&&u();d()};E(function(){for(var v=A.getElementsByTagName("script"),t=v.length,w=0;w<t;w++){var x=v[w].getAttribute("src");if(PG(x,"iframe_api")||PG(x,"player_api"))return e}for(var y=A.getElementsByTagName("iframe"),B=y.length,C=0;C<B;C++)if(!GG&&NG(y[C],q.pf))return uc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: chromecache_135.11.drString found in binary or memory: return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var b=f.getFbeventsModules("signalsFBEventsGetTier"),c=d();function d(){try{if(a.trustedTypes&&a.trustedTypes.createPolicy){var b=a.trustedTypes;return b.createPolicy("facebook.com/signals/iwl",{createScriptURL:function(b){var c=typeof a.URL==="function"?a.URL:a.webkitURL;c=new c(b);c=c.hostname.endsWith(".facebook.com")&&c.pathname=="/signals/iwl.js";if(!c)throw new Error("Disallowed script URL");return b}})}}catch(a){}return null}e.exports=function(a,d){d=b(d);d=d==null?"www.facebook.com":"www."+d+".facebook.com";d="https://"+d+"/signals/iwl.js?pixel_id="+a;if(c!=null)return c.createScriptURL(d);else return d}})();return e.exports}(a,b,c,d)}); equals www.facebook.com (Facebook)
Source: chromecache_135.11.drString found in binary or memory: return function(f,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=/^https:\/\/www\.([A-Za-z0-9\.]+)\.facebook\.com\/tr\/?$/,b=["https://www.facebook.com/tr","https://www.facebook.com/tr/"];e.exports=function(c){if(b.indexOf(c)!==-1)return null;var d=a.exec(c);if(d==null)throw new Error("Malformed tier: "+c);return d[1]}})();return e.exports}(a,b,c,d)}); equals www.facebook.com (Facebook)
Source: chromecache_135.11.drString found in binary or memory: return function(f,g,h,i){var j={exports:{}};j.exports;(function(){"use strict";var a={ENDPOINT:"https://www.facebook.com/tr/",INSTAGRAM_TRIGGER_ATTRIBUTION:"https://www.instagram.com/tr/",AEM_ENDPOINT:"https://www.facebook.com/.well-known/aggregated-event-measurement/",GPS_ENDPOINT:"https://www.facebook.com/privacy_sandbox/pixel/register/trigger/",TOPICS_API_ENDPOINT:"https://www.facebook.com/privacy_sandbox/topics/registration/"};j.exports=a})();return j.exports}(a,b,c,d)}); equals www.facebook.com (Facebook)
Source: chromecache_169.11.drString found in binary or memory: return f}CG.K="internal.enableAutoEventOnTimer";var cc=wa(["data-gtm-yt-inspected-"]),EG=["www.youtube.com","www.youtube-nocookie.com"],FG,GG=!1; equals www.youtube.com (Youtube)
Source: global trafficDNS traffic detected: DNS query: visitor.constantcontact.com
Source: global trafficDNS traffic detected: DNS query: www.constantcontact.com
Source: global trafficDNS traffic detected: DNS query: static.ctctcdn.com
Source: global trafficDNS traffic detected: DNS query: images.ctfassets.net
Source: global trafficDNS traffic detected: DNS query: privacy-policy.truste.com
Source: global trafficDNS traffic detected: DNS query: static.cloudflareinsights.com
Source: global trafficDNS traffic detected: DNS query: transcend-cdn.com
Source: global trafficDNS traffic detected: DNS query: consent.cookiebot.com
Source: global trafficDNS traffic detected: DNS query: a9hjrwebb.cc.rs6.net
Source: global trafficDNS traffic detected: DNS query: files.constantcontact.com
Source: global trafficDNS traffic detected: DNS query: imgssl.constantcontact.com
Source: global trafficDNS traffic detected: DNS query: consentcdn.cookiebot.com
Source: global trafficDNS traffic detected: DNS query: go.constantcontact.com
Source: global trafficDNS traffic detected: DNS query: tags.tiqcdn.com
Source: global trafficDNS traffic detected: DNS query: datacloud.tealiumiq.com
Source: global trafficDNS traffic detected: DNS query: connect.facebook.net
Source: global trafficDNS traffic detected: DNS query: cdn.quantummetric.com
Source: global trafficDNS traffic detected: DNS query: analytics.google.com
Source: global trafficDNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: td.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: c.tvpixel.com
Source: global trafficDNS traffic detected: DNS query: cdn.pdst.fm
Source: global trafficDNS traffic detected: DNS query: snap.licdn.com
Source: global trafficDNS traffic detected: DNS query: a.quora.com
Source: global trafficDNS traffic detected: DNS query: js.driftt.com
Source: global trafficDNS traffic detected: DNS query: px.ads.linkedin.com
Source: global trafficDNS traffic detected: DNS query: apps.rokt.com
Source: global trafficDNS traffic detected: DNS query: p.tvpixel.com
Source: global trafficDNS traffic detected: DNS query: cdn.mgln.ai
Source: global trafficDNS traffic detected: DNS query: www.redditstatic.com
Source: global trafficDNS traffic detected: DNS query: js.adsrvr.org
Source: global trafficDNS traffic detected: DNS query: uconnect.tealiumiq.com
Source: global trafficDNS traffic detected: DNS query: ingest.quantummetric.com
Source: global trafficDNS traffic detected: DNS query: tags.w55c.net
Source: global trafficDNS traffic detected: DNS query: insight.adsrvr.org
Source: global trafficDNS traffic detected: DNS query: pixel-config.reddit.com
Source: global trafficDNS traffic detected: DNS query: rl.quantummetric.com
Source: global trafficDNS traffic detected: DNS query: pixel.rubiconproject.com
Source: global trafficDNS traffic detected: DNS query: mgln.ai
Source: global trafficDNS traffic detected: DNS query: customer.api.drift.com
Source: global trafficDNS traffic detected: DNS query: conversation.api.drift.com
Source: global trafficDNS traffic detected: DNS query: metrics.api.drift.com
Source: global trafficDNS traffic detected: DNS query: targeting.api.drift.com
Source: global trafficDNS traffic detected: DNS query: match.adsrvr.org
Source: global trafficDNS traffic detected: DNS query: s.pinimg.com
Source: global trafficDNS traffic detected: DNS query: cm.g.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: bootstrap.driftapi.com
Source: unknownHTTP traffic detected: POST /cdn-cgi/rum? HTTP/1.1Host: www.constantcontact.comConnection: keep-aliveContent-Length: 1659sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"content-type: application/jsonsec-ch-ua-mobile: ?0Accept: */*Origin: https://www.constantcontact.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.constantcontact.com/legal/customer-contact-data-noticeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ctct-geolocated-country-code=us; ctct-geolocated-state-code=md; ctct-geolocated-province-code=na; eigi-geolocated-lat=38.68620; eigi-geolocated-long=-76.53470; ctct-device-type=desktop; ctct_locale_pref=en_US_USD; _ga_ctct=8e2d2f52-03bf-4059-b384-fd520a862e7f; __cf_bm=XNKWZB_v14uuEp7rdQPLrcEXGiHoJ42a1fF812_vDB0-1741881917-1.0.1.1-8m.TDQ8Zf4cpm.hhJzR5Kka25Rv2292sCKOn9QFUeG3KV3IGiSO9dYeTqszP3hMPusrQpldmm249jdkqYd5LXd5wEXv5GVBgPC6PvNq_rko; _cfuvid=OxG8QlqkUB0e0ewMT2UOI49C98UoY._I_JTdnIlcEeA-1741881917756-0.0.1.1-604800000; _ga=GA1.2.966117682.1741881922; _gid=GA1.2.1883563040.1741881922; _gat=1
Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Thu, 13 Mar 2025 16:05:30 GMTContent-Type: text/html; charset=UTF-8Content-Length: 7590Connection: closeaccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UAcf-mitigated: challengecritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UAcross-origin-embedder-policy: require-corpcross-origin-opener-policy: same-origincross-origin-resource-policy: same-originorigin-agent-cluster: ?1permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()referrer-policy: same-originserver-timing: chlray;desc="91fcc5f12aef1fee"x-content-options: nosniffx-frame-options: SAMEORIGIN
Source: chromecache_179.11.drString found in binary or memory: http://docs.jquery.com/UI
Source: chromecache_179.11.drString found in binary or memory: http://jquery.org/license
Source: chromecache_179.11.drString found in binary or memory: http://jqueryui.com/about)
Source: FW_ Remittance Address.msgString found in binary or memory: http://schema.mic__substg1.0_8042001F
Source: FW_ Remittance Address.msgString found in binary or memory: https://a9hjrwebb.cc.rs6.net/on.jsp?ca=174843df-15c1-4a35-ad49-f35a74f5bdb5&amp;a=1138922659648&amp;
Source: FW_ Remittance Address.msgString found in binary or memory: https://a9hjrwebb.cc.rs6.net/tn.jsp?f=001q0VUbYI9zS7Lhi5rq_RaveV7gh043pmP98etuDXOSPJ_CV_djBw2KCCjvig
Source: FW_ Remittance Address.msgString found in binary or memory: https://a9hjrwebb.cc.rs6.net/tn.jsp?f=001q0VUbYI9zS7Lhi5rq_RaveV7gh043pmP98etuDXOSPJ_CV_djBw2KMDvedx
Source: chromecache_187.11.drString found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: FW_ Remittance Address.msgString found in binary or memory: https://aka.ms/LearnAboutSenderIdentification
Source: chromecache_154.11.drString found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_207.11.drString found in binary or memory: https://app.$
Source: chromecache_169.11.dr, chromecache_187.11.drString found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_135.11.drString found in binary or memory: https://connect.facebook.net/
Source: chromecache_135.11.drString found in binary or memory: https://connect.facebook.net/log/fbevents_telemetry/
Source: FW_ Remittance Address.msgString found in binary or memory: https://files.constantcontact.com/04f941d2901/0f47d2b7-8828-4b1e-9140-08fd1c798136.png
Source: FW_ Remittance Address.msgString found in binary or memory: https://files.constantcontact.com/04f941d2901/177dccd7-17f4-4ec9-9928-8d94e484b956.jpg
Source: FW_ Remittance Address.msgString found in binary or memory: https://files.constantcontact.com/04f941d2901/2b9a89f1-d188-4eda-abf2-a3d192e18742.jpg
Source: FW_ Remittance Address.msgString found in binary or memory: https://files.constantcontact.com/04f941d2901/36c18ac6-3b83-464a-ab75-394044fefcd8.jpg
Source: FW_ Remittance Address.msgString found in binary or memory: https://files.constantcontact.com/04f941d2901/5c0b30a7-26b1-4012-b08c-837ac1353656.jpg
Source: FW_ Remittance Address.msgString found in binary or memory: https://files.constantcontact.com/04f941d2901/5d06fa19-b192-472b-8d1f-95edbea0506d.jpg
Source: FW_ Remittance Address.msgString found in binary or memory: https://files.constantcontact.com/04f941d2901/a1ff3c76-cd3c-425f-943d-d3ba2f049947.png
Source: chromecache_197.11.drString found in binary or memory: https://github.com/zloirock/core-js
Source: chromecache_197.11.drString found in binary or memory: https://github.com/zloirock/core-js/blob/v3.28.0/LICENSE
Source: chromecache_207.11.drString found in binary or memory: https://go.$
Source: chromecache_207.11.drString found in binary or memory: https://go.constantcontact.com/login
Source: chromecache_207.11.drString found in binary or memory: https://go.constantcontact.com/login?OriginalURL=$
Source: chromecache_187.11.drString found in binary or memory: https://google.com
Source: chromecache_187.11.drString found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_135.11.drString found in binary or memory: https://gw.conversionsapigateway.com
Source: chromecache_207.11.drString found in binary or memory: https://images.ctfassets.net/t21gix3kzulv/3C3d6A6e6tIZFTvjSeRib4/b817717cd25dc874ac65a8a776fdf6a5/so
Source: chromecache_207.11.drString found in binary or memory: https://images.ctfassets.net/t21gix3kzulv/4vw0IUEl4OYTToAkkF88Df/fe31eafa22bda74f6398828394ae781d/Lo
Source: chromecache_186.11.drString found in binary or memory: https://images.ctfassets.net/t21gix3kzulv/6RLMkBjMC3oY3fX4Oc1BKs/27f0a6f14318f33d6f89a414391ffa83/ct
Source: chromecache_207.11.drString found in binary or memory: https://images.ctfassets.net/t21gix3kzulv/Gkmkvp9sgD1fojh2MUuex/1e81f13f50bdfb6bdf353b207f5fc265/dis
Source: FW_ Remittance Address.msgString found in binary or memory: https://imgssl.constantcontact.com/letters/images/CPE/referralLogos/H-Stacked-FC-WhiteBG-Email-Foote
Source: chromecache_207.11.drString found in binary or memory: https://knowledgebase.constantcontact.com/email-digital-marketing/articles/KnowledgeBase/27929-Inter
Source: chromecache_207.11.drString found in binary or memory: https://knowledgebase.constantcontact.com/email-digital-marketing/articles/KnowledgeBase/5825-can-sp
Source: chromecache_187.11.drString found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_169.11.dr, chromecache_187.11.drString found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_186.11.drString found in binary or memory: https://schema.org
Source: chromecache_186.11.drString found in binary or memory: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Source: chromecache_169.11.dr, chromecache_187.11.drString found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_169.11.dr, chromecache_187.11.drString found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_154.11.drString found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_154.11.drString found in binary or memory: https://tagassistant.google.com/
Source: chromecache_169.11.dr, chromecache_187.11.drString found in binary or memory: https://td.doubleclick.net
Source: FW_ Remittance Address.msgString found in binary or memory: https://us-phishalarm-ewt.proofpoint.com/EWT/v1/JZxO7R1e
Source: FW_ Remittance Address.msgString found in binary or memory: https://visitor.constantcontact.com/do?p=oo&amp;m=001YVgHbnH7eDQQV63tItgAqg%3D&amp;ch=884d362c-d1c8-
Source: FW_ Remittance Address.msgString found in binary or memory: https://visitor.constantcontact.com/do?p=oo&m=001YVgHbnH7eDQQV63tItgAqg%3D&ch=884d362c-d1c8-11ef-8be
Source: FW_ Remittance Address.msgString found in binary or memory: https://visitor.constantcontact.com/do?p=un&amp;m=001YVgHbnH7eDQQV63tItgAqg%3D&amp;ch=884d362c-d1c8-
Source: FW_ Remittance Address.msgString found in binary or memory: https://visitor.constantcontact.com/do?p=un&m=001YVgHbnH7eDQQV63tItgAqg%3D&ch=884d362c-d1c8-11ef-8be
Source: chromecache_128.11.dr, chromecache_176.11.drString found in binary or memory: https://www.constantcontact.com
Source: FW_ Remittance Address.msgString found in binary or memory: https://www.constantcontact.com/landing1/vr/home?cc=nge&amp;utm_campaign=nge&amp;rmc=VF21_CPE&amp;ut
Source: FW_ Remittance Address.msgString found in binary or memory: https://www.constantcontact.com/landing1/vr/home?cc=nge&utm_campaign=nge&rmc=VF21_CPE&utm_medium=VF2
Source: FW_ Remittance Address.msg, chromecache_186.11.drString found in binary or memory: https://www.constantcontact.com/legal/customer-contact-data-notice
Source: chromecache_154.11.drString found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_154.11.drString found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_154.11.drString found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_187.11.drString found in binary or memory: https://www.google.com
Source: chromecache_154.11.drString found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_187.11.drString found in binary or memory: https://www.googleadservices.com
Source: chromecache_187.11.drString found in binary or memory: https://www.googletagmanager.com
Source: chromecache_169.11.dr, chromecache_187.11.drString found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_154.11.drString found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_169.11.dr, chromecache_187.11.drString found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: chromecache_169.11.dr, chromecache_187.11.drString found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_140.11.drString found in binary or memory: https://www.redditstatic.com/ads/49267bce/pixel.js
Source: chromecache_187.11.drString found in binary or memory: https://www.youtube.com/iframe_api
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49844 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49673
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49819
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49817
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
Source: unknownNetwork traffic detected: HTTP traffic on port 49679 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49876 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49877 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49854 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49832 -> 443
Source: unknownHTTPS traffic detected: 104.16.233.42:443 -> 192.168.2.16:49787 version: TLS 1.2
Source: unknownHTTPS traffic detected: 143.204.98.111:443 -> 192.168.2.16:49786 version: TLS 1.2
Source: unknownHTTPS traffic detected: 143.204.98.111:443 -> 192.168.2.16:49785 version: TLS 1.2
Source: unknownHTTPS traffic detected: 143.204.98.111:443 -> 192.168.2.16:49784 version: TLS 1.2
Source: unknownHTTPS traffic detected: 143.204.98.111:443 -> 192.168.2.16:49780 version: TLS 1.2
Source: unknownHTTPS traffic detected: 143.204.98.111:443 -> 192.168.2.16:49783 version: TLS 1.2
Source: unknownHTTPS traffic detected: 143.204.98.111:443 -> 192.168.2.16:49782 version: TLS 1.2
Source: unknownHTTPS traffic detected: 143.204.98.111:443 -> 192.168.2.16:49781 version: TLS 1.2
Source: unknownHTTPS traffic detected: 208.75.122.11:443 -> 192.168.2.16:49779 version: TLS 1.2
Source: classification engineClassification label: mal48.phis.winMSG@30/170@129/44
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile created: C:\Users\user\Documents\Outlook Files\~Outlook Data File - NoEmail.pst.tmpJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile created: C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16827_20130-20250313T1203570234-7036.etlJump to behavior
Source: unknownProcess created: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /f "C:\Users\user\Desktop\FW_ Remittance Address.msg"
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "15CFAF29-63DD-42FE-BBC5-C0A0E87A6499" "16DFE07F-372E-48A0-A383-25AB30F0CC33" "7036" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx"
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://visitor.constantcontact.com/do?p=un&m=001YVgHbnH7eDQQV63tItgAqg%3D&ch=884d362c-d1c8-11ef-8be9-fa163e4540a0&ca=174843df-15c1-4a35-ad49-f35a74f5bdb5
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1968,i,14447550478320950860,2945761902221996654,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2204 /prefetch:3
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://visitor.constantcontact.com/do?p=oo&m=001YVgHbnH7eDQQV63tItgAqg%3D&ch=884d362c-d1c8-11ef-8be9-fa163e4540a0&ca=174843df-15c1-4a35-ad49-f35a74f5bdb5
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.constantcontact.com/legal/customer-contact-data-notice
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "15CFAF29-63DD-42FE-BBC5-C0A0E87A6499" "16DFE07F-372E-48A0-A383-25AB30F0CC33" "7036" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx"Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1968,i,14447550478320950860,2945761902221996654,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2204 /prefetch:3Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: c2r64.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: userenv.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{F959DBBB-3867-41F2-8E5F-3B8BEFAA81B3}\InprocServer32Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEWindow found: window name: SysTabControl32Jump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\CommonJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{2B379600-B42B-4FE9-A59C-A312FB934935} DeviceTicketJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information queried: ProcessInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeQueries volume information: C:\Program Files (x86)\Microsoft Office\root\Office16\AI\WordCombinedFloatieLreOnline.onnx VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation11
Browser Extensions		1
Process Injection		1
Masquerading		OS Credential Dumping1
Process Discovery		Remote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
DLL Side-Loading		1
DLL Side-Loading		1
Modify Registry		LSASS Memory12
System Information Discovery		Remote Desktop ProtocolData from Removable Media4
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
Process Injection		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
DLL Side-Loading		NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1637510 Sample: FW_ Remittance Address.msg Startdate: 13/03/2025 Architecture: WINDOWS Score: 48 28 s.pinimg.com 2->28 30 s-pinimg-com.gslb.pinterest.com 2->30 32 13 other IPs or domains 2->32 48 AI detected suspicious elements in Email content 2->48 50 Javascript uses Clearbit API to dynamically determine company logos 2->50 8 OUTLOOK.EXE 49 69 2->8         started        signatures3 process4 dnsIp5 40 imgssl.constantcontact.com.cdn.cloudflare.net 104.16.233.42, 443, 49787 CLOUDFLARENETUS United States 8->40 42 a9hjrwebb.cc.rs6.net 208.75.122.11, 443, 49779 ASN-CCUS United States 8->42 44 d6j37cnssol7h.cloudfront.net 143.204.98.111, 443, 49780, 49781 AMAZON-02US United States 8->44 24 C:\...\~Outlook Data File - NoEmail.pst.tmp, PGP 8->24 dropped 26 C:\Users\...\Outlook Data File - NoEmail.pst, Microsoft 8->26 dropped 12 chrome.exe 8->12         started        15 ai.exe 8->15         started        17 chrome.exe 8->17         started        19 chrome.exe 8->19         started        file6 process7 dnsIp8 46 192.168.2.16, 138, 443, 49253 unknown unknown 12->46 21 chrome.exe 12->21         started        process9 dnsIp10 34 pixel.rubiconproject.net.akadns.net 69.173.144.139, 443, 49855 RUBICONPROJECTUS United States 21->34 36 dg2iu7dxxehbo.cloudfront.net 18.172.103.101, 443, 49835 MIT-GATEWAYSUS United States 21->36 38 77 other IPs or domains 21->38

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.