Windows Analysis Report
EFLHGAMMLCOFELHAGIOEGONGHDMHABMK_1_5_7_0.crx

Overview

General Information

Sample name:	EFLHGAMMLCOFELHAGIOEGONGHDMHABMK_1_5_7_0.crx
Analysis ID:	1447783
MD5:	ce51f0538e8172f049d71231036a82a3
SHA1:	a3a1c86e2313ae69769bc254660956c9e7e387d7
SHA256:	064b1105716f25cf9a8146a99f5bc19c24e38680c9f3ff029f0de57b06403128
Infos:

Detection

Score:	3
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Connects to many different domains

IP address seen in connection with other malware

Installs a Chrome extension

JA3 SSL client fingerprint seen in connection with other malware

Sample execution stops while process was sleeping (likely an evasion)

Sigma detected: Chromium Browser Instance Executed With Custom Extension

Classification

Signatures

Source: C:\Windows\System32\7za.exe	File created: C:\chrome\background\background.js.LICENSE.txt	Jump to behavior
Source: C:\Windows\System32\7za.exe	File created: C:\chrome\content\content.js.LICENSE.txt	Jump to behavior
Source: C:\Windows\System32\7za.exe	File created: C:\chrome\options\options.js.LICENSE.txt	Jump to behavior
Source: C:\Windows\System32\7za.exe	File created: C:\chrome\popup\popup.js.LICENSE.txt	Jump to behavior

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49812 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49896 version: TLS 1.2

Connects to many different domains

Source: unknown

Network traffic detected: DNS query count 42

IP address seen in connection with other malware

Source: Joe Sandbox View	IP Address: 192.28.144.124 192.28.144.124
Source: Joe Sandbox View	IP Address: 13.107.246.45 13.107.246.45
Source: Joe Sandbox View	IP Address: 146.75.118.109 146.75.118.109

JA3 SSL client fingerprint seen in connection with other malware

Source: Joe Sandbox View

JA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.135
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.135
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86

Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/ddljson?async=ntp:2 HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /guide HTTP/1.1Host: www.regie.aiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.SCWmpDDGjPk.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_Pl64J0IIHlj2zBtEJ3ZwdaJC3HA/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/ad7f10b5f55ce13492462bf7/script.js HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/typed.js/2.0.10/typed.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/css/regie-ai-staging.97281fbbf.min.css HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/js/regie-ai-staging.61876242e.js HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=6595d530bcf001adceb21212 HTTP/1.1Host: d3e54v103j8qbb.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.regie.aisec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/ad7f10b5f55ce13492462bf7/banner.js HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/6595d6259134d099ec8cd241_PPMori-SemiBold.woff2 HTTP/1.1Host: uploads-ssl.webflow.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.regie.aisec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://assets-global.website-files.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/6595d625e062c2b10c695588_PPMori-Regular.woff2 HTTP/1.1Host: uploads-ssl.webflow.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.regie.aisec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://assets-global.website-files.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/6595d6275aa95166710ff207_PPMori-RegularItalic.woff2 HTTP/1.1Host: uploads-ssl.webflow.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.regie.aisec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://assets-global.website-files.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /ReferralSdk/referral.js?referrer=https%3A%2F%2Fwww.regie.ai%2Fguide HTTP/1.1Host: regie.referralrock.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/659c2166d7eced57f26d6cef_cta%20bg.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://assets-global.website-files.com/6595d530bcf001adceb21212/css/regie-ai-staging.97281fbbf.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b806a5c866126f8d2b97_6sense.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b8244621b6acf897770e_Bombora.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tag/8l7e5v9c7i HTTP/1.1Host: www.clarity.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b87e05690f47e1871903_Cognism.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b8a1cf52ccbdc4e72313_Demandbase.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /externaltrack/?pageTitle=Extension%20Guide&transactionKey=56a85185-3d2d-4afa-977b-7201063b39c3&scriptv=https%3A%2F%2Fregie.referralrock.com%2FReferralSdk%2Freferral.js%3Freferrer%3Dhttps%253A%252F%252Fwww.regie.ai%252Fguide&sourceURL=https%3A%2F%2Fwww.regie.ai%2Fguide HTTP/1.1Host: regie.referralrock.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b839d1e58aba55b31ca4_ZoomInfo.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/0.7.32/clarity.js HTTP/1.1Host: www.clarity.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CLID=e9ab7af2a71c49e68fc436887510f1eb.20240527.20250527
Source: global traffic	HTTP traffic detected: GET /video/1610534409-9fe328546a507cc31d2ae788b030cb1e446a62b26b144c89985f09538f7da33b-d?mw=80&q=85 HTTP/1.1Host: i.vimeocdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://player.vimeo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /p/4.33.8/js/player.module.js HTTP/1.1Host: f.vimeocdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://player.vimeo.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /p/4.33.8/css/player.css HTTP/1.1Host: f.vimeocdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://player.vimeo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /p/4.33.8/js/vendor.module.js HTTP/1.1Host: f.vimeocdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://player.vimeo.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b77842216d4d52c1082c_amplemarket.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b71ad1e58aba55b278ff_Apollo.io.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b74c7eb6560d92afdd38_frontspin.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b69df23e0308ab135b5b_Outreach.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b6f4604428bacd4be796_Salesloft.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/ad7f10b5f55ce13492462bf7/1gpZw5Pt.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.regie.aiSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js_opt/modules/utils/vuid.min.js HTTP/1.1Host: f.vimeocdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://player.vimeo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /video/1610534409-9fe328546a507cc31d2ae788b030cb1e446a62b26b144c89985f09538f7da33b-d?mw=800&mh=450 HTTP/1.1Host: i.vimeocdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://player.vimeo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/6595d5a2cf94e0382796503a_favicon.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b7ded78a496b27cd8436_HubSpot.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b7bdfc7fdb5d37ff71f3_Salesforce.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/v1/ip HTTP/1.1Host: directory.cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.regie.aiSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b668a5c866126f8c6e50_outlook.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b63cf0120c2cb4c44597_gmail.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b861c5f42eb0506dacef_LinkedIn.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/ad7f10b5f55ce13492462bf7/audit-table/g-zYDNcw.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.regie.aiSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/659eb5e5bd8157098fb7f412_soc2.png HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=FwpMAoFPGlE1SmU&MD=MH8novzg HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /6467a768ad80445890edf29e/1h96864fg HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/659eb5e5bd8157098fb7f414_gdpr.png HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/660705a00232456f70c9310b_AISalesAssistant_BestResults_Mid-Market_Total.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/660705a030fadcc8f8950075_AISalesAssistant_HighPerformer_Americas_HighPerformer.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/65cce0b13936557bb5f48dbd_g2%20review.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/660705a055907c31e5e35e92_AISalesAssistant_MostImplementable_Mid-Market_Total.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-main.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.regie.aisec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-vendor.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.regie.aisec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-chunk-vendors.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.regie.aisec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-chunk-common.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.regie.aisec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/660705a0954ad7922c498aaf_AISalesAssistant_MomentumLeader_Leader.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-runtime.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.regie.aisec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-app.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.regie.aisec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/widget-settings?propertyId=6467a768ad80445890edf29e&widgetId=1h96864fg&sv=null HTTP/1.1Host: va.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.regie.aiSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/ga/rul?tid=G-VMFY9K9RPE&gacid=1151382789.1716771394&gtm=45je45m0v875973908z8847818946za200zb847818946&dma=0&gcs=G111&gcd=13n3n3n3n5&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&z=2065376473 HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/languages/en.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /healthcheck HTTP/1.1Host: assets-tracking.crazyegg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.regie.aiSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /healthcheck HTTP/1.1Host: pagestates-tracking.crazyegg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.regie.aiSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/?k=6653da45ef55153d25d2e7ed&cver=0&pop=false&asver=71003&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUiLCJ2aWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUtOGJQRTY2U1hmeVN6RU1tS3dwOV95Iiwic2lkIjoiNjY1M2RhNDVlZjU1MTUzZDI1ZDJlN2VkIiwiaWF0IjoxNzE2NzcxMzk3LCJleHAiOjE3MTY3NzMxOTcsImp0aSI6ImM5RkIxdl9Mdkd5czd5OEdkVHd4RyJ9.mLkPoJy5X-5C1B7LveUsnsACBhY-P4XUXR6CYvaMQiksChc7IotpP2xD6z9TV6hej6psh1zKY-y1MKn5bxwYcA&EIO=3&transport=websocket&__t=O-tZ9l1 HTTP/1.1Host: vsa26.tawk.toConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.regie.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: sG7UygJInlnEm8z5CEPJDA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-chunk-9294da6c.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-chunk-2d0b383d.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-chunk-48f3b594.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-chunk-4fe9d5dd.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-chunk-2d0b9454.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /clock?t=1716771396902&tk=9a0026c5e1bbfc5dd98a1e8834d029ad&s=439622&p=%2Fguide&u=1225022&v=4ec8479886ddfb1ebcf52ccefa93bb8c0291e519&f=regie.ai%2Fguide&ul=https%3A%2F%2Fwww.regie.ai%2Fguide HTTP/1.1Host: tracking.crazyegg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.regie.aiSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/css/min-widget.css HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/css/message-preview.css HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/?k=6653da45ef55153d25d2e7ed&cver=0&pop=false&asver=71003&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUiLCJ2aWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUtOGJQRTY2U1hmeVN6RU1tS3dwOV95Iiwic2lkIjoiNjY1M2RhNDVlZjU1MTUzZDI1ZDJlN2VkIiwiaWF0IjoxNzE2NzcxMzk3LCJleHAiOjE3MTY3NzMxOTcsImp0aSI6ImM5RkIxdl9Mdkd5czd5OEdkVHd4RyJ9.mLkPoJy5X-5C1B7LveUsnsACBhY-P4XUXR6CYvaMQiksChc7IotpP2xD6z9TV6hej6psh1zKY-y1MKn5bxwYcA&EIO=3&transport=websocket&__t=O-tZA7v HTTP/1.1Host: vsa35.tawk.toConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.regie.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: T2f7E6BHN+vYTyRtx6dAZA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-chunk-24d8db78.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/css/max-widget.css HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/?k=6653da45ef55153d25d2e7ed&cver=0&pop=false&asver=71003&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUiLCJ2aWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUtOGJQRTY2U1hmeVN6RU1tS3dwOV95Iiwic2lkIjoiNjY1M2RhNDVlZjU1MTUzZDI1ZDJlN2VkIiwiaWF0IjoxNzE2NzcxMzk3LCJleHAiOjE3MTY3NzMxOTcsImp0aSI6ImM5RkIxdl9Mdkd5czd5OEdkVHd4RyJ9.mLkPoJy5X-5C1B7LveUsnsACBhY-P4XUXR6CYvaMQiksChc7IotpP2xD6z9TV6hej6psh1zKY-y1MKn5bxwYcA&EIO=3&transport=websocket&__t=O-tZAXt HTTP/1.1Host: vsa62.tawk.toConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.regie.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: +2RaDP2lMo3c4t4K+4cCvw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /s/?k=6653da45ef55153d25d2e7ed&cver=0&pop=false&asver=71003&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUiLCJ2aWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUtOGJQRTY2U1hmeVN6RU1tS3dwOV95Iiwic2lkIjoiNjY1M2RhNDVlZjU1MTUzZDI1ZDJlN2VkIiwiaWF0IjoxNzE2NzcxMzk3LCJleHAiOjE3MTY3NzMxOTcsImp0aSI6ImM5RkIxdl9Mdkd5czd5OEdkVHd4RyJ9.mLkPoJy5X-5C1B7LveUsnsACBhY-P4XUXR6CYvaMQiksChc7IotpP2xD6z9TV6hej6psh1zKY-y1MKn5bxwYcA&EIO=3&transport=websocket&__t=O-tZAzV HTTP/1.1Host: vsa108.tawk.toConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.regie.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: 8rgobneYncT9VhFSk4SIFA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /s/?k=6653da45ef55153d25d2e7ed&cver=0&pop=false&asver=71003&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUiLCJ2aWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUtOGJQRTY2U1hmeVN6RU1tS3dwOV95Iiwic2lkIjoiNjY1M2RhNDVlZjU1MTUzZDI1ZDJlN2VkIiwiaWF0IjoxNzE2NzcxMzk3LCJleHAiOjE3MTY3NzMxOTcsImp0aSI6ImM5RkIxdl9Mdkd5czd5OEdkVHd4RyJ9.mLkPoJy5X-5C1B7LveUsnsACBhY-P4XUXR6CYvaMQiksChc7IotpP2xD6z9TV6hej6psh1zKY-y1MKn5bxwYcA&EIO=3&transport=websocket&__t=O-tZBar HTTP/1.1Host: vsa3.tawk.toConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.regie.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: 2hHcjQMDG5XRsHm+jI1wtQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=FwpMAoFPGlE1SmU&MD=MH8novzg HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com

Source: chromecache_236.4.dr	String found in binary or memory: Regie.ai. All rights reserved.</div><a href="/privacy-policy" class="footer_legal-link">Privacy Policy</a><a href="/terms-and-conditions" class="footer_legal-link">Terms and Conditions</a></div><div class="w-layout-grid footer_social-icons"><a href="https://www.facebook.com/regieai" target="_blank" class="footer_social-link w-inline-block"><div class="icon-embed-xsmall w-embed"><svg width="100%" height="100%" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"> equals www.facebook.com (Facebook)
Source: chromecache_236.4.dr	String found in binary or memory: </svg></div></a><a href="https://twitter.com/regieai" target="_blank" class="footer_social-link w-inline-block"><div class="icon-embed-xsmall w-embed"><svg width="100%" height="100%" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"> equals www.twitter.com (Twitter)
Source: chromecache_236.4.dr	String found in binary or memory: </svg></div></a><a href="https://www.linkedin.com/company/regie-ai" target="_blank" class="footer_social-link w-inline-block"><div class="icon-embed-xsmall w-embed"><svg width="100%" height="100%" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"> equals www.linkedin.com (Linkedin)
Source: chromecache_235.4.dr	String found in binary or memory: Math.round(p);u["gtm.videoCurrentTime"]=Math.round(q);u["gtm.videoElapsedTime"]=Math.round(f);u["gtm.videoPercent"]=r;u["gtm.videoVisible"]=t;return u},bk:function(){e=Db()},pd:function(){d()}}};var ic=ma(["data-gtm-yt-inspected-"]),GC=["www.youtube.com","www.youtube-nocookie.com"],HC,IC=!1; equals www.youtube.com (Youtube)
Source: chromecache_235.4.dr	String found in binary or memory: e\|\|f\|\|g.length\|\|h.length))return;var n={Wg:d,Ug:e,Vg:f,Lh:g,Mh:h,xe:m,Ab:b},p=G.YT,q=function(){OC(n)};if(p)return p.ready&&p.ready(q),b;var r=G.onYouTubeIframeAPIReady;G.onYouTubeIframeAPIReady=function(){r&&r();q()};I(function(){for(var t=H.getElementsByTagName("script"),v=t.length,u=0;u<v;u++){var w=t[u].getAttribute("src");if(RC(w,"iframe_api")\|\|RC(w,"player_api"))return b}for(var y=H.getElementsByTagName("iframe"),x=y.length,B=0;B<x;B++)if(!IC&&PC(y[B],n.xe))return yc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: chromecache_247.4.dr	String found in binary or memory: return b}EC.K="internal.enableAutoEventOnTimer";var ic=ma(["data-gtm-yt-inspected-"]),GC=["www.youtube.com","www.youtube-nocookie.com"],HC,IC=!1; equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.regie.ai
Source: global traffic	DNS traffic detected: DNS query: apis.google.com
Source: global traffic	DNS traffic detected: DNS query: assets-global.website-files.com
Source: global traffic	DNS traffic detected: DNS query: cdn-cookieyes.com
Source: global traffic	DNS traffic detected: DNS query: d3e54v103j8qbb.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: script.crazyegg.com
Source: global traffic	DNS traffic detected: DNS query: log.cookieyes.com
Source: global traffic	DNS traffic detected: DNS query: cdn.embedly.com
Source: global traffic	DNS traffic detected: DNS query: uploads-ssl.webflow.com
Source: global traffic	DNS traffic detected: DNS query: munchkin.marketo.net
Source: global traffic	DNS traffic detected: DNS query: www.clarity.ms
Source: global traffic	DNS traffic detected: DNS query: regie.referralrock.com
Source: global traffic	DNS traffic detected: DNS query: player.vimeo.com
Source: global traffic	DNS traffic detected: DNS query: fresnel.vimeocdn.com
Source: global traffic	DNS traffic detected: DNS query: i.vimeocdn.com
Source: global traffic	DNS traffic detected: DNS query: f.vimeocdn.com
Source: global traffic	DNS traffic detected: DNS query: 445-tii-243.mktoresp.com
Source: global traffic	DNS traffic detected: DNS query: s.clarity.ms
Source: global traffic	DNS traffic detected: DNS query: directory.cookieyes.com
Source: global traffic	DNS traffic detected: DNS query: vimeo.com
Source: global traffic	DNS traffic detected: DNS query: c.clarity.ms
Source: global traffic	DNS traffic detected: DNS query: embed.tawk.to
Source: global traffic	DNS traffic detected: DNS query: snap.licdn.com
Source: global traffic	DNS traffic detected: DNS query: px.ads.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: va.tawk.to
Source: global traffic	DNS traffic detected: DNS query: td.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: analytics.google.com
Source: global traffic	DNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: pagestates-tracking.crazyegg.com
Source: global traffic	DNS traffic detected: DNS query: assets-tracking.crazyegg.com
Source: global traffic	DNS traffic detected: DNS query: www.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: vsa26.tawk.to
Source: global traffic	DNS traffic detected: DNS query: tracking.crazyegg.com
Source: global traffic	DNS traffic detected: DNS query: vsa35.tawk.to
Source: global traffic	DNS traffic detected: DNS query: cdn.jsdelivr.net
Source: global traffic	DNS traffic detected: DNS query: vsa62.tawk.to
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: vsa108.tawk.to
Source: global traffic	DNS traffic detected: DNS query: vsa3.tawk.to

Source: unknown

HTTP traffic detected: POST /log?format=json&hasfast=true HTTP/1.1Host: play.google.comConnection: keep-aliveContent-Length: 910sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencoded;charset=UTF-8Accept: */*Origin: chrome-untrusted://new-tab-pageX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_215.4.dr	String found in binary or memory: http://chat.regie.ai
Source: content.js.LICENSE.txt	String found in binary or memory: http://jedwatson.github.io/classnames
Source: background.js.LICENSE.txt, content.js.LICENSE.txt, options.js.LICENSE.txt, popup.js.LICENSE.txt	String found in binary or memory: http://underscorejs.org/LICENSE
Source: chromecache_170.4.dr	String found in binary or memory: http://www.broofa.com
Source: chromecache_238.4.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: chromecache_238.4.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
Source: chromecache_235.4.dr, chromecache_247.4.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_235.4.dr, chromecache_247.4.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_170.4.dr, chromecache_238.4.dr	String found in binary or memory: https://apis.google.com
Source: chromecache_236.4.dr	String found in binary or memory: https://app.regie.ai/signin
Source: chromecache_236.4.dr	String found in binary or memory: https://app.regie.ai/signup
Source: manifest.json	String found in binary or memory: https://app.salesloft.com/
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/6595d5a2cf94e0382796503a_favicon.sv
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/6595d5a6b0458ca6fede8d34_webclip.sv
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/659eb5e5bd8157098fb7f412_soc2.png
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/659eb5e5bd8157098fb7f414_gdpr.png
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/65ac11d7e7f9caa582bcc887_og%20img.j
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/65cce0b13936557bb5f48dbd_g2%20revie
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/660705a00232456f70c9310b_AISalesAss
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/660705a030fadcc8f8950075_AISalesAss
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/660705a055907c31e5e35e92_AISalesAss
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/660705a0954ad7922c498aaf_AISalesAss
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/css/regie-ai-staging.97281fbbf.min.
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/js/regie-ai-staging.61876242e.js
Source: content.js, options.js, popup.js	String found in binary or memory: https://bit.ly
Source: chromecache_235.4.dr, chromecache_247.4.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_236.4.dr	String found in binary or memory: https://cdn-cookieyes.com/client_data/ad7f10b5f55ce13492462bf7/script.js
Source: chromecache_236.4.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/typed.js/2.0.10/typed.min.js
Source: manifest.json	String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: chromecache_238.4.dr	String found in binary or memory: https://clients6.google.com
Source: chromecache_249.4.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_249.4.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_238.4.dr	String found in binary or memory: https://content.googleapis.com
Source: chromecache_238.4.dr	String found in binary or memory: https://csp.withgoogle.com/csp/lcreport/
Source: chromecache_236.4.dr	String found in binary or memory: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6595d530bcf001adceb2121
Source: chromecache_249.4.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_249.4.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_249.4.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_173.4.dr, chromecache_168.4.dr	String found in binary or memory: https://developers.marketo.com/MunchkinLicense.pdf
Source: chromecache_238.4.dr	String found in binary or memory: https://domains.google.com/suggest/flow
Source: chromecache_236.4.dr	String found in binary or memory: https://embed.tawk.to/6467a768ad80445890edf29e/1h96864fg
Source: chromecache_165.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-app.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-arr-find-polyfill.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-vendors.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-entries-polyfill.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-event-polyfill.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-iterator-polyfill.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-main.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-object-values-polyfill.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-promise-polyfill.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-vendor.js
Source: background.js.LICENSE.txt, content.js.LICENSE.txt, options.js.LICENSE.txt, popup.js.LICENSE.txt	String found in binary or memory: https://feross.org
Source: popup.js.LICENSE.txt	String found in binary or memory: https://feross.org/opensource
Source: index.html	String found in binary or memory: https://fonts.googleapis.com/css2?family=Inter:wght
Source: chromecache_170.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey200-36dp/2x/gm_alert_gm_grey200_3
Source: chromecache_170.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey600-36dp/2x/gm_alert_gm_grey600_3
Source: chromecache_170.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey200-24dp/1x/gm_close_gm_grey200_2
Source: chromecache_170.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey600-24dp/1x/gm_close_gm_grey600_2
Source: content.js.LICENSE.txt	String found in binary or memory: https://github.com/MikeMcl/decimal.js-light/LICENCE
Source: content.js.LICENSE.txt	String found in binary or memory: https://github.com/cssinjs/jss
Source: content.js.LICENSE.txt, popup.js.LICENSE.txt	String found in binary or memory: https://github.com/focus-trap/tabbable/blob/master/LICENSE
Source: background.js.LICENSE.txt, content.js.LICENSE.txt, options.js.LICENSE.txt, popup.js.LICENSE.txt	String found in binary or memory: https://github.com/jonschlinkert/repeat-string
Source: chromecache_200.4.dr	String found in binary or memory: https://github.com/mattboldt/typed.js
Source: chromecache_172.4.dr	String found in binary or memory: https://github.com/microsoft/clarity
Source: popup.js	String found in binary or memory: https://github.com/zloirock/core-js
Source: popup.js	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.36.1/LICENSE
Source: chromecache_247.4.dr	String found in binary or memory: https://google.com
Source: chromecache_247.4.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_236.4.dr	String found in binary or memory: https://help.regie.ai/
Source: chromecache_248.4.dr	String found in binary or memory: https://help.vimeo.com/hc/en-us/articles/115015677227-Troubleshoot-player-error-messages
Source: manifest.json	String found in binary or memory: https://linkedin.com/
Source: background.js.LICENSE.txt, content.js.LICENSE.txt, options.js.LICENSE.txt, popup.js.LICENSE.txt	String found in binary or memory: https://lodash.com/
Source: background.js.LICENSE.txt, content.js.LICENSE.txt, options.js.LICENSE.txt, popup.js.LICENSE.txt	String found in binary or memory: https://lodash.com/license
Source: manifest.json	String found in binary or memory: https://mail.google.com/
Source: chromecache_236.4.dr	String found in binary or memory: https://mail.google.com/mail/u/0/#inbox
Source: chromecache_236.4.dr	String found in binary or memory: https://my.regie.ai/demo.html
Source: background.js.LICENSE.txt, content.js.LICENSE.txt, options.js.LICENSE.txt, popup.js.LICENSE.txt	String found in binary or memory: https://openjsf.org/
Source: manifest.json	String found in binary or memory: https://outlook.live.com/
Source: manifest.json	String found in binary or memory: https://outlook.live.com/mail/
Source: manifest.json	String found in binary or memory: https://outlook.office.com/
Source: manifest.json	String found in binary or memory: https://outlook.office.com/mail/
Source: manifest.json	String found in binary or memory: https://outlook.office365.com/
Source: manifest.json	String found in binary or memory: https://outlook.office365.com/mail/
Source: chromecache_247.4.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_235.4.dr, chromecache_247.4.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_170.4.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_248.4.dr, chromecache_239.4.dr	String found in binary or memory: https://player.vimeo.com/NOTICE.txt
Source: chromecache_238.4.dr	String found in binary or memory: https://plus.google.com
Source: chromecache_238.4.dr	String found in binary or memory: https://plus.googleapis.com
Source: chromecache_249.4.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_247.4.dr	String found in binary or memory: https://snap.licdn.com/li.lms-analytics/insight.min.js
Source: chromecache_235.4.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_249.4.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_249.4.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_249.4.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_249.4.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_235.4.dr, chromecache_247.4.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_236.4.dr	String found in binary or memory: https://twitter.com/regieai
Source: chromecache_198.4.dr	String found in binary or memory: https://vimeo.com/ablincoln/vuid
Source: chromecache_238.4.dr	String found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
Source: chromecache_249.4.dr	String found in binary or memory: https://www.apache.org/licenses/
Source: chromecache_236.4.dr	String found in binary or memory: https://www.clarity.ms/tag/
Source: chromecache_247.4.dr	String found in binary or memory: https://www.google.com
Source: chromecache_236.4.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js
Source: chromecache_249.4.dr, chromecache_211.4.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_247.4.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_238.4.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.me
Source: chromecache_238.4.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
Source: chromecache_235.4.dr, chromecache_247.4.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_247.4.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_236.4.dr	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: chromecache_236.4.dr	String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-K6BS4LM
Source: chromecache_249.4.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/recaptcha__.
Source: chromecache_170.4.dr	String found in binary or memory: https://www.gstatic.com/gb/html/afbp.html
Source: chromecache_170.4.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_medium.css
Source: chromecache_170.4.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_small.css
Source: chromecache_211.4.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/recaptcha__en.js
Source: chromecache_236.4.dr	String found in binary or memory: https://www.linkedin.com/company/regie-ai
Source: chromecache_235.4.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_164.4.dr	String found in binary or memory: https://www.npmjs.com/package/uglify-js
Source: chromecache_236.4.dr	String found in binary or memory: https://www.regie.ai/guide
Source: chromecache_215.4.dr	String found in binary or memory: https://www.regie.ai/privacy-policy
Source: chromecache_236.4.dr	String found in binary or memory: https://www.regie.ai/teams
Source: content.js.LICENSE.txt, options.js.LICENSE.txt, popup.js.LICENSE.txt	String found in binary or memory: https://www.xarg.org/2014/03/rational-numbers-in-javascript/
Source: chromecache_235.4.dr	String found in binary or memory: https://www.youtube.com/iframe_api

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49812 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49896 version: TLS 1.2

Source: classification engine

Classification label: clean3.winCRX@36/217@92/30

Source: C:\Windows\System32\conhost.exe

Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7512:120:WilError_03

Source: C:\Windows\System32\7za.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: unknown	Process created: C:\Windows\System32\7za.exe 7za.exe x -oC:\chrome "C:\Users\user\Desktop\EFLHGAMMLCOFELHAGIOEGONGHDMHABMK_1_5_7_0.crx"
Source: C:\Windows\System32\7za.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --load-extension=C:\chrome
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=2020,i,15598263287833827349,18053311792611108520,262144 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=2020,i,15598263287833827349,18053311792611108520,262144 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Windows\System32\7za.exe

Section loaded: 7z.dll

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: EFLHGAMMLCOFELHAGIOEGONGHDMHABMK_1_5_7_0.crx

Static file information: File size 5797900 > 1048576

Installs a Chrome extension

Source: unknown

Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --load-extension=C:\chrome

Source: C:\Windows\System32\7za.exe	File created: C:\chrome\background\background.js.LICENSE.txt	Jump to behavior
Source: C:\Windows\System32\7za.exe	File created: C:\chrome\content\content.js.LICENSE.txt	Jump to behavior
Source: C:\Windows\System32\7za.exe	File created: C:\chrome\options\options.js.LICENSE.txt	Jump to behavior
Source: C:\Windows\System32\7za.exe	File created: C:\chrome\popup\popup.js.LICENSE.txt	Jump to behavior

Sample execution stops while process was sleeping (likely an evasion)

Source: C:\Windows\System32\conhost.exe

Last function: Thread delayed

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
192.28.144.124	445-tii-243.mktoresp.com	United States	15224	OMNITUREUS	false
13.107.246.45	s-part-0017.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
18.239.69.90	d3vmvmej3wjbxn.cloudfront.net	United States	16509	AMAZON-02US	false
146.75.118.109	vimeo-video.map.fastly.net	Sweden	30051	SCCGOVUS	false
54.171.224.241	tracking.crazyegg.com	United States	16509	AMAZON-02US	false
142.250.186.110	play.google.com	United States	15169	GOOGLEUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
18.66.122.57	assets-tracking.crazyegg.com	United States	3	MIT-GATEWAYSUS	false
216.239.32.181	analytics-alv.google.com	United States	15169	GOOGLEUS	false
18.202.136.23	event-log-producer-alb-1487800978.eu-west-1.elb.amazonaws.com	United States	16509	AMAZON-02US	false
63.35.51.142	proxy-ssl-geo.webflow.com	United States	16509	AMAZON-02US	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
172.217.23.100	www.google.com	United States	15169	GOOGLEUS	false
142.250.186.142	plus.l.google.com	United States	15169	GOOGLEUS	false
104.17.25.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
104.22.59.91	cdn-cookieyes.com	United States	13335	CLOUDFLARENETUS	false
64.233.167.157	stats.g.doubleclick.net	United States	15169	GOOGLEUS	false
104.22.25.131	embed.tawk.to	United States	13335	CLOUDFLARENETUS	false
151.101.128.217	vimeo.map.fastly.net	United States	54113	FASTLYUS	false
142.250.186.132	unknown	United States	15169	GOOGLEUS	false
13.35.58.40	pagestates-tracking.crazyegg.com	United States	16509	AMAZON-02US	false
104.22.24.131	vsa26.tawk.to	United States	13335	CLOUDFLARENETUS	false
54.72.199.181	log.cookieyes.com	United States	16509	AMAZON-02US	false
52.222.232.39	d3e54v103j8qbb.cloudfront.net	United States	16509	AMAZON-02US	false
18.66.112.105	uploads-ssl.webflow.com	United States	3	MIT-GATEWAYSUS	false
34.120.202.204	fresnel.vimeocdn.com	United States	15169	GOOGLEUS	false
20.75.106.146	regie.referralrock.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.185.130	td.doubleclick.net	United States	15169	GOOGLEUS	false
172.67.38.66	va.tawk.to	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
event-log-producer-alb-1487800978.eu-west-1.elb.amazonaws.com	18.202.136.23	true
cdn-cookieyes.com	104.22.59.91	true
vsa26.tawk.to	104.22.24.131	true
stats.g.doubleclick.net	64.233.167.157	true
proxy-ssl-geo.webflow.com	63.35.51.142	true
embed.tawk.to	104.22.25.131	true
va.tawk.to	172.67.38.66	true
pagestates-tracking.crazyegg.com	13.35.58.40	true
fresnel.vimeocdn.com	34.120.202.204	true
cdnjs.cloudflare.com	104.17.25.14	true
vsa62.tawk.to	172.67.38.66	true
www.google.com	172.217.23.100	true
uploads-ssl.webflow.com	18.66.112.105	true
a.nel.cloudflare.com	35.190.80.1	true
plus.l.google.com	142.250.186.142	true
s-part-0017.t-0009.t-msedge.net	13.107.246.45	true
vsa3.tawk.to	104.22.24.131	true
regie.referralrock.com	20.75.106.146	true
vimeo.com	162.159.138.60	true
d3e54v103j8qbb.cloudfront.net	52.222.232.39	true
vimeo.map.fastly.net	151.101.128.217	true
analytics-alv.google.com	216.239.32.181	true
vsa35.tawk.to	172.67.38.66	true
play.google.com	142.250.186.110	true
d3vmvmej3wjbxn.cloudfront.net	18.239.69.90	true
assets-tracking.crazyegg.com	18.66.122.57	true
vsa108.tawk.to	104.22.24.131	true
td.doubleclick.net	142.250.185.130	true
445-tii-243.mktoresp.com	192.28.144.124	true
log.cookieyes.com	54.72.199.181	true
tracking.crazyegg.com	54.171.224.241	true
vimeo-video.map.fastly.net	146.75.118.109	true
cdn.embedly.com	unknown	unknown
cdn.jsdelivr.net	unknown	unknown
i.vimeocdn.com	unknown	unknown
script.crazyegg.com	unknown	unknown
s.clarity.ms	unknown	unknown
assets-global.website-files.com	unknown	unknown
f.vimeocdn.com	unknown	unknown
c.clarity.ms	unknown	unknown
www.clarity.ms	unknown	unknown
www.linkedin.com	unknown	unknown
px.ads.linkedin.com	unknown	unknown
munchkin.marketo.net	unknown	unknown
directory.cookieyes.com	unknown	unknown
snap.licdn.com	unknown	unknown
player.vimeo.com	unknown	unknown
analytics.google.com	unknown	unknown
www.regie.ai	unknown	unknown
apis.google.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://cdn-cookieyes.com/client_data/ad7f10b5f55ce13492462bf7/banner.js	false	Avira URL Cloud: safe	unknown
https://tracking.crazyegg.com/clock?t=1716771396902&tk=9a0026c5e1bbfc5dd98a1e8834d029ad&s=439622&p=%2Fguide&u=1225022&v=4ec8479886ddfb1ebcf52ccefa93bb8c0291e519&f=regie.ai%2Fguide&ul=https%3A%2F%2Fwww.regie.ai%2Fguide	false	Avira URL Cloud: safe	unknown
https://cdnjs.cloudflare.com/ajax/libs/typed.js/2.0.10/typed.min.js	false	Avira URL Cloud: safe	unknown
https://assets-global.website-files.com/659c1e1d52015e0951d980e6/65a2b8a1cf52ccbdc4e72313_Demandbase.svg	false	Avira URL Cloud: safe	unknown
https://analytics.google.com/g/collect?v=2&tid=G-VMFY9K9RPE&gtm=45je45m0v875973908z8847818946za200zb847818946&_p=1716771380484&_gaz=1&gcs=G111&gcd=13n3n3n3n5&npa=0&dma=0&cid=1151382789.1716771394&ul=en-us&sr=1280x1024&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1716771394&sct=1&seg=0&dl=https%3A%2F%2Fwww.regie.ai%2Fguide&dt=Extension%20Guide&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true&tfd=18595	false	Avira URL Cloud: safe	unknown
https://www.clarity.ms/tag/8l7e5v9c7i	false	Avira URL Cloud: safe	unknown
https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-9294da6c.js	false	Avira URL Cloud: safe	unknown
https://pagestates-tracking.crazyegg.com/healthcheck	false	Avira URL Cloud: safe	unknown
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VMFY9K9RPE&cid=1151382789.1716771394&gtm=45je45m0v875973908z8847818946za200zb847818946&aip=1&dma=0&gcs=G111&gcd=13n3n3n3n5&npa=0&frm=0	false	Avira URL Cloud: safe	unknown
https://vsa35.tawk.to/s/?k=6653da45ef55153d25d2e7ed&cver=0&pop=false&asver=71003&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUiLCJ2aWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUtOGJQRTY2U1hmeVN6RU1tS3dwOV95Iiwic2lkIjoiNjY1M2RhNDVlZjU1MTUzZDI1ZDJlN2VkIiwiaWF0IjoxNzE2NzcxMzk3LCJleHAiOjE3MTY3NzMxOTcsImp0aSI6ImM5RkIxdl9Mdkd5czd5OEdkVHd4RyJ9.mLkPoJy5X-5C1B7LveUsnsACBhY-P4XUXR6CYvaMQiksChc7IotpP2xD6z9TV6hej6psh1zKY-y1MKn5bxwYcA&EIO=3&transport=websocket&__t=O-tZA7v	false	Avira URL Cloud: safe	unknown
https://assets-global.website-files.com/659c1e1d52015e0951d980e6/65a2b8244621b6acf897770e_Bombora.svg	false	Avira URL Cloud: safe	unknown
https://f.vimeocdn.com/p/4.33.8/js/player.module.js	false	Avira URL Cloud: safe	unknown
https://i.vimeocdn.com/video/1610534409-9fe328546a507cc31d2ae788b030cb1e446a62b26b144c89985f09538f7da33b-d?mw=800&mh=450	false	Avira URL Cloud: safe	unknown
https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-24d8db78.js	false	Avira URL Cloud: safe	unknown
https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0	false	Avira URL Cloud: safe	unknown
https://assets-global.website-files.com/659c1e1d52015e0951d980e6/65a2b69df23e0308ab135b5b_Outreach.svg	false	Avira URL Cloud: safe	unknown
https://assets-global.website-files.com/6595d530bcf001adceb21212/css/regie-ai-staging.97281fbbf.min.css	false	Avira URL Cloud: safe	unknown
https://assets-global.website-files.com/6595d530bcf001adceb21212/659eb5e5bd8157098fb7f414_gdpr.png	false	Avira URL Cloud: safe	unknown
https://vsa26.tawk.to/s/?k=6653da45ef55153d25d2e7ed&cver=0&pop=false&asver=71003&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUiLCJ2aWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUtOGJQRTY2U1hmeVN6RU1tS3dwOV95Iiwic2lkIjoiNjY1M2RhNDVlZjU1MTUzZDI1ZDJlN2VkIiwiaWF0IjoxNzE2NzcxMzk3LCJleHAiOjE3MTY3NzMxOTcsImp0aSI6ImM5RkIxdl9Mdkd5czd5OEdkVHd4RyJ9.mLkPoJy5X-5C1B7LveUsnsACBhY-P4XUXR6CYvaMQiksChc7IotpP2xD6z9TV6hej6psh1zKY-y1MKn5bxwYcA&EIO=3&transport=websocket&__t=O-tZ9l1	false	Avira URL Cloud: safe	unknown
https://www.regie.ai/guide	false	Avira URL Cloud: safe	unknown
https://vsa108.tawk.to/s/?k=6653da45ef55153d25d2e7ed&cver=0&pop=false&asver=71003&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUiLCJ2aWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUtOGJQRTY2U1hmeVN6RU1tS3dwOV95Iiwic2lkIjoiNjY1M2RhNDVlZjU1MTUzZDI1ZDJlN2VkIiwiaWF0IjoxNzE2NzcxMzk3LCJleHAiOjE3MTY3NzMxOTcsImp0aSI6ImM5RkIxdl9Mdkd5czd5OEdkVHd4RyJ9.mLkPoJy5X-5C1B7LveUsnsACBhY-P4XUXR6CYvaMQiksChc7IotpP2xD6z9TV6hej6psh1zKY-y1MKn5bxwYcA&EIO=3&transport=websocket&__t=O-tZAzV	false	Avira URL Cloud: safe	unknown
https://cdn-cookieyes.com/client_data/ad7f10b5f55ce13492462bf7/audit-table/g-zYDNcw.json	false	Avira URL Cloud: safe	unknown
https://embed.tawk.to/_s/v4/app/6625f366c87/css/min-widget.css	false	Avira URL Cloud: safe	unknown
https://assets-global.website-files.com/6595d530bcf001adceb21212/js/regie-ai-staging.61876242e.js	false	Avira URL Cloud: safe	unknown
https://assets-global.website-files.com/6595d530bcf001adceb21212/660705a055907c31e5e35e92_AISalesAssistant_MostImplementable_Mid-Market_Total.svg	false	Avira URL Cloud: safe	unknown
https://assets-global.website-files.com/6595d530bcf001adceb21212/65cce0b13936557bb5f48dbd_g2%20review.svg	false	Avira URL Cloud: safe	unknown
https://analytics.google.com/g/collect?v=2&tid=G-VMFY9K9RPE&gtm=45je45m0v875973908z8847818946za200zb847818946&_p=1716771380484&gcs=G111&gcd=13n3n3n3n5&npa=0&dma=0&cid=1151382789.1716771394&ul=en-us&sr=1280x1024&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&sid=1716771394&sct=1&seg=0&dl=https%3A%2F%2Fwww.regie.ai%2Fguide&dt=Extension%20Guide&_s=2&tfd=23629	false	Avira URL Cloud: safe	unknown
https://assets-global.website-files.com/6595d530bcf001adceb21212/660705a030fadcc8f8950075_AISalesAssistant_HighPerformer_Americas_HighPerformer.svg	false	Avira URL Cloud: safe	unknown
https://vsa62.tawk.to/s/?k=6653da45ef55153d25d2e7ed&cver=0&pop=false&asver=71003&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUiLCJ2aWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUtOGJQRTY2U1hmeVN6RU1tS3dwOV95Iiwic2lkIjoiNjY1M2RhNDVlZjU1MTUzZDI1ZDJlN2VkIiwiaWF0IjoxNzE2NzcxMzk3LCJleHAiOjE3MTY3NzMxOTcsImp0aSI6ImM5RkIxdl9Mdkd5czd5OEdkVHd4RyJ9.mLkPoJy5X-5C1B7LveUsnsACBhY-P4XUXR6CYvaMQiksChc7IotpP2xD6z9TV6hej6psh1zKY-y1MKn5bxwYcA&EIO=3&transport=websocket&__t=O-tZAXt	false	Avira URL Cloud: safe	unknown
https://play.google.com/log?format=json&hasfast=true	false	Avira URL Cloud: safe	unknown
https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b383d.js	false	Avira URL Cloud: safe	unknown
https://assets-global.website-files.com/659c1e1d52015e0951d980e6/65a2b839d1e58aba55b31ca4_ZoomInfo.svg	false	Avira URL Cloud: safe	unknown
https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js	false	Avira URL Cloud: safe	unknown
https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js	false	Avira URL Cloud: safe	unknown
https://regie.referralrock.com/ReferralSdk/referral.js?referrer=https%3A%2F%2Fwww.regie.ai%2Fguide	false	Avira URL Cloud: safe	unknown
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SCWmpDDGjPk.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_Pl64J0IIHlj2zBtEJ3ZwdaJC3HA/cb=gapi.loaded_0	false	URL Reputation: safe	unknown
https://assets-global.website-files.com/6595d530bcf001adceb21212/660705a00232456f70c9310b_AISalesAssistant_BestResults_Mid-Market_Total.svg	false	Avira URL Cloud: safe	unknown
https://cdn-cookieyes.com/client_data/ad7f10b5f55ce13492462bf7/script.js	false	Avira URL Cloud: safe	unknown
https://embed.tawk.to/_s/v4/app/6625f366c87/css/message-preview.css	false	Avira URL Cloud: safe	unknown
https://f.vimeocdn.com/p/4.33.8/css/player.css	false	Avira URL Cloud: safe	unknown
https://td.doubleclick.net/td/ga/rul?tid=G-VMFY9K9RPE&gacid=1151382789.1716771394&gtm=45je45m0v875973908z8847818946za200zb847818946&dma=0&gcs=G111&gcd=13n3n3n3n5&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&z=2065376473	false	Avira URL Cloud: safe	unknown
https://i.vimeocdn.com/video/1610534409-9fe328546a507cc31d2ae788b030cb1e446a62b26b144c89985f09538f7da33b-d?mw=80&q=85	false	Avira URL Cloud: safe	unknown
https://assets-global.website-files.com/659c1e1d52015e0951d980e6/65a2b71ad1e58aba55b278ff_Apollo.io.svg	false	Avira URL Cloud: safe	unknown
https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js	false	Avira URL Cloud: safe	unknown
https://assets-global.website-files.com/659c1e1d52015e0951d980e6/65a2b87e05690f47e1871903_Cognism.svg	false	Avira URL Cloud: safe	unknown
https://va.tawk.to/v1/widget-settings?propertyId=6467a768ad80445890edf29e&widgetId=1h96864fg&sv=null	false	Avira URL Cloud: safe	unknown
https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b9454.js	false	Avira URL Cloud: safe	unknown
https://uploads-ssl.webflow.com/6595d530bcf001adceb21212/6595d6275aa95166710ff207_PPMori-RegularItalic.woff2	false	Avira URL Cloud: safe	unknown
https://assets-global.website-files.com/659c1e1d52015e0951d980e6/65a2b6f4604428bacd4be796_Salesloft.svg	false	Avira URL Cloud: safe	unknown
https://cdn-cookieyes.com/client_data/ad7f10b5f55ce13492462bf7/1gpZw5Pt.json	false	Avira URL Cloud: safe	unknown
https://embed.tawk.to/_s/v4/app/6625f366c87/css/max-widget.css	false	Avira URL Cloud: safe	unknown
https://assets-global.website-files.com/6595d530bcf001adceb21212/660705a0954ad7922c498aaf_AISalesAssistant_MomentumLeader_Leader.svg	false	Avira URL Cloud: safe	unknown

Name	Type	MD5	SHA1	SHA256
C:\chrome\154\154.js	ASCII text, with very long lines (4577)	48A9111834B6B73470B18AE6151F2E07	479E90C70DE485CD5847DDDB23174E208CF11E1C	650958ABD771CCCFB1A3C7069D83247A5E822AFC1F0C40E43A68AE4078ED411A
C:\chrome\273\273.js	ASCII text, with very long lines (1987)	ED6CDFA1A048066FD35E9C2EC38452BA	066D6FEAF7841194A6C920BFF1CF788D215695F9	C53698FCD4CBD1CD3592CFC2FC3BD09E715DC85D845A27DA386F1F3C8A40976B
C:\chrome\532\532.js	ASCII text	C7007A11F06CC2C12BF494D2E16A6228	C16085023DD305E14DC4CFAA099142F8241564B2	F7B32F8293FC32C1F4641A1922A7E38E24C78F4E05149033AC3E43E6CB1EFF66
C:\chrome\786\786.js	ASCII text, with very long lines (311)	56D751F6B7C36D198233B25CC0B352D9	4AE296902D217B9F31A63570FC32A0D4FC927EBA	EC5E32A179C0F87DC1D1B7A14B3E872D7F5D89D0D84876575EDC5DDB42D9546F
C:\chrome\986\986.js	HTML document, ASCII text, with very long lines (10802)	8A8538DB140952A0D02B8028D6530A98	248AEEFAEAD9098D7CDFA8E44D53A52FCF5885C8	7DFE1188B2AEE17A31A693A5FC80E740F56B72AFC5BB3A0415C2013DAF142CFF
C:\chrome\_locales\en\messages.json	JSON data	EA7CEB5B2A191526A1D2E2D863706606	3FCEC293FB2C87A171031535B4B6059789260DA2	0AD0196DE9FB7967070B4E2E61F821DAA84DD5CE97F7AC38704796B6E2C97603
C:\chrome\_metadata\verified_contents.json	JSON data	01C42D7A83EADFF4D2ECA3202AA0AD98	FF8E3A0BFDF2C252B3D461C2C0767D93F61A67FB	E50B66AB14B4A4B965C7F18812C726E0FCC30ABB89F57137CE425ACC73952AB8
C:\chrome\assets\css\style.css	ASCII text, with no line terminators	66448B759BE873AC94DDDD5F9D668DEA	2130F8BF02392D273B13AD57A3AD5BB79ACEE7CE	FCCFAF669F9DC8F1D25627A5283DA305D7B4B75B3768CA8093FE3AAE5BCFCF0B
C:\chrome\assets\icons\icon128.png	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced	ACFAC4E15292355C5DA682ADD006D0A3	48BD62C3EFE634298F9B374E3719D5CCEBA77CEA	A0E1E2E54925393734529D28381BF669180AB7CCBA648E86386E3A1D50E0B617
C:\chrome\assets\icons\icon16.png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	4B7F472A1383BAA93285B7B2A7B511AD	97E13F43EA8F76F30D82BD5CE6EE31994E2CFA41	AA71753FBA59E29A28BA33A8E35EB73B6EB06E1095001946C16661EB5645AFC5
C:\chrome\assets\icons\icon32.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	D83524C9EEEA671FFF3FFCC9BAF0AF93	F1C58333D619EF2B1DFED4DAA9A342E4269CB0DF	BCF53A94DC38CB60C936002C4337BB730DB440FA230ACDD6D74898E99D773714
C:\chrome\assets\icons\icon48.png	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	45C02CDDADDB4640619500B9659CCCC3	D7315356E212D2D82C3401455D8DF3A0EEE79AD0	54C1EF89A5674D4F8D2662A86CBAB473BCA40E21D7F758A766A7487379B686A0
C:\chrome\assets\img\close.svg	SVG Scalable Vector Graphics image	9BFF8D4D72C66C304C14FE7167D82B92	7C8F2741045225B1D5C6FD373943467D097C9480	B037F892BD697075BE38195D8DFBBBFF360B080C70CA682E38FE8BEE2EFDACB7
C:\chrome\assets\img\graph.svg	SVG Scalable Vector Graphics image	6547C0DDCEBA709C50E48B7BA9D793E3	DCBF17CDF81D7B5D3F5D4288F7794CA55A97ABEA	25A852D7A2758F32CD9CA16488A01767C40748C6272E52543334226412784329
C:\chrome\assets\img\help.svg	SVG Scalable Vector Graphics image	CE2250DC87541CD85450D1139D66DAB9	5E6EA6F11CC61E87817EDAA1867DD815B49C8E5A	90E8A5E0F1EBC2F4F9737F4FBD11DC653FE296E798DCE9DD847B2546EA084F6C
C:\chrome\assets\img\home.svg	SVG Scalable Vector Graphics image	7209CB49AF4BCE4C545E16A38C34C44E	A24D6987E1E8CB7A8C968772557F8AA71FB1BDCF	56CC456D258C3318CEC4F1E42A881CFDC20C4249FA86B1A739BC3575CA04E799
C:\chrome\assets\img\logo.svg	SVG Scalable Vector Graphics image	EE71E34A6FB6E6DB0E9154539AE8C44C	9CBA091FFC02358E7C066EC9373CB0FFC10E6FA7	03E9D2EE7128E8CB34556FBCB9065EDA0063BDDF69D23F95DF4B35C5A221D481
C:\chrome\assets\img\regie_loader.gif	GIF image data, version 89a, 250 x 250	3BC0732390C0116A96433EF73D12C286	9C17B6CAD260011408A543CEED05726980349A0C	34662F6AC2314DE27B51FF5B05156938C4DFD5706C710DD8277AE578224BC2E7
C:\chrome\assets\img\settings.svg	SVG Scalable Vector Graphics image	97AFF27D4D2A7BCEAEE8222D8C8A5D97	1660E5C9F7A6FC828374C8FADDE0289DAE576BED	2C3629D78EDEA932D8C3BC408D815ED542F7FFEF377FA6538EB707D9DA9A35E7
C:\chrome\background\background.js	ASCII text, with very long lines (65468)	289F6E0DF98414828630D057D93D792E	09D97A6767B2A8BD0533C2F23A59F53F909A3013	440A3FB955DEC9C18093957A5538B175DF7ACC3C2652B07D74C95416DFB49121
C:\chrome\background\background.js.LICENSE.txt	ASCII text	C8649120DFC81B850838B858370C89CE	9F84A83AD9CE06C230CCAC13A259DAAD1F713B37	E01D0C7C58C87C63BB956F25C8BA631A4826188B2C71481C9B14647C567CF924
C:\chrome\background\background_wrapper.js	ASCII text, with no line terminators	0D510BFD82C0D35137D431A9D3B9C1B1	1813E39CD9689EB72E2464B821429C4B686AFD7A	B32CC19F95C290F7C2F402BC68FBBF2C7CBDB28816E55E09AB56B4F9AEF059B9
C:\chrome\content\content.js	ASCII text, with very long lines (65471)	6EDFFFAEECC0416C1DDD70178DD25BAB	CA9F9E94F6AC7AEEEF96E27DF407FCD59460348D	B746D69311BBCE6434EDF6D34B2A70795018A2A491EF7A743E4F0E69D312D5A7
C:\chrome\content\content.js.LICENSE.txt	ASCII text	70EEA8C686C7D4381AFC5CD12BB259DB	A86EF601432674F7F7DACA8FD49CA21A487B7CF5	18386CF6C6EF0C6A6F0FB9530424D762542D918A41EF0F5F38DDEF821AEB9652
C:\chrome\manifest.json	JSON data	4EDEC48B5AB7C0F94FD1C85E990F2C37	B588E4D413EA85CB8CA4D4FBD62FD394D546B091	5BC81DFC5FDFEDD4E38C6A0BDE6BFBD62FB0DC4C87205C8A51156E99E375293D
C:\chrome\options\index.html	HTML document, ASCII text	8BFA1B87B42957AEF65543C9F1DA0279	B6760C0FF5C12C8BC2A5FB14F86C72460AA3E946	D77C7D3016A85B84805ADC738183D6B52E62361F370F60958EC46E73DA969C0C
C:\chrome\options\options.js	Unicode text, UTF-8 text, with very long lines (65469)	EE7209D9C8931C29BC58D094FF5934B4	06A5811EF4306B89337C5F91F38D7045BB819274	FF7C7A2755865FC4A1F2FFD5157B11A3038D85C6CC53779CE0C79EE22CC30860
C:\chrome\options\options.js.LICENSE.txt	ASCII text	903D4073328F7078D2028C36F5A5E1E5	54FB075757579695D66D4111A35E8F165948169B	61D3C555D67189646DBA58F0BD58D9B257FAFA844E280F930CAD6872236E7C72
C:\chrome\popup\index.html	HTML document, ASCII text	79206C8A8B3B95DCC28F1C12A6F6D92B	958495BE470BE3F42AADAD377947CED855F9A3AE	46918DA5C9A50C80239EE9DC5EBD2DF00CECB45781A795C16549C8FCA31D7F01
C:\chrome\popup\popup.js	ASCII text, with very long lines (65473)	F653B647612C73FC0E18FFFF14F0E97B	1509AE6E98F7B2CA44589862178A68B25B42FB0C	20D23BF2ECBD4BA67340B942CA6FD93381F34E201CDA3E6E79D8D974B45FE673
C:\chrome\popup\popup.js.LICENSE.txt	ASCII text	0C9C1873CEDADC5DDA83B0523B1C9DEA	4B114B16E062A90DBB02241CF74A124D80722AB3	812B09D01E271A3300DF65079689A6A616B989D84659995AE3CD5381131B40A8
Chrome Cache Entry: 157	SVG Scalable Vector Graphics image	C60B6CF3DBEC5FA7D5E32CAA6652CE71	AD7476167977D7E1C38D3698BEBAA6ABE28EBFD2	0DBD930DD040DB35981B4F9FE2E7F36F06E3F34929BF02D72972270CDAF15927
Chrome Cache Entry: 158	ASCII text, with no line terminators	DA5BB1DC647470204DF0E49F5AFAC2DE	F5CBF596CA5E4FE208E4C55AF6E45B71F9FEBBE8	705186BECC9E0A306A6B4867AE2768AA9DD3B8C12393D9F9C52029E9A6FCF31C
Chrome Cache Entry: 159	SVG Scalable Vector Graphics image	6E2A90A156A55320D1611AF59C3D1A65	91B258167398A4DBC48327FEBE1EAD6D0BC4EB12	6984F97F9B9FF8B99AE42567B54015A3573F6C17DF563D2C4994DE85373122F8
Chrome Cache Entry: 160	ASCII text, with CRLF, LF line terminators	7F37A030886EC7FCE1D065EC482789EE	661AD608AC1513E2CCDEC4CD55EB552A8604C8F6	75B20E74E3EFFA00E4B62B9DA6DF7D7542D91CB4B50078B8365112D556A73A7E
Chrome Cache Entry: 161	JSON data	AB084BF5C2363C7E3970607B7FF18EFB	E3F66317E77A34DFD72C06C9DC9EB1D5A52A7C44	45F476C21C1FA334700A80279445D9BE8230F5972C161B365A72D45F0A738045
Chrome Cache Entry: 162	ASCII text	AEB4BA361119CE2F0C72BBD983D4942A	787BCB64D5D6708041F7F1B082F972C423C050E5	CBEB642788437116CA22E3C968CEC125712A6790A602C7791451C9DDE0A11450
Chrome Cache Entry: 163	SVG Scalable Vector Graphics image	B1ABF777CA0BDA5B0EC9AD5D5E683664	8EE305D490E01695F9F3F9299A03A0A3B067D9EA	1500578C7DD30FBF284B8BF24B74FFF472F24F4D0F5144E8EF7011B156A1C9EE
Chrome Cache Entry: 164	ASCII text, with very long lines (354), with CRLF line terminators	0B29144B802C1EB7F71BDA1191F8DB65	89D041279BCF79DFB29050BD68AA30CC21C9447E	6D7F74252D4CDF28FFC66A61AC5143B6900C877522E18B1AFC81E7D72449A8C8
Chrome Cache Entry: 165	ASCII text, with very long lines (2306), with no line terminators	D1DC816C161B3A7313B3D42F478F140A	66E30073FF65F5B96FED00992224F97DD93453BC	CC6265BB78FC4F136D1E4843B385D90A1FABA320821361B71895DCAF2077630F
Chrome Cache Entry: 166	Web Open Font Format (Version 2), TrueType, length 38656, version 1.0	EE0A2BA1D008462339D49F90DFF431A7	292E43A5DC7B89B15B2DD1094FC1A394D1AD9BE3	3513E48FD740CA9930586FC5C4322BB80035C9C2C5DBC0A6670F4D426C7C6493
Chrome Cache Entry: 167	HTML document, ASCII text, with no line terminators	C83301425B2AD1D496473A5FF3D9ECCA	941EFB7368E46B27B937D34B07FC4D41DA01B002	B633A587C652D02386C4F16F8C6F6AAB7352D97F16367C3C40576214372DD628
Chrome Cache Entry: 168	ASCII text, with very long lines (606)	EA7826F34518D7C2295738F39C7640FA	0095729B4BC2A580E4CE033993DAFE498DB87DF5	68CC280CE370C6F1F51A4FC5950103FC38DF80A429552C549ADD04EBD8BD3A23
Chrome Cache Entry: 169	ASCII text, with very long lines (65536), with no line terminators	AA429D098305EFEB3D236B3872F2DA79	E0D6E416EB7C1C8F10EC76F835EDA23D5C1D0AB0	5285275760CE24F97FC85A2AA7A705E2BFCDEBE875A6028441382D2CA36B3F1C
Chrome Cache Entry: 170	ASCII text, with very long lines (2294)	8BA67F70AD07E61460EFDDB086606371	75FD7C1887A6EF9AD74A2817235FF4FBB9B42AE4	72CBD3D64B2207FCDBB0F71D47B7C1017C1ED50434481ABC71E232284C195976
Chrome Cache Entry: 171	ISO Media, AVIF Image	ECD514324A6BE5622148F8656251D327	EBC36D17B385DC2EE2FC5BD4419C3127ED65AAE4	9D2C50C8B8ED4F06CF564301D916D177A13E284F44DC6D393B63AE1E2C632CC2
Chrome Cache Entry: 172	Unicode text, UTF-8 text, with very long lines (62300), with CRLF line terminators	B31E76D22DA4399DB4B8C8ECCD35DC2B	B36D4554849D3F05DF0363366BE9133D35EACA98	5BA7B351020430E304E1C38988858E13690202831484697551E56FED5826004E
Chrome Cache Entry: 173	ASCII text, with very long lines (521)	CB731CC5C2BD9F31D6BFEB19F3C8B1FF	16ACA1C951A03EDD875B99BB8D04F01FA19104AF	5206536707C84BAA892D3C3231B351985EE828CB8B9C0BD8DB42CD3363995FC4
Chrome Cache Entry: 174	PNG image data, 128 x 132, 8-bit/color RGBA, non-interlaced	93BDECFFB5D66368D06745141D887983	9CEAE20D0B3EFC6A60B958643FEA078EF77DA568	1880C182A5564CC58DFB8A9474BB4DEF84E4366A058AA4921405D87BFF10AD93
Chrome Cache Entry: 175	ASCII text, with very long lines (781)	668F178821006F5E6E4284C87D6FD861	9371B7BF580532553B905DEA0F2097EA1FB4DADD	D1218E91C89BFED457F9E6F8A20EEA49A3561714234408CFF3A233729757BD4C
Chrome Cache Entry: 176	ASCII text, with very long lines (9929), with no line terminators	70AEC2DD89CAC4933594C25B71D61F46	3DFE6F517BD57ABBEA46DD4DA776E80270D9DB5F	CD50385CEF163EB376D93E7B1E07FE467DE23B60C98373F7D69448214D3E9CDD
Chrome Cache Entry: 177	SVG Scalable Vector Graphics image	AE037801AAE50F75420CBA1067729C27	F64C18B16833E17CB7FF984A9DD6F64B974009B1	8854C98DB6763CDA7441720F4F6A54130E0C47059E0B323EEE7053EF877F645F
Chrome Cache Entry: 178	SVG Scalable Vector Graphics image	C4F2A8324E4F956CAB998DDCC5975819	F976CC2FB08B5430CBA2522695CEB9A6F1DDBBE9	C5E659464F255D7C62F7D1B388EA9337B3FC6BC2B1D1B8196F616C7877E2786E
Chrome Cache Entry: 179	SVG Scalable Vector Graphics image	7C8B074B15224CC1B8A3DFD1CB82BE2C	17D21454F6EF47810C9BD5C221EB32F280AA9CB6	EECC3E338819CAD04DCC8C1A321B2A776E38CB6F287DA90F3293CB50EB7EA828
Chrome Cache Entry: 180	SVG Scalable Vector Graphics image	292892819291F98386B7562C878438A8	F3AE07BFF117D5089E703DE8201B8A34C1E05A2B	C84D26548D33EC7C202795F14B595DA06C1AFF66494109DCAD29668442D1BD2D
Chrome Cache Entry: 181	ASCII text, with no line terminators	E736E189EDB5D0D9D5B8E7F23DD9114A	BCABEE193F13756FA9154FC492FE420C47140343	13CF82E6F9D48221CD55F8B3C3D206F7BDB83F291034B478E484CCFEF7D500DD
Chrome Cache Entry: 182	HTML document, ASCII text, with very long lines (311), with CRLF line terminators	2C8641984C2DCDD3671BD7959A406DEA	54BE5872DEC947A63A634B89F74658D6944F1A4C	5F6D6120C2DBC358DD5A3FE0094F3CEBB52CD43D8414A0CBF5986D6D72E23F14
Chrome Cache Entry: 183	ASCII text, with very long lines (65464)	44934D48F839E3143311BC044E6E0D89	A96C3D95BE19A80330977ACEAD67FD9B92AC6E4B	500D20E95A2ED662891673D812FE9A71E2E2C31B170BCD331C33B97114879FA6
Chrome Cache Entry: 184	ASCII text, with very long lines (1143)	B427175FA1078775EB792756E7B6D1E7	4C55C0233D3D9002B3449C025F97821F8BB8900D	EE147E859AD0F09AA50367974E38AB53E7C7054C4A51D400A7F45B0EB251454F
Chrome Cache Entry: 185	ASCII text, with no line terminators	EC331136E75314D2030EE013B6069921	6B7428B8B15616A67F767D42964AF94FCBE2A803	A7358DF6B7B60280F2A0D7CD5B70A9F1DFA4FCE5C31FB1A24FB2F109AF7EE977
Chrome Cache Entry: 186	ASCII text, with very long lines (2717)	05345F56355FA8421E88B29947743EF5	C2652FD719B401718457C94BC3292D3204699D00	A2BDD8CB01353D4ED2A9AB4C7D7C263225F6908AA875614D015A2F39956D9D73
Chrome Cache Entry: 187	SVG Scalable Vector Graphics image	68485C8651B606E8731F1062358E3C69	0B33173AFF634B4D94E93CB3C27C53A588C273BF	30C9633D29D77105BDCAB13F7CDC27C1458CB0D37A57B80C7755840FC8FBFADF
Chrome Cache Entry: 188	ASCII text	6FED308183D5DFC421602548615204AF	0A3F484AAA41A60970BA92A9AC13523A1D79B4D5	4B8288C468BCFFF9B23B2A5FF38B58087CD8A6263315899DD3E249A3F7D4AB2D
Chrome Cache Entry: 189	ASCII text, with very long lines (24751), with no line terminators	D4F9AD34FAE3BA64CBC48057DC47E968	F8D0D55DC6E9B5D53F74B0B8BFC5E2EDBDB0618D	2B5B9F68ACE12B789B1371204754547021DCBF3E9DF630E7E22B49EE56E05B8C
Chrome Cache Entry: 190	Web Open Font Format (Version 2), TrueType, length 39312, version 1.0	BC4AD14935F07732BA2B0306C8487ACF	D4EA2BFA7D3CAC6956AE3159685319741FC2ABE8	E4ABBBC422DF79BBE92BB04242993BEFBEEB20457328BD059773A710EA548E40
Chrome Cache Entry: 191	SVG Scalable Vector Graphics image	71AB242143F25DBC8742544861516AE3	AC6C4D280A8A5457B5204F3C23565107C2659DDF	3C64EE6FB784078E7E66E32109287A2316F972054ABFEA60086B08C6421869A8
Chrome Cache Entry: 192	ASCII text, with very long lines (535), with no line terminators	C506281367048D4A134C9AFFBC68C8C6	FFA331EB81694501D6FF64AE2D1F7E667529C3BA	7E0A886153A50F34ADEB6D141B542D08A6338C5E3BADA9FC3CCF88D0580356DF
Chrome Cache Entry: 193	SVG Scalable Vector Graphics image	5DB142093EB76DB75C3AC4FA36A6F63F	EFDBF880634AB4D955EB805A134E8CE5424500AD	FE6BBB898EED4EE850CA1C765DEE1EBED3C381C64C6FFEB46143D617730FFE12
Chrome Cache Entry: 194	JSON data	399F0246A8CC5A22462FA87B111268B0	9C15A9DEB4F4A8CEF18DA82EE0B53F804986B239	359015CE9288A7F9CD95AE985AE7FDD15A68D9E62CD03DA96DC47D8C069C0DBC
Chrome Cache Entry: 195	ASCII text, with very long lines (65495)	7D7154EF6170BA270496D4138BF3FF00	0697346A7FF46FE06D9530C7815E6A4B4A70D5E5	BD41C6EC39EFA835F2D55F7ABB63A4E136DEB0E45D683EDF1CE74B5DAB6C6794
Chrome Cache Entry: 196	ASCII text, with very long lines (699), with no line terminators	838903127A65EC440893B4945C40CA4A	827F3E5341F56FA4473D53B788AF41EC6BF21B8B	89F08C4A66C9A737C6155B8313E87B36687FE65BFC9A1BA1783AEACE487BCDE3
Chrome Cache Entry: 197	Unicode text, UTF-8 text, with very long lines (47653)	48ED7AE7E685F5469D86B54CC802F8EB	E88318F6E8B0D255D2D5CB684A4DF120437AE610	899D1EC3C095342571D3BE2091EC6F984D4CC82390D1F61945C391FA035B00D9
Chrome Cache Entry: 198	ASCII text, with very long lines (1839)	83583A4061DDC27E8B6EE0DC269519CD	8B1C0ACC28729208F640473EB5D8FB82C4BA3E15	C051B8B5EB2A0AEF699780F15A449491868FAA6F8B39B684B5AE8F64F345B94A
Chrome Cache Entry: 199	Unicode text, UTF-8 text, with very long lines (49982), with NEL line terminators	3A90D00A2030D8CA85824FEBB6BED3E0	2234950675A451AE8C77FCF743AB55ACE3C25B73	85FFD28549DF9CC04506A268005D3E8B8CAAB86BC1A2A97FAB3CEB0D943D5EA8
Chrome Cache Entry: 200	ASCII text, with very long lines (11457)	BBB9236181CF414450FA1040C4B2958C	EAF09D79CA7CF3D970F53454B54BAEC37CAC5E9B	17A55133DE02204DCABF6CE402D6F39558837D9DC731A220BAC21C1413C88E25
Chrome Cache Entry: 201	ASCII text, with very long lines (65531)	0998D8070C648EBDC22DC8C820CA402A	D57A4C8E81CD1A5CF2EB5BBBBDF33B14CF5027CF	EA43C94F942E39C8D81945FCC4829080FF03D08278F60CF90A0CC78B0F549550
Chrome Cache Entry: 202	JSON data	DB0016F1F1105951846B4235FF4477FD	2055403BFCC243E44147240C4FB75E347CA5EDF5	F16B112AA874841F356451E2D8C90EE5E0728614631334ADFBED5C8E8AB4ABAD
Chrome Cache Entry: 203	JSON data	D06F04FCCF68D0B228A5923187CE1AFD	5DE9DF9FDD66A91EED06E31981553D4AB9CCF490	830E67BDA2532CD5880EE86E3B33E69721082F8458BB0DF0CD4EDBB1577FD375
Chrome Cache Entry: 204	ASCII text, with very long lines (3572), with no line terminators	122C0858F7D38991F14E5ADC6BDB3C3B	FFC64755EB42990A73C4878426A641CFB94B57EE	06D1296A6F6611AC795B27882FE88823EE857D0F49F7018CF00C6A199976DC0D
Chrome Cache Entry: 205	SVG Scalable Vector Graphics image	1F063486B75B7007AADAB96752A40034	8F51830D1FC04353A9C09E8A7F8A728A4304E2CA	5BB4A9FF7644678957BE48D39D440E6981D9FBC08AC212B6F4D4F1D34F776069
Chrome Cache Entry: 206	SVG Scalable Vector Graphics image	5623C11FFEA4C03109A0C1A9F4706DC8	A0E42E5AEEBB151EF0DB0C4D82CECC33AAD90266	6FC87E860BEA5658FEE449F3164B7D316843DCBFDED729D0BC3AA5838C7ACA45
Chrome Cache Entry: 207	ASCII text, with very long lines (65472)	3B341E35B39F6195793ECAF5DB7C1D63	3EF56ED9AC8BFBF5347DC4592653703F59763083	548669D6434F5204DCA25B9A6F8A02F63301B8C1B58A717B91FEC8B6C2918305
Chrome Cache Entry: 208	ASCII text, with very long lines (65536), with no line terminators	B3E2638A6983EAC8836694F7D58E50D1	C2047C0ADD38252A4A37D5588249C1224B263B5D	FCE3DD79F6439614BD0067FDB4747883BB1A414133F1D33CC75C3F43AFDEB4F9
Chrome Cache Entry: 209	ISO Media, AVIF Image	EEF80FFF3409D909B3B5C438EC414440	DBD0DF812456CCB7E9A223AEECD319C0B72EAF93	69415D97E563724421308ACC5FC899FC69282F75429ECB813A8DECC008234ECA
Chrome Cache Entry: 210	ASCII text, with very long lines (6228), with no line terminators	0B37F91738FC549283408A7445FF662B	D97B4F77B4BF75297C21B2BF0BAA4E3DD01373C1	F8E19D5DA22437AA40413E5096A26599A0C9E3F861C53896E40E5554DAFE7EE2
Chrome Cache Entry: 211	ASCII text, with very long lines (1414), with no line terminators	40CFAE3B5462CABE5C2CFAFA279227CB	56CD07648D373760809DBF9515F6E5376DFF04A4	CD22C5327CD617FB47A47DF6E46DD055B0B5A4775D22B394B5968284D2CFFE91
Chrome Cache Entry: 212	JSON data	929201647C99FC16BA55DE60C08D46F1	871D467A82549DB95D4A22ACD170516F8DCB41EB	807292C293EDE7EF1DB1FA007104AC1F0529D68A9C3F538346D29A6FF42FE2DE
Chrome Cache Entry: 213	ASCII text, with very long lines (3537)	F0A9F2F65F95B61810777606051EE17D	872BF131CB4BEFD0242339F072F2F9B9FBF8019F	9CDF2602AC04F7E2BED582D4299C73D464FC4AB069E3AD5A20EE2B6635A015B8
Chrome Cache Entry: 214	ASCII text, with very long lines (18229), with no line terminators	6BF62C737DEC7D16542425992BE5986C	7F5EC461A46E4526FCF8ED0A24F758BD0168E5B0	2DEAAE9C5E06DF6C98B9775E2A5FBB66EAB1A591458F9D1982E8F0E350FDB59E
Chrome Cache Entry: 215	JSON data	C1A5371EABDB29B9A3B3EA6B7429217B	0919D2B6D8C7908028A48295FA6DA931D2315395	68C80A6B2533F2FA66BB275DBF60A57C86C058B934D2C7418D60B16093549FCD
Chrome Cache Entry: 216	gzip compressed data, from Unix, original size modulo 2^32 164815	407AF6BED6B1B6BB729F5B54DA244AFA	0E7871913E6696D922751E0E0733EA96B8041E29	C2B8C95D08C94DF5D457FF9BFC63B7557835D1C77BB85CE1D03E282F490B0085
Chrome Cache Entry: 217	SVG Scalable Vector Graphics image	ADBA6690B203114311024AA2E272EA67	5909104E467786897FD9404CA07AF4E76E669095	C5DDAA704FC5872990964FD298F7B5E2E7D94F9EF24CFC22E5BCBB0B9414086F
Chrome Cache Entry: 218	SVG Scalable Vector Graphics image	08B6B72556010DC2CCDFBFF440120E3E	F4CDE42659FF341471A27541DC1BA871A4139112	5F2E57B9CBE234290BC122CCBE1A80DA921E2317D72D9143E9FF26E04BA395B5
Chrome Cache Entry: 219	ASCII text, with very long lines (906), with no line terminators	1C5ECF371149FECA23BD895BA9DFEC4D	6F6213AE4C63D959441572D232F0425467ED05DE	FB193C2BCF1A14030CEA8D72BAA20AB7B1CF88F9E90ADB31895279BEEDF6BF84
Chrome Cache Entry: 220	SVG Scalable Vector Graphics image	963B2A926EB4C61C8561363CFA2C8B84	043750A2A135F72F4A4AAFBDB06F8CB94BEB11AE	DD14564D9856E990620FAFA26E4AA6CA351067BDE78D2B07A228184AFF13E9CC
Chrome Cache Entry: 221	SVG Scalable Vector Graphics image	8AD7EF059216F5006D343617DBD4BF8E	42268616BEB618C6F71899D7F904799B52C956B9	9140BD80C4652FD471CEF72BF4C97530C95BF77D06CC232D682622961CE07685
Chrome Cache Entry: 222	ASCII text, with very long lines (18963), with no line terminators	4F773FE8050DCFD8FD096E061EED08A7	0921110716284E797A40855B98B113B683FADB51	29704F658E0A24AF40A7EC9F1BA5800E7BF3366DE3FEAE6E044BD20C28C89018
Chrome Cache Entry: 223	Web Open Font Format (Version 2), TrueType, length 36928, version 1.0	2EFC7DA8F7B22A460E7B473DE526E2E0	107780CC3EA033C1C3B7D37E41FB620605925770	945FA9508CD87D32D374A6A5BA065AC5FCC08B6EE130007FB95F7D123814B6E7
Chrome Cache Entry: 224	JSON data	99914B932BD37A50B983C5E7C90AE93B	BF21A9E8FBC5A3846FB05B4FA0859E0917B2202F	44136FA355B3678A1146AD16F7E8649E94FB4FC21FE77E8310C060F61CAAFF8A
Chrome Cache Entry: 225	SVG Scalable Vector Graphics image	5D38C2DBF7F89444AE7FA275DCA067FD	4DB04596B088F9DD11C3A4FDA005C849237C3EBD	6B113909F08557D9795E50AE665CF17E4D85259E60A05234791B50537CC2A0FD
Chrome Cache Entry: 226	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced	D727A0D14B4E413FD28D4A61A2ED1EA7	88A4B08DABD8E66A0CF631297C83DE16DB526421	4B52193352E96CF383B1FF4750D3AD63FD7B6E21BF89F6AB1661C2A1C8428B9F
Chrome Cache Entry: 227	SVG Scalable Vector Graphics image	E8F59FFE0922EEF7A3749A6F4007EB2D	6CAF54295947A930051603810933737AA7761161	BC90671A768B90021952BDF86C7D38CFCC00FD28B7204B5228EEFA02E25D534D
Chrome Cache Entry: 228	JSON data	5BF62334DFDE6B613DA86CF7D611D477	603F608952CC937667DF44999C2CC068362B87BC	3AFC7023F08CADE1FE4F34343CB925CE5F3EA435462495BFB4BAFCD7DE8AA4A4
Chrome Cache Entry: 229	Unicode text, UTF-8 text, with very long lines (65458)	5FF5B56DD253D3FD717915B2773593D3	3FCB89ABD877241F130E2712B54233763D0D2B03	162951E9132B74BF11C97D7F234D998954DF2729C604E2925291A28699ACA260
Chrome Cache Entry: 230	SVG Scalable Vector Graphics image	FE0C352C5969232781BFD804D6B0A016	CB6999B55323D5E296AE9B0DA77C1894AFB525A1	E5956662BFA9D934328567B5879F4706915DCEAE3D777CC677873818BE710B07
Chrome Cache Entry: 231	ASCII text, with very long lines (65451)	DC5E7F18C8D36AC1D3D4753A87C98D0A	C8E1C8B386DC5B7A9184C763C88D19A346EB3342	F7F6A5894F1D19DDAD6FA392B2ECE2C5E578CBF7DA4EA805B6885EB6985B6E3D
Chrome Cache Entry: 232	JSON data	D06F04FCCF68D0B228A5923187CE1AFD	5DE9DF9FDD66A91EED06E31981553D4AB9CCF490	830E67BDA2532CD5880EE86E3B33E69721082F8458BB0DF0CD4EDBB1577FD375
Chrome Cache Entry: 233	SVG Scalable Vector Graphics image	554640F465EB3ED903B543DAE0A1BCAC	E0E6E2C8939008217EB76A3B3282CA75F3DC401A	99BF4AA403643A6D41C028E5DB29C79C17CBC815B3E10CD5C6B8F90567A03E52
Chrome Cache Entry: 234	SVG Scalable Vector Graphics image	9708DB4DE25A452BB442AA6961BFCFD2	980CC43E61F3A6066E3DDF80FABEA8F5348826C7	BCCE460B81C575192DBA10360E2F7A0C7272BDF95505F1DD28D5885024575FF0
Chrome Cache Entry: 235	ASCII text, with very long lines (9398)	8EED9A50834DA48C18F0FB3D7C94FDDB	536E2FC6F56CB08C818595A9DC463F88D9BFA50C	4600BA5D932EE9658241E86C80B8815610D74E77469AD9ADED17D55ADAE0AF81
Chrome Cache Entry: 236	HTML document, Unicode text, UTF-8 text, with very long lines (14847)	5802CACE9D161FA08C46BB06A36F58CE	CEB1B9268DA2C3C636E2CAE1C3DBFB5A9769943E	D8F68709B2EE0C2D55226CEB1526FCD79FC84A572152AE779304FEDE4CE63225
Chrome Cache Entry: 237	SVG Scalable Vector Graphics image	EFD06AED369077431DA06C9B4A76C306	6B6D1BD90AB542BA1A74DA267C0E3B75A17302D5	55C0EDF58BE2D8F26E626888DA9386CE53156EF7654BB5A5AB4FA0ACB90BBDD8
Chrome Cache Entry: 238	ASCII text, with very long lines (2124)	F46ACD807A10216E6EEE8EA51E0F14D6	4702F47070F7046689432DCF605F11364BC0FBED	D6B84873D27E7E83CF5184AAEF778F1CCB896467576CD8AF2CAD09B31B3C6086
Chrome Cache Entry: 239	ASCII text, with very long lines (65457)	3879577A745D9C0424630208BB70849E	979CF717E9AE19609F0061F61A3030D36652240F	9A4E708DDBB7995C586C8E15753C9AB11546938EB9CFA7A6775834D6CE472B41
Chrome Cache Entry: 240	SVG Scalable Vector Graphics image	9C3018859FF1C63BBA9A322641A9D378	0D21D57EC255768C91CBE25AAD13E8861F1896DA	56AEF1D001ED83B8462792E4BC25B876638A132CAF8BD32A06527012962DD10F
Chrome Cache Entry: 241	Unicode text, UTF-8 text, with very long lines (65535), with no line terminators	0B16AB23855DFAA76755809C20D40A1A	41EE29596E12D0C5A77BC7C9F2C46AE9796DAB98	6A43A6A768D308C211BA2B72E76DB128E73AFA0EEFC3FB0B01E7F5DD80E2EC9B
Chrome Cache Entry: 242	ASCII text, with very long lines (40772), with no line terminators	96BE1F6983C01FE07004E163E0C6CE8A	46334521CA7C554FB7608E4E93CBA4C6FAC72F77	26C00C91AA26F8A81DC41FE7CA0DB1DFD849180200596138437F2CA57357DD0F
Chrome Cache Entry: 243	ASCII text, with very long lines (32014)	7BB7AAC0CAC89A90304AF1C72EB4F50D	729F6F8CA5787D89743B0ED7EB27FD76406BF985	F5C06455E539DCD889F7F05D709B5ADC76C444099FE57F431365AF2FC57E803B
Chrome Cache Entry: 244	gzip compressed data, from Unix, original size modulo 2^32 763508	D2CB1CE58621CA32853791A937A63C71	CE1F81FA2BE914239E35EE36D67B070348F793C4	1ABF84DB53ABC80BC5A9DD6B38730D27274094E4EBCBC2B7ABD401AC60C40BD3
Chrome Cache Entry: 245	Unicode text, UTF-8 text, with very long lines (65464)	1C73B4EB89BBE24ECF154B671DDBCAFC	75E59EC09164B620648BE5CC80048372E6C62AA5	972DE8C5257C5C31F0AE45016595089022E4F82E766CEC78FB40C997BFBAC75F
Chrome Cache Entry: 246	HTML document, Unicode text, UTF-8 text, with very long lines (56508)	B97E6BFE58E6BB865B88832DC3D9190A	0ECA750C9AE38DEBCADEE3FFC58ED0B5AFF4C7C5	D455980EDCE2584F189CDB5CA018B9378D064B9583634E9C282A30F8EE9BD9DB
Chrome Cache Entry: 247	ASCII text, with very long lines (7647)	1221505FE7F191FC9291D93382ACA851	BD8ECBB054ADE2EBA50F1B87F8D8ED9A26DABA15	6D0B88C9DEDB3C464ABDA60D387312A4DC51DD31F45269099556C2F997B8ECA0
Chrome Cache Entry: 248	Unicode text, UTF-8 text, with very long lines (65447)	383FA2800213AE072A45A08F19601D24	0942E6B4148AE242F9F89DE90ED874E503DCB7A2	BFAA5B427105DD718E0BB4C14055D98C738F151E6BDE796C2867FA40335D7914
Chrome Cache Entry: 249	ASCII text, with very long lines (855)	4668E74B2B2A58381399E91A61B6D63D	89EBF54E996E46F4B1E26F6DCDA93BAD74FC0A1C	B0E3ACC54460721385D2E472DDA7288382F2766A06B38D2E732D034619F9B929

Source: C:\Windows\System32\7za.exe	File created: C:\chrome\background\background.js.LICENSE.txt	Jump to behavior
Source: C:\Windows\System32\7za.exe	File created: C:\chrome\content\content.js.LICENSE.txt	Jump to behavior
Source: C:\Windows\System32\7za.exe	File created: C:\chrome\options\options.js.LICENSE.txt	Jump to behavior
Source: C:\Windows\System32\7za.exe	File created: C:\chrome\popup\popup.js.LICENSE.txt	Jump to behavior

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49812 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49896 version: TLS 1.2

Connects to many different domains

Source: unknown

Network traffic detected: DNS query count 42

IP address seen in connection with other malware

Source: Joe Sandbox View	IP Address: 192.28.144.124 192.28.144.124
Source: Joe Sandbox View	IP Address: 13.107.246.45 13.107.246.45
Source: Joe Sandbox View	IP Address: 146.75.118.109 146.75.118.109

JA3 SSL client fingerprint seen in connection with other malware

Source: Joe Sandbox View

JA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.135
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.135
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86

Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/ddljson?async=ntp:2 HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /guide HTTP/1.1Host: www.regie.aiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.SCWmpDDGjPk.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_Pl64J0IIHlj2zBtEJ3ZwdaJC3HA/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/ad7f10b5f55ce13492462bf7/script.js HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/typed.js/2.0.10/typed.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/css/regie-ai-staging.97281fbbf.min.css HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/js/regie-ai-staging.61876242e.js HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=6595d530bcf001adceb21212 HTTP/1.1Host: d3e54v103j8qbb.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.regie.aisec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/ad7f10b5f55ce13492462bf7/banner.js HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/6595d6259134d099ec8cd241_PPMori-SemiBold.woff2 HTTP/1.1Host: uploads-ssl.webflow.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.regie.aisec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://assets-global.website-files.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/6595d625e062c2b10c695588_PPMori-Regular.woff2 HTTP/1.1Host: uploads-ssl.webflow.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.regie.aisec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://assets-global.website-files.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/6595d6275aa95166710ff207_PPMori-RegularItalic.woff2 HTTP/1.1Host: uploads-ssl.webflow.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.regie.aisec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://assets-global.website-files.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /ReferralSdk/referral.js?referrer=https%3A%2F%2Fwww.regie.ai%2Fguide HTTP/1.1Host: regie.referralrock.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/659c2166d7eced57f26d6cef_cta%20bg.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://assets-global.website-files.com/6595d530bcf001adceb21212/css/regie-ai-staging.97281fbbf.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b806a5c866126f8d2b97_6sense.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b8244621b6acf897770e_Bombora.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tag/8l7e5v9c7i HTTP/1.1Host: www.clarity.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b87e05690f47e1871903_Cognism.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b8a1cf52ccbdc4e72313_Demandbase.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /externaltrack/?pageTitle=Extension%20Guide&transactionKey=56a85185-3d2d-4afa-977b-7201063b39c3&scriptv=https%3A%2F%2Fregie.referralrock.com%2FReferralSdk%2Freferral.js%3Freferrer%3Dhttps%253A%252F%252Fwww.regie.ai%252Fguide&sourceURL=https%3A%2F%2Fwww.regie.ai%2Fguide HTTP/1.1Host: regie.referralrock.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b839d1e58aba55b31ca4_ZoomInfo.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/0.7.32/clarity.js HTTP/1.1Host: www.clarity.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CLID=e9ab7af2a71c49e68fc436887510f1eb.20240527.20250527
Source: global traffic	HTTP traffic detected: GET /video/1610534409-9fe328546a507cc31d2ae788b030cb1e446a62b26b144c89985f09538f7da33b-d?mw=80&q=85 HTTP/1.1Host: i.vimeocdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://player.vimeo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /p/4.33.8/js/player.module.js HTTP/1.1Host: f.vimeocdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://player.vimeo.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /p/4.33.8/css/player.css HTTP/1.1Host: f.vimeocdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://player.vimeo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /p/4.33.8/js/vendor.module.js HTTP/1.1Host: f.vimeocdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://player.vimeo.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b77842216d4d52c1082c_amplemarket.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b71ad1e58aba55b278ff_Apollo.io.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b74c7eb6560d92afdd38_frontspin.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b69df23e0308ab135b5b_Outreach.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b6f4604428bacd4be796_Salesloft.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/ad7f10b5f55ce13492462bf7/1gpZw5Pt.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.regie.aiSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js_opt/modules/utils/vuid.min.js HTTP/1.1Host: f.vimeocdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://player.vimeo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /video/1610534409-9fe328546a507cc31d2ae788b030cb1e446a62b26b144c89985f09538f7da33b-d?mw=800&mh=450 HTTP/1.1Host: i.vimeocdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://player.vimeo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/6595d5a2cf94e0382796503a_favicon.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b7ded78a496b27cd8436_HubSpot.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b7bdfc7fdb5d37ff71f3_Salesforce.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/v1/ip HTTP/1.1Host: directory.cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.regie.aiSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b668a5c866126f8c6e50_outlook.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b63cf0120c2cb4c44597_gmail.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /659c1e1d52015e0951d980e6/65a2b861c5f42eb0506dacef_LinkedIn.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/ad7f10b5f55ce13492462bf7/audit-table/g-zYDNcw.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.regie.aiSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/659eb5e5bd8157098fb7f412_soc2.png HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=FwpMAoFPGlE1SmU&MD=MH8novzg HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /6467a768ad80445890edf29e/1h96864fg HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/659eb5e5bd8157098fb7f414_gdpr.png HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/660705a00232456f70c9310b_AISalesAssistant_BestResults_Mid-Market_Total.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/660705a030fadcc8f8950075_AISalesAssistant_HighPerformer_Americas_HighPerformer.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/65cce0b13936557bb5f48dbd_g2%20review.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/660705a055907c31e5e35e92_AISalesAssistant_MostImplementable_Mid-Market_Total.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-main.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.regie.aisec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-vendor.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.regie.aisec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-chunk-vendors.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.regie.aisec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-chunk-common.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.regie.aisec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6595d530bcf001adceb21212/660705a0954ad7922c498aaf_AISalesAssistant_MomentumLeader_Leader.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-runtime.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.regie.aisec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-app.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.regie.aisec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/widget-settings?propertyId=6467a768ad80445890edf29e&widgetId=1h96864fg&sv=null HTTP/1.1Host: va.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.regie.aiSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/ga/rul?tid=G-VMFY9K9RPE&gacid=1151382789.1716771394&gtm=45je45m0v875973908z8847818946za200zb847818946&dma=0&gcs=G111&gcd=13n3n3n3n5&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&z=2065376473 HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/languages/en.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /healthcheck HTTP/1.1Host: assets-tracking.crazyegg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.regie.aiSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /healthcheck HTTP/1.1Host: pagestates-tracking.crazyegg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.regie.aiSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/?k=6653da45ef55153d25d2e7ed&cver=0&pop=false&asver=71003&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUiLCJ2aWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUtOGJQRTY2U1hmeVN6RU1tS3dwOV95Iiwic2lkIjoiNjY1M2RhNDVlZjU1MTUzZDI1ZDJlN2VkIiwiaWF0IjoxNzE2NzcxMzk3LCJleHAiOjE3MTY3NzMxOTcsImp0aSI6ImM5RkIxdl9Mdkd5czd5OEdkVHd4RyJ9.mLkPoJy5X-5C1B7LveUsnsACBhY-P4XUXR6CYvaMQiksChc7IotpP2xD6z9TV6hej6psh1zKY-y1MKn5bxwYcA&EIO=3&transport=websocket&__t=O-tZ9l1 HTTP/1.1Host: vsa26.tawk.toConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.regie.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: sG7UygJInlnEm8z5CEPJDA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-chunk-9294da6c.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-chunk-2d0b383d.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-chunk-48f3b594.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-chunk-4fe9d5dd.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-chunk-2d0b9454.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /clock?t=1716771396902&tk=9a0026c5e1bbfc5dd98a1e8834d029ad&s=439622&p=%2Fguide&u=1225022&v=4ec8479886ddfb1ebcf52ccefa93bb8c0291e519&f=regie.ai%2Fguide&ul=https%3A%2F%2Fwww.regie.ai%2Fguide HTTP/1.1Host: tracking.crazyegg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.regie.aiSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/css/min-widget.css HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/css/message-preview.css HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/?k=6653da45ef55153d25d2e7ed&cver=0&pop=false&asver=71003&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUiLCJ2aWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUtOGJQRTY2U1hmeVN6RU1tS3dwOV95Iiwic2lkIjoiNjY1M2RhNDVlZjU1MTUzZDI1ZDJlN2VkIiwiaWF0IjoxNzE2NzcxMzk3LCJleHAiOjE3MTY3NzMxOTcsImp0aSI6ImM5RkIxdl9Mdkd5czd5OEdkVHd4RyJ9.mLkPoJy5X-5C1B7LveUsnsACBhY-P4XUXR6CYvaMQiksChc7IotpP2xD6z9TV6hej6psh1zKY-y1MKn5bxwYcA&EIO=3&transport=websocket&__t=O-tZA7v HTTP/1.1Host: vsa35.tawk.toConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.regie.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: T2f7E6BHN+vYTyRtx6dAZA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/js/twk-chunk-24d8db78.js HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.regie.ai/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_s/v4/app/6625f366c87/css/max-widget.css HTTP/1.1Host: embed.tawk.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/?k=6653da45ef55153d25d2e7ed&cver=0&pop=false&asver=71003&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUiLCJ2aWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUtOGJQRTY2U1hmeVN6RU1tS3dwOV95Iiwic2lkIjoiNjY1M2RhNDVlZjU1MTUzZDI1ZDJlN2VkIiwiaWF0IjoxNzE2NzcxMzk3LCJleHAiOjE3MTY3NzMxOTcsImp0aSI6ImM5RkIxdl9Mdkd5czd5OEdkVHd4RyJ9.mLkPoJy5X-5C1B7LveUsnsACBhY-P4XUXR6CYvaMQiksChc7IotpP2xD6z9TV6hej6psh1zKY-y1MKn5bxwYcA&EIO=3&transport=websocket&__t=O-tZAXt HTTP/1.1Host: vsa62.tawk.toConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.regie.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: +2RaDP2lMo3c4t4K+4cCvw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /s/?k=6653da45ef55153d25d2e7ed&cver=0&pop=false&asver=71003&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUiLCJ2aWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUtOGJQRTY2U1hmeVN6RU1tS3dwOV95Iiwic2lkIjoiNjY1M2RhNDVlZjU1MTUzZDI1ZDJlN2VkIiwiaWF0IjoxNzE2NzcxMzk3LCJleHAiOjE3MTY3NzMxOTcsImp0aSI6ImM5RkIxdl9Mdkd5czd5OEdkVHd4RyJ9.mLkPoJy5X-5C1B7LveUsnsACBhY-P4XUXR6CYvaMQiksChc7IotpP2xD6z9TV6hej6psh1zKY-y1MKn5bxwYcA&EIO=3&transport=websocket&__t=O-tZAzV HTTP/1.1Host: vsa108.tawk.toConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.regie.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: 8rgobneYncT9VhFSk4SIFA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /s/?k=6653da45ef55153d25d2e7ed&cver=0&pop=false&asver=71003&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUiLCJ2aWQiOiI2NDY3YTc2OGFkODA0NDU4OTBlZGYyOWUtOGJQRTY2U1hmeVN6RU1tS3dwOV95Iiwic2lkIjoiNjY1M2RhNDVlZjU1MTUzZDI1ZDJlN2VkIiwiaWF0IjoxNzE2NzcxMzk3LCJleHAiOjE3MTY3NzMxOTcsImp0aSI6ImM5RkIxdl9Mdkd5czd5OEdkVHd4RyJ9.mLkPoJy5X-5C1B7LveUsnsACBhY-P4XUXR6CYvaMQiksChc7IotpP2xD6z9TV6hej6psh1zKY-y1MKn5bxwYcA&EIO=3&transport=websocket&__t=O-tZBar HTTP/1.1Host: vsa3.tawk.toConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.regie.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: 2hHcjQMDG5XRsHm+jI1wtQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=FwpMAoFPGlE1SmU&MD=MH8novzg HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com

Source: chromecache_236.4.dr	String found in binary or memory: Regie.ai. All rights reserved.</div><a href="/privacy-policy" class="footer_legal-link">Privacy Policy</a><a href="/terms-and-conditions" class="footer_legal-link">Terms and Conditions</a></div><div class="w-layout-grid footer_social-icons"><a href="https://www.facebook.com/regieai" target="_blank" class="footer_social-link w-inline-block"><div class="icon-embed-xsmall w-embed"><svg width="100%" height="100%" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"> equals www.facebook.com (Facebook)
Source: chromecache_236.4.dr	String found in binary or memory: </svg></div></a><a href="https://twitter.com/regieai" target="_blank" class="footer_social-link w-inline-block"><div class="icon-embed-xsmall w-embed"><svg width="100%" height="100%" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"> equals www.twitter.com (Twitter)
Source: chromecache_236.4.dr	String found in binary or memory: </svg></div></a><a href="https://www.linkedin.com/company/regie-ai" target="_blank" class="footer_social-link w-inline-block"><div class="icon-embed-xsmall w-embed"><svg width="100%" height="100%" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"> equals www.linkedin.com (Linkedin)
Source: chromecache_235.4.dr	String found in binary or memory: Math.round(p);u["gtm.videoCurrentTime"]=Math.round(q);u["gtm.videoElapsedTime"]=Math.round(f);u["gtm.videoPercent"]=r;u["gtm.videoVisible"]=t;return u},bk:function(){e=Db()},pd:function(){d()}}};var ic=ma(["data-gtm-yt-inspected-"]),GC=["www.youtube.com","www.youtube-nocookie.com"],HC,IC=!1; equals www.youtube.com (Youtube)
Source: chromecache_235.4.dr	String found in binary or memory: e\|\|f\|\|g.length\|\|h.length))return;var n={Wg:d,Ug:e,Vg:f,Lh:g,Mh:h,xe:m,Ab:b},p=G.YT,q=function(){OC(n)};if(p)return p.ready&&p.ready(q),b;var r=G.onYouTubeIframeAPIReady;G.onYouTubeIframeAPIReady=function(){r&&r();q()};I(function(){for(var t=H.getElementsByTagName("script"),v=t.length,u=0;u<v;u++){var w=t[u].getAttribute("src");if(RC(w,"iframe_api")\|\|RC(w,"player_api"))return b}for(var y=H.getElementsByTagName("iframe"),x=y.length,B=0;B<x;B++)if(!IC&&PC(y[B],n.xe))return yc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: chromecache_247.4.dr	String found in binary or memory: return b}EC.K="internal.enableAutoEventOnTimer";var ic=ma(["data-gtm-yt-inspected-"]),GC=["www.youtube.com","www.youtube-nocookie.com"],HC,IC=!1; equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.regie.ai
Source: global traffic	DNS traffic detected: DNS query: apis.google.com
Source: global traffic	DNS traffic detected: DNS query: assets-global.website-files.com
Source: global traffic	DNS traffic detected: DNS query: cdn-cookieyes.com
Source: global traffic	DNS traffic detected: DNS query: d3e54v103j8qbb.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: script.crazyegg.com
Source: global traffic	DNS traffic detected: DNS query: log.cookieyes.com
Source: global traffic	DNS traffic detected: DNS query: cdn.embedly.com
Source: global traffic	DNS traffic detected: DNS query: uploads-ssl.webflow.com
Source: global traffic	DNS traffic detected: DNS query: munchkin.marketo.net
Source: global traffic	DNS traffic detected: DNS query: www.clarity.ms
Source: global traffic	DNS traffic detected: DNS query: regie.referralrock.com
Source: global traffic	DNS traffic detected: DNS query: player.vimeo.com
Source: global traffic	DNS traffic detected: DNS query: fresnel.vimeocdn.com
Source: global traffic	DNS traffic detected: DNS query: i.vimeocdn.com
Source: global traffic	DNS traffic detected: DNS query: f.vimeocdn.com
Source: global traffic	DNS traffic detected: DNS query: 445-tii-243.mktoresp.com
Source: global traffic	DNS traffic detected: DNS query: s.clarity.ms
Source: global traffic	DNS traffic detected: DNS query: directory.cookieyes.com
Source: global traffic	DNS traffic detected: DNS query: vimeo.com
Source: global traffic	DNS traffic detected: DNS query: c.clarity.ms
Source: global traffic	DNS traffic detected: DNS query: embed.tawk.to
Source: global traffic	DNS traffic detected: DNS query: snap.licdn.com
Source: global traffic	DNS traffic detected: DNS query: px.ads.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: va.tawk.to
Source: global traffic	DNS traffic detected: DNS query: td.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: analytics.google.com
Source: global traffic	DNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: pagestates-tracking.crazyegg.com
Source: global traffic	DNS traffic detected: DNS query: assets-tracking.crazyegg.com
Source: global traffic	DNS traffic detected: DNS query: www.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: vsa26.tawk.to
Source: global traffic	DNS traffic detected: DNS query: tracking.crazyegg.com
Source: global traffic	DNS traffic detected: DNS query: vsa35.tawk.to
Source: global traffic	DNS traffic detected: DNS query: cdn.jsdelivr.net
Source: global traffic	DNS traffic detected: DNS query: vsa62.tawk.to
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: vsa108.tawk.to
Source: global traffic	DNS traffic detected: DNS query: vsa3.tawk.to

Source: unknown

Source: chromecache_215.4.dr	String found in binary or memory: http://chat.regie.ai
Source: content.js.LICENSE.txt	String found in binary or memory: http://jedwatson.github.io/classnames
Source: background.js.LICENSE.txt, content.js.LICENSE.txt, options.js.LICENSE.txt, popup.js.LICENSE.txt	String found in binary or memory: http://underscorejs.org/LICENSE
Source: chromecache_170.4.dr	String found in binary or memory: http://www.broofa.com
Source: chromecache_238.4.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: chromecache_238.4.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
Source: chromecache_235.4.dr, chromecache_247.4.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_235.4.dr, chromecache_247.4.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_170.4.dr, chromecache_238.4.dr	String found in binary or memory: https://apis.google.com
Source: chromecache_236.4.dr	String found in binary or memory: https://app.regie.ai/signin
Source: chromecache_236.4.dr	String found in binary or memory: https://app.regie.ai/signup
Source: manifest.json	String found in binary or memory: https://app.salesloft.com/
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/6595d5a2cf94e0382796503a_favicon.sv
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/6595d5a6b0458ca6fede8d34_webclip.sv
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/659eb5e5bd8157098fb7f412_soc2.png
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/659eb5e5bd8157098fb7f414_gdpr.png
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/65ac11d7e7f9caa582bcc887_og%20img.j
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/65cce0b13936557bb5f48dbd_g2%20revie
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/660705a00232456f70c9310b_AISalesAss
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/660705a030fadcc8f8950075_AISalesAss
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/660705a055907c31e5e35e92_AISalesAss
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/660705a0954ad7922c498aaf_AISalesAss
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/css/regie-ai-staging.97281fbbf.min.
Source: chromecache_236.4.dr	String found in binary or memory: https://assets-global.website-files.com/6595d530bcf001adceb21212/js/regie-ai-staging.61876242e.js
Source: content.js, options.js, popup.js	String found in binary or memory: https://bit.ly
Source: chromecache_235.4.dr, chromecache_247.4.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_236.4.dr	String found in binary or memory: https://cdn-cookieyes.com/client_data/ad7f10b5f55ce13492462bf7/script.js
Source: chromecache_236.4.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/typed.js/2.0.10/typed.min.js
Source: manifest.json	String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: chromecache_238.4.dr	String found in binary or memory: https://clients6.google.com
Source: chromecache_249.4.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_249.4.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_238.4.dr	String found in binary or memory: https://content.googleapis.com
Source: chromecache_238.4.dr	String found in binary or memory: https://csp.withgoogle.com/csp/lcreport/
Source: chromecache_236.4.dr	String found in binary or memory: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6595d530bcf001adceb2121
Source: chromecache_249.4.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_249.4.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_249.4.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_173.4.dr, chromecache_168.4.dr	String found in binary or memory: https://developers.marketo.com/MunchkinLicense.pdf
Source: chromecache_238.4.dr	String found in binary or memory: https://domains.google.com/suggest/flow
Source: chromecache_236.4.dr	String found in binary or memory: https://embed.tawk.to/6467a768ad80445890edf29e/1h96864fg
Source: chromecache_165.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-app.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-arr-find-polyfill.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-vendors.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-entries-polyfill.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-event-polyfill.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-iterator-polyfill.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-main.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-object-values-polyfill.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-promise-polyfill.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js
Source: chromecache_162.4.dr	String found in binary or memory: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-vendor.js
Source: background.js.LICENSE.txt, content.js.LICENSE.txt, options.js.LICENSE.txt, popup.js.LICENSE.txt	String found in binary or memory: https://feross.org
Source: popup.js.LICENSE.txt	String found in binary or memory: https://feross.org/opensource
Source: index.html	String found in binary or memory: https://fonts.googleapis.com/css2?family=Inter:wght
Source: chromecache_170.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey200-36dp/2x/gm_alert_gm_grey200_3
Source: chromecache_170.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey600-36dp/2x/gm_alert_gm_grey600_3
Source: chromecache_170.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey200-24dp/1x/gm_close_gm_grey200_2
Source: chromecache_170.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey600-24dp/1x/gm_close_gm_grey600_2
Source: content.js.LICENSE.txt	String found in binary or memory: https://github.com/MikeMcl/decimal.js-light/LICENCE
Source: content.js.LICENSE.txt	String found in binary or memory: https://github.com/cssinjs/jss
Source: content.js.LICENSE.txt, popup.js.LICENSE.txt	String found in binary or memory: https://github.com/focus-trap/tabbable/blob/master/LICENSE
Source: background.js.LICENSE.txt, content.js.LICENSE.txt, options.js.LICENSE.txt, popup.js.LICENSE.txt	String found in binary or memory: https://github.com/jonschlinkert/repeat-string
Source: chromecache_200.4.dr	String found in binary or memory: https://github.com/mattboldt/typed.js
Source: chromecache_172.4.dr	String found in binary or memory: https://github.com/microsoft/clarity
Source: popup.js	String found in binary or memory: https://github.com/zloirock/core-js
Source: popup.js	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.36.1/LICENSE
Source: chromecache_247.4.dr	String found in binary or memory: https://google.com
Source: chromecache_247.4.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_236.4.dr	String found in binary or memory: https://help.regie.ai/
Source: chromecache_248.4.dr	String found in binary or memory: https://help.vimeo.com/hc/en-us/articles/115015677227-Troubleshoot-player-error-messages
Source: manifest.json	String found in binary or memory: https://linkedin.com/
Source: background.js.LICENSE.txt, content.js.LICENSE.txt, options.js.LICENSE.txt, popup.js.LICENSE.txt	String found in binary or memory: https://lodash.com/
Source: background.js.LICENSE.txt, content.js.LICENSE.txt, options.js.LICENSE.txt, popup.js.LICENSE.txt	String found in binary or memory: https://lodash.com/license
Source: manifest.json	String found in binary or memory: https://mail.google.com/
Source: chromecache_236.4.dr	String found in binary or memory: https://mail.google.com/mail/u/0/#inbox
Source: chromecache_236.4.dr	String found in binary or memory: https://my.regie.ai/demo.html
Source: background.js.LICENSE.txt, content.js.LICENSE.txt, options.js.LICENSE.txt, popup.js.LICENSE.txt	String found in binary or memory: https://openjsf.org/
Source: manifest.json	String found in binary or memory: https://outlook.live.com/
Source: manifest.json	String found in binary or memory: https://outlook.live.com/mail/
Source: manifest.json	String found in binary or memory: https://outlook.office.com/
Source: manifest.json	String found in binary or memory: https://outlook.office.com/mail/
Source: manifest.json	String found in binary or memory: https://outlook.office365.com/
Source: manifest.json	String found in binary or memory: https://outlook.office365.com/mail/
Source: chromecache_247.4.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_235.4.dr, chromecache_247.4.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_170.4.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_248.4.dr, chromecache_239.4.dr	String found in binary or memory: https://player.vimeo.com/NOTICE.txt
Source: chromecache_238.4.dr	String found in binary or memory: https://plus.google.com
Source: chromecache_238.4.dr	String found in binary or memory: https://plus.googleapis.com
Source: chromecache_249.4.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_247.4.dr	String found in binary or memory: https://snap.licdn.com/li.lms-analytics/insight.min.js
Source: chromecache_235.4.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_249.4.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_249.4.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_249.4.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_249.4.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_235.4.dr, chromecache_247.4.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_236.4.dr	String found in binary or memory: https://twitter.com/regieai
Source: chromecache_198.4.dr	String found in binary or memory: https://vimeo.com/ablincoln/vuid
Source: chromecache_238.4.dr	String found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
Source: chromecache_249.4.dr	String found in binary or memory: https://www.apache.org/licenses/
Source: chromecache_236.4.dr	String found in binary or memory: https://www.clarity.ms/tag/
Source: chromecache_247.4.dr	String found in binary or memory: https://www.google.com
Source: chromecache_236.4.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js
Source: chromecache_249.4.dr, chromecache_211.4.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_247.4.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_238.4.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.me
Source: chromecache_238.4.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
Source: chromecache_235.4.dr, chromecache_247.4.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_247.4.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_236.4.dr	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: chromecache_236.4.dr	String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-K6BS4LM
Source: chromecache_249.4.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/recaptcha__.
Source: chromecache_170.4.dr	String found in binary or memory: https://www.gstatic.com/gb/html/afbp.html
Source: chromecache_170.4.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_medium.css
Source: chromecache_170.4.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_small.css
Source: chromecache_211.4.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/recaptcha__en.js
Source: chromecache_236.4.dr	String found in binary or memory: https://www.linkedin.com/company/regie-ai
Source: chromecache_235.4.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_164.4.dr	String found in binary or memory: https://www.npmjs.com/package/uglify-js
Source: chromecache_236.4.dr	String found in binary or memory: https://www.regie.ai/guide
Source: chromecache_215.4.dr	String found in binary or memory: https://www.regie.ai/privacy-policy
Source: chromecache_236.4.dr	String found in binary or memory: https://www.regie.ai/teams
Source: content.js.LICENSE.txt, options.js.LICENSE.txt, popup.js.LICENSE.txt	String found in binary or memory: https://www.xarg.org/2014/03/rational-numbers-in-javascript/
Source: chromecache_235.4.dr	String found in binary or memory: https://www.youtube.com/iframe_api

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49812 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49896 version: TLS 1.2

Source: classification engine

Classification label: clean3.winCRX@36/217@92/30

Source: C:\Windows\System32\conhost.exe

Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7512:120:WilError_03

Source: C:\Windows\System32\7za.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: unknown	Process created: C:\Windows\System32\7za.exe 7za.exe x -oC:\chrome "C:\Users\user\Desktop\EFLHGAMMLCOFELHAGIOEGONGHDMHABMK_1_5_7_0.crx"
Source: C:\Windows\System32\7za.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --load-extension=C:\chrome
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=2020,i,15598263287833827349,18053311792611108520,262144 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=2020,i,15598263287833827349,18053311792611108520,262144 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Windows\System32\7za.exe

Section loaded: 7z.dll

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: EFLHGAMMLCOFELHAGIOEGONGHDMHABMK_1_5_7_0.crx

Static file information: File size 5797900 > 1048576

Installs a Chrome extension

Source: unknown

Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --load-extension=C:\chrome

Source: C:\Windows\System32\7za.exe	File created: C:\chrome\background\background.js.LICENSE.txt	Jump to behavior
Source: C:\Windows\System32\7za.exe	File created: C:\chrome\content\content.js.LICENSE.txt	Jump to behavior
Source: C:\Windows\System32\7za.exe	File created: C:\chrome\options\options.js.LICENSE.txt	Jump to behavior
Source: C:\Windows\System32\7za.exe	File created: C:\chrome\popup\popup.js.LICENSE.txt	Jump to behavior

Sample execution stops while process was sleeping (likely an evasion)

Source: C:\Windows\System32\conhost.exe

Last function: Thread delayed

ID:	1447783
Product:	CloudBasic
Start time:	02:55:16
Start date:	27.05.2024
Sample:	EFLHGAMMLCOFELHAGIOEGONGHDMHABMK_1_5_7_0.crx
Cookbook:	default.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS
MD5:	ce51f0538e8172f049d71231036a82a3
SHA1:	a3a1c86e2313ae69769bc254660956c9e7e387d7
SHA256:	064b1105716f25cf9a8146a99f5bc19c24e38680c9f3ff029f0de57b06403128

Windows Analysis Report
EFLHGAMMLCOFELHAGIOEGONGHDMHABMK_1_5_7_0.crx

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Networking

System Summary

Persistence and Installation Behavior

Malware Analysis System Evasion

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report EFLHGAMMLCOFELHAGIOEGONGHDMHABMK_1_5_7_0.crx

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Networking

System Summary

Persistence and Installation Behavior

Malware Analysis System Evasion

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
EFLHGAMMLCOFELHAGIOEGONGHDMHABMK_1_5_7_0.crx