Windows Analysis Report
https://2fa.com-token-auth.com/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FE

General Information

Sample URL:	https://2fa.com-token-auth.com/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpI
Analysis ID:	1711322
Infos:

Detection

KnowBe4

Score:	48
Range:	0 - 100
Confidence:	100%

Signatures

Yara detected KnowBe4 simulated phishing

Classification

Signatures

Phishing

Yara detected KnowBe4 simulated phishing

Source: Yara match

File source: 1.0.pages.csv, type: HTML

Source: https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09

HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49727 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 8MB later: 47MB

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.165.131
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.165.131
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09?cid=2559917548 HTTP/1.1host: 2fa.com-token-auth.comsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"upgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: nonesec-fetch-mode: navigatesec-fetch-user: ?1sec-fetch-dest: documentaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0, i
Source: global traffic	HTTP traffic detected: GET /pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09 HTTP/1.1host: secured-login.netsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"upgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: cross-sitesec-fetch-mode: navigatesec-fetch-dest: documentreferer: https://2fa.com-token-auth.com/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09?cid=2559917548accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0, i
Source: global traffic	HTTP traffic detected: GET /assets/landing-watermark-8487e36eef1bec74f06631f19fea0aa171c208e2976373cda5bd0a4b9e230903.css HTTP/1.1host: secured-login.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: stylereferer: https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /landing_pages/oops/styles.css HTTP/1.1Host: helpimg.s3.amazonaws.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/application-237cb5c4f318687625f8ccf2f42de3fc20238bfe267384653491a6bba8c8f6f5.js HTTP/1.1host: secured-login.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /assets/modernizr-79e0181ec91aff04bb01d87cba546535ede843f75d19f5c60f66b8dd6546971f.js HTTP/1.1host: training.knowbe4.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /assets/application-b8fb25919f68be551e6730684a8ed34bc7dd2dac142e7cc51ebf7b09c48546d5.js HTTP/1.1host: training.knowbe4.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /packs/js/vendor-954761ad0dceb106b971.js HTTP/1.1host: training.knowbe4.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /petite-vue HTTP/1.1host: unpkg.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /petite-vue@0.4.1/dist/petite-vue.iife.js HTTP/1.1host: unpkg.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1host: secured-login.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: imagereferer: https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1host: secured-login.netuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=X8RFSd9WVcxetbY&MD=zgW3LcFa HTTP/1.1host: slscr.update.microsoft.comaccept: /user-agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33accept-encoding: identity
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=X8RFSd9WVcxetbY&MD=zgW3LcFa HTTP/1.1host: slscr.update.microsoft.comaccept: /user-agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33accept-encoding: identity

Source: global traffic	DNS traffic detected: DNS query: 2fa.com-token-auth.com
Source: global traffic	DNS traffic detected: DNS query: secured-login.net
Source: global traffic	DNS traffic detected: DNS query: helpimg.s3.amazonaws.com
Source: global traffic	DNS traffic detected: DNS query: training.knowbe4.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: unpkg.com

Source: chromecache_61.1.dr	String found in binary or memory: Http://bugs.jqueryui.com/ticket/9446
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jquery.com/jQuery.ajax/)
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/accordion/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/autocomplete/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/blind-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/bounce-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/button/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/category/effects-core/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/checkboxradio/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/clip-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/controlgroup/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/data-selector/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/datepicker/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/dialog/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/disableSelection/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/draggable/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/drop-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/droppable/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/explode-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/fade-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/focusable-selector/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/fold-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/form-reset-mixin/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/highlight-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/jQuery.ui.keyCode/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/jQuery.widget/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/labels/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/menu/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/mouse/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/position/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/progressbar/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/puff-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/pulsate-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/resizable/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/scale-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/scrollParent/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/selectable/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/selectmenu/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/shake-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/size-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/slide-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/slider/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/sortable/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/spinner/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/tabbable-selector/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/tabs/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/tooltip/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/transfer-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/uniqueId/
Source: chromecache_61.1.dr	String found in binary or memory: http://blog.jquery.com/2012/08/09/jquery-1-8-released/
Source: chromecache_61.1.dr	String found in binary or memory: http://bugs.jquery.com/ticket/11778
Source: chromecache_61.1.dr	String found in binary or memory: http://bugs.jquery.com/ticket/12359
Source: chromecache_61.1.dr	String found in binary or memory: http://bugs.jquery.com/ticket/13378
Source: chromecache_61.1.dr	String found in binary or memory: http://bugs.jqueryui.com/ticket/7552
Source: chromecache_61.1.dr	String found in binary or memory: http://creativecommons.org/licenses/by/3.0/)
Source: chromecache_61.1.dr	String found in binary or memory: http://datatables.net).
Source: chromecache_61.1.dr	String found in binary or memory: http://datatables.net/license
Source: chromecache_61.1.dr	String found in binary or memory: http://datatables.net/license/mit
Source: chromecache_61.1.dr	String found in binary or memory: http://datatables.net/manual/styling/bootstrap
Source: chromecache_61.1.dr	String found in binary or memory: http://datatables.net/tn/
Source: chromecache_61.1.dr	String found in binary or memory: http://dev.w3.org/csswg/cssom/#resolved-values
Source: chromecache_61.1.dr	String found in binary or memory: http://docs.closure-library.googlecode.com/git/closure_goog_date_date.js.source.html
Source: chromecache_61.1.dr	String found in binary or memory: http://eligrey.com
Source: chromecache_61.1.dr	String found in binary or memory: http://erik.eae.net/archives/2007/07/27/18.54.15/#comment-102291
Source: chromecache_61.1.dr	String found in binary or memory: http://flightschool.acylt.com/devnotes/caret-position-woes/
Source: chromecache_61.1.dr	String found in binary or memory: http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript
Source: chromecache_61.1.dr	String found in binary or memory: http://javascript.nwbox.com/IEContentLoaded/
Source: chromecache_61.1.dr	String found in binary or memory: http://jquery.com/
Source: chromecache_61.1.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/accordion/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/autocomplete/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/button/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/checkboxradio/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/controlgroup/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/datepicker/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/dialog/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/draggable/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/droppable/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/menu/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/position/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/progressbar/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/resizable/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/selectable/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/selectmenu/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/slider/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/sortable/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/spinner/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/tabs/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/tooltip/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/widget/
Source: chromecache_61.1.dr	String found in binary or memory: http://jsfiddle.net/JZSMt/3/
Source: chromecache_61.1.dr	String found in binary or memory: http://jsperf.com/getall-vs-sizzle/2
Source: chromecache_61.1.dr	String found in binary or memory: http://jsperf.com/html-decode
Source: chromecache_61.1.dr	String found in binary or memory: http://jsperf.com/thor-indexof-vs-for/5
Source: chromecache_61.1.dr	String found in binary or memory: http://jsperf.com/tostring-v-check
Source: chromecache_61.1.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/add-inverted-param/
Source: chromecache_61.1.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/define-locale/
Source: chromecache_61.1.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/dst-shifted/
Source: chromecache_61.1.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/js-date/
Source: chromecache_61.1.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/min-max/
Source: chromecache_61.1.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/zone/
Source: chromecache_61.1.dr	String found in binary or memory: http://pdfmake.org
Source: chromecache_61.1.dr	String found in binary or memory: http://semver.org/
Source: chromecache_61.1.dr	String found in binary or memory: http://sizzlejs.com/
Source: chromecache_61.1.dr	String found in binary or memory: http://stackoverflow.com/a/21336448/937891
Source: chromecache_61.1.dr	String found in binary or memory: http://stackoverflow.com/a/26707753
Source: chromecache_61.1.dr	String found in binary or memory: http://stackoverflow.com/a/32954565/96342
Source: chromecache_61.1.dr	String found in binary or memory: http://stackoverflow.com/a/384380/937891
Source: chromecache_61.1.dr	String found in binary or memory: http://stackoverflow.com/questions/3561493/is-there-a-regexp-escape-function-in-javascript
Source: chromecache_61.1.dr	String found in binary or memory: http://stackoverflow.com/questions/8898412
Source: chromecache_61.1.dr	String found in binary or memory: http://web.archive.org/web/20100324014747/http://blindsignals.com/index.php/2009/07/jquery-delay/
Source: chromecache_61.1.dr	String found in binary or memory: http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context
Source: chromecache_61.1.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_61.1.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0)
Source: chromecache_61.1.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.txt
Source: chromecache_61.1.dr	String found in binary or memory: http://www.datatables.net
Source: chromecache_61.1.dr	String found in binary or memory: http://www.datatables.net/extensions/select
Source: chromecache_61.1.dr	String found in binary or memory: http://www.macromedia.com/go/getflashplayer
Source: chromecache_61.1.dr	String found in binary or memory: http://www.robertpenner.com/easing)
Source: chromecache_61.1.dr	String found in binary or memory: http://www.sprymedia.co.uk/dataTables/lang.txt
Source: chromecache_61.1.dr	String found in binary or memory: https://blog.alexmaccaw.com/css-transitions
Source: chromecache_61.1.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=107380
Source: chromecache_61.1.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=136851
Source: chromecache_61.1.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=29084
Source: chromecache_61.1.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=47182
Source: chromecache_61.1.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=491668
Source: chromecache_61.1.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=561664
Source: chromecache_61.1.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=649285
Source: chromecache_61.1.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=687787
Source: chromecache_61.1.dr	String found in binary or memory: https://chmln.github.io/flatpickr/#altinput
Source: chromecache_61.1.dr	String found in binary or memory: https://chmln.github.io/flatpickr/#dateformat
Source: chromecache_61.1.dr	String found in binary or memory: https://chmln.github.io/flatpickr/#disable
Source: chromecache_61.1.dr	String found in binary or memory: https://chmln.github.io/flatpickr/#inline-calendar
Source: chromecache_61.1.dr	String found in binary or memory: https://chmln.github.io/flatpickr/examples/#flatpickr-external-elements
Source: chromecache_61.1.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=313082
Source: chromecache_61.1.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=378607
Source: chromecache_61.1.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=449857
Source: chromecache_61.1.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=470258
Source: chromecache_61.1.dr	String found in binary or memory: https://code.google.com/p/maashaack/source/browse/packages/graphics/trunk/src/graphics/colors/HUE2RG
Source: chromecache_61.1.dr	String found in binary or memory: https://datatables.net/tn/11
Source: chromecache_61.1.dr	String found in binary or memory: https://developer.apple.com/library/safari/documentation/Tools/Conceptual/SafariExtensionGuide/Worki
Source: chromecache_61.1.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/CSS/display
Source: chromecache_61.1.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Using_Firefox_1.5_caching
Source: chromecache_61.1.dr	String found in binary or memory: https://developer.mozilla.org/en/Security/CSP)
Source: chromecache_61.1.dr	String found in binary or memory: https://developer.snapappointments.com/bootstrap-select)
Source: chromecache_61.1.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#common-serializing-idioms
Source: chromecache_61.1.dr	String found in binary or memory: https://fullcalendar.io/
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#affix
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#alerts
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#buttons
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#carousel
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#collapse
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#dropdowns
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#modals
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#popovers
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#scrollspy
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#tabs
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#tooltip
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#transitions
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/DoersGuild/jQuery.print/issues/18#issuecomment-96451589
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/Microsoft/tslib/blob/v1.6.0/tslib.js
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/angular/angular/blob/7.2.4/packages/core/src/sanitization/url_sanitizer.ts
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/bassjobsen/Bootstrap-3-Typeahead
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/davidstutz/bootstrap-multiselect)
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/dordille/moment-isoduration/blob/master/moment.isoduration.js
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/eligrey/classList.js/issues/36
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jashkenas/underscore/blob/1.6.0/underscore.js#L714
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jdewit/bootstrap-timepicker/graphs/contributors
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jquery/jquery-color
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jquery/jquery-color/
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jquery/jquery-ui/blob/1.11.0/ui/core.js#L51
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jquery/jquery/blob/2.2.4/src/core.js#L448
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jquery/jquery/blob/e539bac79e666bba95bba86d690b4e609dca2286/src/selector/escapeSe
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jquery/jquery/issues/4382
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/557)
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/764
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jquery/sizzle/pull/225
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
Source: chromecache_60.1.dr	String found in binary or memory: https://github.com/kriskowal/es5-shim/blob/master/es5-shim.js
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/moment/moment/blob/2.18.1/src/lib/moment/format.js#L22
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/moment/moment/issues/1423
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/moment/moment/issues/2166
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/moment/moment/issues/2978
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/moment/moment/pull/1871
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/rails/jquery-ujs
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/rails/jquery-ujs/issues/357
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/snapappointments/bootstrap-select/blob/master/LICENSE)
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/issues/14093
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/issues/20280
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/uxsolutions/bootstrap-datepicker)
Source: chromecache_62.1.dr	String found in binary or memory: https://helpimg.s3.amazonaws.com/landing_pages/oops/styles.css
Source: chromecache_61.1.dr	String found in binary or memory: https://html.spec.whatwg.org/#strip-and-collapse-whitespace
Source: chromecache_61.1.dr	String found in binary or memory: https://itsjavi.com/bootstrap-colorpicker/
Source: chromecache_61.1.dr	String found in binary or memory: https://jsperf.com/childnodes-array-slice-vs-loop
Source: chromecache_61.1.dr	String found in binary or memory: https://modernizr.com/)
Source: chromecache_61.1.dr	String found in binary or memory: https://nodejs.org/dist/latest/docs/api/util.html#util_custom_inspect_function_on_objects
Source: chromecache_61.1.dr	String found in binary or memory: https://npms.io/search?q=ponyfill.
Source: chromecache_59.1.dr	String found in binary or memory: https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29
Source: chromecache_61.1.dr	String found in binary or memory: https://stackoverflow.com/q/181348
Source: chromecache_61.1.dr	String found in binary or memory: https://tools.ietf.org/html/rfc2822#section-3.3
Source: chromecache_62.1.dr	String found in binary or memory: https://training.knowbe4.com/assets/application-b8fb25919f68be551e6730684a8ed34bc7dd2dac142e7cc51ebf
Source: chromecache_62.1.dr	String found in binary or memory: https://training.knowbe4.com/assets/modernizr-79e0181ec91aff04bb01d87cba546535ede843f75d19f5c60f66b8
Source: chromecache_62.1.dr	String found in binary or memory: https://training.knowbe4.com/packs/js/vendor-954761ad0dceb106b971.js
Source: chromecache_62.1.dr	String found in binary or memory: https://unpkg.com/petite-vue
Source: chromecache_57.1.dr	String found in binary or memory: https://utopia.fyi/type/calculator?c=320
Source: chromecache_61.1.dr	String found in binary or memory: https://www.chromestatus.com/features/5093566007214080
Source: chromecache_61.1.dr	String found in binary or memory: https://www.ecma-international.org/news/TC45_current_work/Office%20Open%20XML%20Part%204%20-%20Marku

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49673
Source: unknown	Network traffic detected: HTTP traffic on port 49679 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723

Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49727 version: TLS 1.2

Source: classification engine

Classification label: mal48.phis.win@23/16@14/8

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1280,i,14118492116032178447,3945001351059846368,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2216 /prefetch:3
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://2fa.com-token-auth.com/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09?cid=2559917548"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1280,i,14118492116032178447,3945001351059846368,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2216 /prefetch:3	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
52.85.61.109	training.knowbe4.com	United States	16509	AMAZON-02US	false
3.220.17.5	secured-login.net	United States	14618	AMAZON-AESUS	false
104.18.0.22	unpkg.com	United States	13335	CLOUDFLARENETUS	false
52.216.221.137	s3-w.us-east-1.amazonaws.com	United States	16509	AMAZON-02US	false
54.156.51.235	unknown	United States	14618	AMAZON-AESUS	false
142.251.35.164	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.17
192.168.2.16

Contacted Domains

Name	IP	Active
s3-w.us-east-1.amazonaws.com	52.216.221.137	true
www.google.com	142.251.35.164	true
training.knowbe4.com	52.85.61.109	true
secured-login.net	3.220.17.5	true
unpkg.com	104.18.0.22	true
landing.training.knowbe4.com	3.220.17.5	true
2fa.com-token-auth.com	unknown	unknown
helpimg.s3.amazonaws.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://helpimg.s3.amazonaws.com/landing_pages/oops/styles.css	false		high
https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09	false		high

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 56	ASCII text, with very long lines (65447)	67A0C4DBD69561F3226243034423F1ED	88C1B5C7EBBFA24D8196290206BF544F28EEB406	74B9F1CFE7CAD31AE1C1901200890B76676E6D92AC817641F5EF9BFD552F2110
Chrome Cache Entry: 57	Unicode text, UTF-8 text	583981782F408E2108F192FBB96C0FD8	0CE49DB1FEBD88EE21DAFE10EF93312741F31863	EBFB477A7BEFECBAF3DB9D633ECD0E89351F0C1E3D7954AD1B3A0BE55473240C
Chrome Cache Entry: 58	ASCII text, with very long lines (16900)	A7DB3244C9A6704A3159A38C82207F66	CC3B2BF9D2FCC718C86B1ED2AC7D9CD5BA12EF43	774BB8E88B09936246A57F0DFED88A375258A8235B893561C96880411DABC4D5
Chrome Cache Entry: 59	HTML document, ASCII text, with very long lines (398)	4E06FBD77D37649E733F7A36D1D93C47	BC8A13577EAE14FED8AE93C48F753C4138B5206F	1E29188ED567A0B5BED605BB44D7917C35B1F5A03F43C58400A2F0715C93CE26
Chrome Cache Entry: 60	HTML document, ASCII text	BF2F96E6233DE3D8C0346085AC28248A	4DB267704D7E3FB2489CF96E82862A2245CD9311	EE94DDA0AF1FC5C5045741B39E54136015365EEDCA34095F1D3C666998BB442D
Chrome Cache Entry: 61	ASCII text	F1232635B40CBFAE664CA09BA03FC9C3	C70240DA2684DB0184AB4C123B7F686035A8FB93	55644838E3E24BB2ED95B03654F6BC0AB4B5725F73BD9E6656C50AB8441194FF
Chrome Cache Entry: 62	HTML document, Unicode text, UTF-8 text, with very long lines (382)	D8798AAE777F6C93C53155F081A8C8EA	81B8A61366B8F08C3D3A8A2E1CFE499CEC5521B8	69FEB31D20F8340079383EB02BD89606E55D53476E2C1A9D70646E3A19FE4A25
Chrome Cache Entry: 63	ASCII text	15E89F9684B18EC43EE51F8D62A787C3	9CBAAACEAE96845ECD3497F41EE3B02588ABEC11	16F13E16A7EF02FB6F94250AA1931DED83DBEE5D9FAD278E33DD5792D085194F

Phishing

Yara detected KnowBe4 simulated phishing

Source: Yara match

File source: 1.0.pages.csv, type: HTML

HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49727 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 8MB later: 47MB

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.165.131
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.165.131
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09?cid=2559917548 HTTP/1.1host: 2fa.com-token-auth.comsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"upgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: nonesec-fetch-mode: navigatesec-fetch-user: ?1sec-fetch-dest: documentaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0, i
Source: global traffic	HTTP traffic detected: GET /pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09 HTTP/1.1host: secured-login.netsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"upgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: cross-sitesec-fetch-mode: navigatesec-fetch-dest: documentreferer: https://2fa.com-token-auth.com/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09?cid=2559917548accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0, i
Source: global traffic	HTTP traffic detected: GET /assets/landing-watermark-8487e36eef1bec74f06631f19fea0aa171c208e2976373cda5bd0a4b9e230903.css HTTP/1.1host: secured-login.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: stylereferer: https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /landing_pages/oops/styles.css HTTP/1.1Host: helpimg.s3.amazonaws.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/application-237cb5c4f318687625f8ccf2f42de3fc20238bfe267384653491a6bba8c8f6f5.js HTTP/1.1host: secured-login.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /assets/modernizr-79e0181ec91aff04bb01d87cba546535ede843f75d19f5c60f66b8dd6546971f.js HTTP/1.1host: training.knowbe4.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /assets/application-b8fb25919f68be551e6730684a8ed34bc7dd2dac142e7cc51ebf7b09c48546d5.js HTTP/1.1host: training.knowbe4.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /packs/js/vendor-954761ad0dceb106b971.js HTTP/1.1host: training.knowbe4.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /petite-vue HTTP/1.1host: unpkg.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /petite-vue@0.4.1/dist/petite-vue.iife.js HTTP/1.1host: unpkg.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1host: secured-login.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: imagereferer: https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1host: secured-login.netuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=X8RFSd9WVcxetbY&MD=zgW3LcFa HTTP/1.1host: slscr.update.microsoft.comaccept: /user-agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33accept-encoding: identity
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=X8RFSd9WVcxetbY&MD=zgW3LcFa HTTP/1.1host: slscr.update.microsoft.comaccept: /user-agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33accept-encoding: identity

Source: global traffic	DNS traffic detected: DNS query: 2fa.com-token-auth.com
Source: global traffic	DNS traffic detected: DNS query: secured-login.net
Source: global traffic	DNS traffic detected: DNS query: helpimg.s3.amazonaws.com
Source: global traffic	DNS traffic detected: DNS query: training.knowbe4.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: unpkg.com

Source: chromecache_61.1.dr	String found in binary or memory: Http://bugs.jqueryui.com/ticket/9446
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jquery.com/jQuery.ajax/)
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/accordion/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/autocomplete/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/blind-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/bounce-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/button/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/category/effects-core/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/checkboxradio/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/clip-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/controlgroup/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/data-selector/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/datepicker/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/dialog/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/disableSelection/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/draggable/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/drop-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/droppable/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/explode-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/fade-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/focusable-selector/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/fold-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/form-reset-mixin/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/highlight-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/jQuery.ui.keyCode/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/jQuery.widget/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/labels/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/menu/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/mouse/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/position/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/progressbar/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/puff-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/pulsate-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/resizable/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/scale-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/scrollParent/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/selectable/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/selectmenu/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/shake-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/size-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/slide-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/slider/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/sortable/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/spinner/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/tabbable-selector/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/tabs/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/tooltip/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/transfer-effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://api.jqueryui.com/uniqueId/
Source: chromecache_61.1.dr	String found in binary or memory: http://blog.jquery.com/2012/08/09/jquery-1-8-released/
Source: chromecache_61.1.dr	String found in binary or memory: http://bugs.jquery.com/ticket/11778
Source: chromecache_61.1.dr	String found in binary or memory: http://bugs.jquery.com/ticket/12359
Source: chromecache_61.1.dr	String found in binary or memory: http://bugs.jquery.com/ticket/13378
Source: chromecache_61.1.dr	String found in binary or memory: http://bugs.jqueryui.com/ticket/7552
Source: chromecache_61.1.dr	String found in binary or memory: http://creativecommons.org/licenses/by/3.0/)
Source: chromecache_61.1.dr	String found in binary or memory: http://datatables.net).
Source: chromecache_61.1.dr	String found in binary or memory: http://datatables.net/license
Source: chromecache_61.1.dr	String found in binary or memory: http://datatables.net/license/mit
Source: chromecache_61.1.dr	String found in binary or memory: http://datatables.net/manual/styling/bootstrap
Source: chromecache_61.1.dr	String found in binary or memory: http://datatables.net/tn/
Source: chromecache_61.1.dr	String found in binary or memory: http://dev.w3.org/csswg/cssom/#resolved-values
Source: chromecache_61.1.dr	String found in binary or memory: http://docs.closure-library.googlecode.com/git/closure_goog_date_date.js.source.html
Source: chromecache_61.1.dr	String found in binary or memory: http://eligrey.com
Source: chromecache_61.1.dr	String found in binary or memory: http://erik.eae.net/archives/2007/07/27/18.54.15/#comment-102291
Source: chromecache_61.1.dr	String found in binary or memory: http://flightschool.acylt.com/devnotes/caret-position-woes/
Source: chromecache_61.1.dr	String found in binary or memory: http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript
Source: chromecache_61.1.dr	String found in binary or memory: http://javascript.nwbox.com/IEContentLoaded/
Source: chromecache_61.1.dr	String found in binary or memory: http://jquery.com/
Source: chromecache_61.1.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/accordion/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/autocomplete/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/button/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/checkboxradio/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/controlgroup/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/datepicker/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/dialog/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/draggable/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/droppable/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/effect/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/menu/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/position/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/progressbar/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/resizable/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/selectable/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/selectmenu/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/slider/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/sortable/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/spinner/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/tabs/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/tooltip/
Source: chromecache_61.1.dr	String found in binary or memory: http://jqueryui.com/widget/
Source: chromecache_61.1.dr	String found in binary or memory: http://jsfiddle.net/JZSMt/3/
Source: chromecache_61.1.dr	String found in binary or memory: http://jsperf.com/getall-vs-sizzle/2
Source: chromecache_61.1.dr	String found in binary or memory: http://jsperf.com/html-decode
Source: chromecache_61.1.dr	String found in binary or memory: http://jsperf.com/thor-indexof-vs-for/5
Source: chromecache_61.1.dr	String found in binary or memory: http://jsperf.com/tostring-v-check
Source: chromecache_61.1.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/add-inverted-param/
Source: chromecache_61.1.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/define-locale/
Source: chromecache_61.1.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/dst-shifted/
Source: chromecache_61.1.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/js-date/
Source: chromecache_61.1.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/min-max/
Source: chromecache_61.1.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/zone/
Source: chromecache_61.1.dr	String found in binary or memory: http://pdfmake.org
Source: chromecache_61.1.dr	String found in binary or memory: http://semver.org/
Source: chromecache_61.1.dr	String found in binary or memory: http://sizzlejs.com/
Source: chromecache_61.1.dr	String found in binary or memory: http://stackoverflow.com/a/21336448/937891
Source: chromecache_61.1.dr	String found in binary or memory: http://stackoverflow.com/a/26707753
Source: chromecache_61.1.dr	String found in binary or memory: http://stackoverflow.com/a/32954565/96342
Source: chromecache_61.1.dr	String found in binary or memory: http://stackoverflow.com/a/384380/937891
Source: chromecache_61.1.dr	String found in binary or memory: http://stackoverflow.com/questions/3561493/is-there-a-regexp-escape-function-in-javascript
Source: chromecache_61.1.dr	String found in binary or memory: http://stackoverflow.com/questions/8898412
Source: chromecache_61.1.dr	String found in binary or memory: http://web.archive.org/web/20100324014747/http://blindsignals.com/index.php/2009/07/jquery-delay/
Source: chromecache_61.1.dr	String found in binary or memory: http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context
Source: chromecache_61.1.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_61.1.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0)
Source: chromecache_61.1.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.txt
Source: chromecache_61.1.dr	String found in binary or memory: http://www.datatables.net
Source: chromecache_61.1.dr	String found in binary or memory: http://www.datatables.net/extensions/select
Source: chromecache_61.1.dr	String found in binary or memory: http://www.macromedia.com/go/getflashplayer
Source: chromecache_61.1.dr	String found in binary or memory: http://www.robertpenner.com/easing)
Source: chromecache_61.1.dr	String found in binary or memory: http://www.sprymedia.co.uk/dataTables/lang.txt
Source: chromecache_61.1.dr	String found in binary or memory: https://blog.alexmaccaw.com/css-transitions
Source: chromecache_61.1.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=107380
Source: chromecache_61.1.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=136851
Source: chromecache_61.1.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=29084
Source: chromecache_61.1.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=47182
Source: chromecache_61.1.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=491668
Source: chromecache_61.1.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=561664
Source: chromecache_61.1.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=649285
Source: chromecache_61.1.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=687787
Source: chromecache_61.1.dr	String found in binary or memory: https://chmln.github.io/flatpickr/#altinput
Source: chromecache_61.1.dr	String found in binary or memory: https://chmln.github.io/flatpickr/#dateformat
Source: chromecache_61.1.dr	String found in binary or memory: https://chmln.github.io/flatpickr/#disable
Source: chromecache_61.1.dr	String found in binary or memory: https://chmln.github.io/flatpickr/#inline-calendar
Source: chromecache_61.1.dr	String found in binary or memory: https://chmln.github.io/flatpickr/examples/#flatpickr-external-elements
Source: chromecache_61.1.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=313082
Source: chromecache_61.1.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=378607
Source: chromecache_61.1.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=449857
Source: chromecache_61.1.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=470258
Source: chromecache_61.1.dr	String found in binary or memory: https://code.google.com/p/maashaack/source/browse/packages/graphics/trunk/src/graphics/colors/HUE2RG
Source: chromecache_61.1.dr	String found in binary or memory: https://datatables.net/tn/11
Source: chromecache_61.1.dr	String found in binary or memory: https://developer.apple.com/library/safari/documentation/Tools/Conceptual/SafariExtensionGuide/Worki
Source: chromecache_61.1.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/CSS/display
Source: chromecache_61.1.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Using_Firefox_1.5_caching
Source: chromecache_61.1.dr	String found in binary or memory: https://developer.mozilla.org/en/Security/CSP)
Source: chromecache_61.1.dr	String found in binary or memory: https://developer.snapappointments.com/bootstrap-select)
Source: chromecache_61.1.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#common-serializing-idioms
Source: chromecache_61.1.dr	String found in binary or memory: https://fullcalendar.io/
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#affix
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#alerts
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#buttons
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#carousel
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#collapse
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#dropdowns
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#modals
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#popovers
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#scrollspy
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#tabs
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#tooltip
Source: chromecache_61.1.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#transitions
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/DoersGuild/jQuery.print/issues/18#issuecomment-96451589
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/Microsoft/tslib/blob/v1.6.0/tslib.js
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/angular/angular/blob/7.2.4/packages/core/src/sanitization/url_sanitizer.ts
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/bassjobsen/Bootstrap-3-Typeahead
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/davidstutz/bootstrap-multiselect)
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/dordille/moment-isoduration/blob/master/moment.isoduration.js
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/eligrey/classList.js/issues/36
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jashkenas/underscore/blob/1.6.0/underscore.js#L714
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jdewit/bootstrap-timepicker/graphs/contributors
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jquery/jquery-color
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jquery/jquery-color/
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jquery/jquery-ui/blob/1.11.0/ui/core.js#L51
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jquery/jquery/blob/2.2.4/src/core.js#L448
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jquery/jquery/blob/e539bac79e666bba95bba86d690b4e609dca2286/src/selector/escapeSe
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jquery/jquery/issues/4382
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/557)
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/764
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jquery/sizzle/pull/225
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
Source: chromecache_60.1.dr	String found in binary or memory: https://github.com/kriskowal/es5-shim/blob/master/es5-shim.js
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/moment/moment/blob/2.18.1/src/lib/moment/format.js#L22
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/moment/moment/issues/1423
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/moment/moment/issues/2166
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/moment/moment/issues/2978
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/moment/moment/pull/1871
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/rails/jquery-ujs
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/rails/jquery-ujs/issues/357
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/snapappointments/bootstrap-select/blob/master/LICENSE)
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/issues/14093
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/issues/20280
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/uxsolutions/bootstrap-datepicker)
Source: chromecache_62.1.dr	String found in binary or memory: https://helpimg.s3.amazonaws.com/landing_pages/oops/styles.css
Source: chromecache_61.1.dr	String found in binary or memory: https://html.spec.whatwg.org/#strip-and-collapse-whitespace
Source: chromecache_61.1.dr	String found in binary or memory: https://itsjavi.com/bootstrap-colorpicker/
Source: chromecache_61.1.dr	String found in binary or memory: https://jsperf.com/childnodes-array-slice-vs-loop
Source: chromecache_61.1.dr	String found in binary or memory: https://modernizr.com/)
Source: chromecache_61.1.dr	String found in binary or memory: https://nodejs.org/dist/latest/docs/api/util.html#util_custom_inspect_function_on_objects
Source: chromecache_61.1.dr	String found in binary or memory: https://npms.io/search?q=ponyfill.
Source: chromecache_59.1.dr	String found in binary or memory: https://secured-login.net/pages/c3955b1c48a/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29
Source: chromecache_61.1.dr	String found in binary or memory: https://stackoverflow.com/q/181348
Source: chromecache_61.1.dr	String found in binary or memory: https://tools.ietf.org/html/rfc2822#section-3.3
Source: chromecache_62.1.dr	String found in binary or memory: https://training.knowbe4.com/assets/application-b8fb25919f68be551e6730684a8ed34bc7dd2dac142e7cc51ebf
Source: chromecache_62.1.dr	String found in binary or memory: https://training.knowbe4.com/assets/modernizr-79e0181ec91aff04bb01d87cba546535ede843f75d19f5c60f66b8
Source: chromecache_62.1.dr	String found in binary or memory: https://training.knowbe4.com/packs/js/vendor-954761ad0dceb106b971.js
Source: chromecache_62.1.dr	String found in binary or memory: https://unpkg.com/petite-vue
Source: chromecache_57.1.dr	String found in binary or memory: https://utopia.fyi/type/calculator?c=320
Source: chromecache_61.1.dr	String found in binary or memory: https://www.chromestatus.com/features/5093566007214080
Source: chromecache_61.1.dr	String found in binary or memory: https://www.ecma-international.org/news/TC45_current_work/Office%20Open%20XML%20Part%204%20-%20Marku

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49673
Source: unknown	Network traffic detected: HTTP traffic on port 49679 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723

Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49727 version: TLS 1.2

Source: classification engine

Classification label: mal48.phis.win@23/16@14/8

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1280,i,14118492116032178447,3945001351059846368,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2216 /prefetch:3
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://2fa.com-token-auth.com/XUkVnbEhDcDBvSTZUWEtTM1BuWjFsV29jM2RTRmpFZ2IvYU5mN3lrK29SamhZQmcra1pHZm9CYUcvRndkKzhrbnhnSnNkckRqWElCVXN1NXFtOGtUUnI5L0tZOHVtWWcrU3lST292RDA5TXk5MlZzMDEycEdsUzEvT2ppRkpIOXlVOHlENTU3UDJGRzZMYUY3MGNHK09BelI2eXMzall5N0hyV2RJRDNSSTAxaVczWExqNXlwRmU0PS0ta1dOcCtlamVxbFE1L1FEZy0taVc3dUxGbkxKQjNLYW1XNWtXZzZ5QT09?cid=2559917548"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1280,i,14118492116032178447,3945001351059846368,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2216 /prefetch:3	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1711322
Product:	CloudBasic
Start time:	19:25:15
Start date:	10.06.2025
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs