Edit tour

Windows Analysis Report
http://gleapis.com/

Overview

General Information

Sample URL:	http://gleapis.com/
Analysis ID:	1584819
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected suspicious Javascript

AI detected suspicious URL

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64

chrome.exe (PID: 7088 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 5128 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 --field-trial-handle=2172,i,12572247741453265331,13079890883035332652,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 6980 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://gleapis.com/" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

cleanup

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

AI detected suspicious Javascript

Source: 1.4.id.script.csv

Joe Sandbox AI: Detected suspicious JavaScript with source url: https://cint.securiguard.cc/?subid=90942988204&cid... This script demonstrates several high-risk behaviors, including data exfiltration, redirects to suspicious domains, and the use of obfuscated URLs. While some of the functionality may be intended for legitimate purposes, such as analytics or download tracking, the overall implementation raises significant security concerns.

AI detected suspicious URL

Source: URL	Joe Sandbox AI: AI detected Brand spoofing attempt in URL: http://gleapis.com
Source: URL	Joe Sandbox AI: AI detected Typosquatting in URL: http://gleapis.com

Source: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e

HTTP Parser: No favicon

Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /aS/feedclick?s=pQ5DI472BJ6CC1JPcX589HYx7yoEOjrxfSMU3tyux_z96E0CoBhqM6LP-aljHpXLSF-z0hVrtQYmbF8uElIcuTcfW0ZYUoCrGOo-gB3eQlf5d62wLB_4bQ1UXFiBrxv0qzWLdEVI7Ombifo0Skp9Lf2y6AMrdDwUgMO6K_1h2e6eTb6pYnOT5az6lMWcoIuGvBUyZwfN9FUmFsWfUcb_y0xrrgxny4aKAk34BNBiMT4SG3kCQMAW3LIIw217mC2oyRI-FndcvcEoqiL7mkaeKz_CGU2KM8A_NhU-mejR2-N_82_CGaQZ2jTpOugtfas8rzMuacikk0UEA52E0dIT02_6fP3G23SqMmI8cZkXjXPd-eT3EP1VIM0lvaEtRFzeTQBUfhbmIg2Sl9DwRfUQi_pX4AR9NYDVPP4Mh2T4f-_US0yMq-H0dOD6ECDkaURiFGq24t6kLi9kmpkFkUOqMA-ayXlrD0Xjg802LiRW7o0VC4DY9Kmh37baOt94Qi8a7mYdKiWU3z9H-3uz5Zt3HaJbzIrK5N9EmlDaB7tSj71nxBZbuPpufgYxIEoB2FTxDZW6g141J0FUMOCtRPh07PhXmretIozc1AbS0PSXZp0Vx7N5t9vxBGk_cvFOjY7Csy3CjqQFwkigghTOFvPChPFVMy4cSL-YQ_kHyAjmZhks2WYdzATN7ZbFu0rDj85oOFubxSgbeICVBQkFZKDlF4xpmHv3wgcI--etJI-IUvlgKhrL34NxYJbkm--QRf2gnufdqcAe9DFHUVgE-cuaYC7DCLYeRl_sr5IrQUlaoG-aP9Cvqy-dwlnzSJGjFQP_Xjae4xN1vFN0UuwFJsoiR__RU_60-5rpVJ4DA4-UgjQrDlU0U4J5AK97mi6qC6WK6PDw8CmGicUb79SpVfB3-0PsGry9FNKZH3uQ_C8dteQZnk547BHwUzDffQpdJWdEWoMoQg0m5G6tUmchbIGtcmlGz77benHrl1PLjlY-5aF0AbVo7TIqSff9NOsk8UK_Zj3JLzNzm_qMFh76Sum6PvnDcfqzjM_2Agd21ozOCE-R0GTYwbkNqQI8IExqMS85FW3jPJTsy54S7TFq_0CGc9i5bjer7wLBFrNdlrqLQkynDW41xujob36AaSXeBeUGWmPEz9HLu8OHMS0o9IV2HeeHT4ZeS0e_80K-WP4iLJeNKGgpUYstUGM9H5WSHa2urvGlapXzbHzcFqCGuLWs39zolWIUS4GZuSJ6rEklaF6euGphWWkxXwR8k128nUDeTStkzq80VPEn5umqrnXPW1iSh_WrdXbObdb_voS6jJ9hSeMHSr3zeAchPP-qhr5dzm2S-Bpn94vwF81yXuWQ3A0tavoHnhgBhjKAsQGoGjBGOpJa06eopZwrG0QCl_jQD7S14eutFZ7ilpbsz6HFN36o2sRTW35cOiHTSKvqDxFdFTI807aT3OdEbFvuRrPFtQ1szdHspx_AEaoMWyNkcnuREkaPEmFu-_7Pwa3mhjN5TP4r4wwTR10iiyW-ojXONGZAP_VuHP45F4UCZQBtbID85zlRYY7saHxzwupDhsDowpajkqQuuYcICu84H0Os8pPHvuBoC1JPXVeCgm3LwfaGPS1kF_0j5lGIG3J6QNHu-gMLivPqTw HTTP/1.1Host: andoree.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e HTTP/1.1Host: cint.securiguard.ccConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /private-search/fourth/styles/style.css?v15 HTTP/1.1Host: cint.securiguard.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24
Source: global traffic	HTTP traffic detected: GET /private-search/fourth/styles/security-check.css?v4 HTTP/1.1Host: cint.securiguard.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24
Source: global traffic	HTTP traffic detected: GET /private-search/assets/step-1.png HTTP/1.1Host: cint.securiguard.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24
Source: global traffic	HTTP traffic detected: GET /private-search/assets/step-2-securi-guard.png HTTP/1.1Host: cint.securiguard.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/6.0.0/js/all.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cint.securiguard.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lp/js/main.js?v10 HTTP/1.1Host: cint.securiguard.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24
Source: global traffic	HTTP traffic detected: GET /private-search/assets/step-1.png HTTP/1.1Host: cint.securiguard.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24
Source: global traffic	HTTP traffic detected: GET /private-search/assets/step-2-securi-guard.png HTTP/1.1Host: cint.securiguard.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24
Source: global traffic	HTTP traffic detected: GET /impression?c=intpgdirect HTTP/1.1Host: impr.securiguard.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cint.securiguard.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lp/js/main.js?v10 HTTP/1.1Host: cint.securiguard.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24
Source: global traffic	HTTP traffic detected: GET /impression?c=intpgdirect HTTP/1.1Host: impr.securiguard.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?render=6Ld51YUqAAAAAF57R6gVpjrDh5VVE3j4NqiQyG19 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIo7bJAQipncoBCNT9ygEIk6HLAQiFoM0BCLnKzQEIidPNAQip1c0BGOmYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cint.securiguard.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/6.0.0/js/all.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /private-search/fourth/styles/reboot.css HTTP/1.1Host: cint.securiguard.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://cint.securiguard.cc/private-search/fourth/styles/style.css?v15Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?render=6Ld51YUqAAAAAF57R6gVpjrDh5VVE3j4NqiQyG19 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIo7bJAQipncoBCNT9ygEIk6HLAQiFoM0BCLnKzQEIidPNAQip1c0BGOmYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /libs/mixpanel-2-latest.min.js HTTP/1.1Host: cdn.mxpnl.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cint.securiguard.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /private-search/assets/download-video-securi-guard.mp4 HTTP/1.1Host: cint.securiguard.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Encoding: identity;q=1, ;q=0sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: videoReferer: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340eAccept-Language: en-US,en;q=0.9Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24Range: bytes=0-
Source: global traffic	HTTP traffic detected: GET /marketing-site/static/favicons/favicon-16x16.png HTTP/1.1Host: cdn.mxpnl.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cint.securiguard.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /metrika/tag.js HTTP/1.1Host: mc.yandex.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cint.securiguard.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app/fr?type=l1&dp1=90942988204&score=9 HTTP/1.1Host: 7proof.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cint.securiguard.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /marketing-site/static/favicons/favicon-16x16.png HTTP/1.1Host: cdn.mxpnl.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /libs/mixpanel-2-latest.min.js HTTP/1.1Host: cdn.mxpnl.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app/fr?type=l1&dp1=90942988204&score=9 HTTP/1.1Host: 7proof.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6Ld51YUqAAAAAF57R6gVpjrDh5VVE3j4NqiQyG19&co=aHR0cHM6Ly9jaW50LnNlY3VyaWd1YXJkLmNjOjQ0Mw..&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=skv68msclsz7 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIu2yQEIo7bJAQipncoBCNT9ygEIk6HLAQiFoM0BCLnKzQEIidPNAQip1c0BGOmYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://cint.securiguard.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lp/signal/ HTTP/1.1Host: cint.securiguard.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24; otid=9948_2025-01-06; mp_9d1f06337c788fcd584725b02fc2e601_mixpanel=%7B%22distinct_id%22%3A%20%2290942988204%22%2C%22%24device_id%22%3A%20%221943c08b1e71991-0b6d4fd70c7531-26031e51-140000-1943c08b1e71991%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22%24user_id%22%3A%20%2290942988204%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _ym_uid=1736173991612706596; _ym_d=1736173991
Source: global traffic	HTTP traffic detected: GET /sync_cookie_image_check HTTP/1.1Host: mc.yandex.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cint.securiguard.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /metrika/advert.gif HTTP/1.1Host: mc.yandex.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cint.securiguard.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /metrika/tag.js HTTP/1.1Host: mc.yandex.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; yandexuid=1811137491736173991; yashr=875786891736173991
Source: global traffic	HTTP traffic detected: GET /metrika/metrika_match.html HTTP/1.1Host: mc.yandex.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://cint.securiguard.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10611.kduEsEgOxVk7FXNfiVAPnMAlQcxsiP4dniQbI--eavRVwkUryTVcGYgqCuZP8W7l.TTRPRzfw0j6eZnmSb1WuVNeY7h0%2C HTTP/1.1Host: mc.yandex.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cint.securiguard.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; yandexuid=1811137491736173991; yashr=875786891736173991
Source: global traffic	HTTP traffic detected: GET /metrika/advert.gif HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; i=Ve9WU4vaGSpyKpwcrtzJyKuQj/tAzNawbcSbv8K9HeYfBZVvtypM3tWSb+m8Xp/Gnjj85ebGg7Ul9HK8KTe2E/H9IQY=; yandexuid=7083279531736173993; yashr=7427236031736173993
Source: global traffic	HTTP traffic detected: GET /watch/96921485?wmode=7&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22117%22%2C%22Not%3BA%3DBrand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22117%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A117.0.5938.134%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22117.0.5938.134%22%2C%22Not%3BA%3DBrand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22117.0.5938.134%22%0Achm%0A%3F0%0Achp%0AWindows%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1454783664516%3Ahid%3A189034180%3Az%3A-300%3Ai%3A20250106093311%3Aet%3A1736173991%3Ac%3A1%3Arn%3A986580744%3Arqn%3A1%3Au%3A1736173991612706596%3Aw%3A1280x907%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A5850%3Awv%3A2%3Ads%3A17%2C461%2C186%2C52%2C2506%2C0%2C%2C2621%2C18%2C%2C%2C%2C5845%3Aco%3A0%3Acpf%3A1%3Ans%3A1736173983830%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1736173993%3At%3ASecuri%20Guard&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009092)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://cint.securiguard.ccSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://cint.securiguard.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; i=3RB/BiK/UXbC3SNBFpDLGrqNdK6swQVliZZRJ7XRLn/n/Qp0Bg+HsB+NEK9BL5B5/LkYZlri8g+e33/yAfEg74ozDHA=; yandexuid=6872833291736173993; yashr=3331676721736173993
Source: global traffic	HTTP traffic detected: GET /watch/96921485/1?wmode=7&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22117%22%2C%22Not%3BA%3DBrand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22117%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A117.0.5938.134%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22117.0.5938.134%22%2C%22Not%3BA%3DBrand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22117.0.5938.134%22%0Achm%0A%3F0%0Achp%0AWindows%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1454783664516%3Ahid%3A189034180%3Az%3A-300%3Ai%3A20250106093311%3Aet%3A1736173991%3Ac%3A1%3Arn%3A986580744%3Arqn%3A1%3Au%3A1736173991612706596%3Aw%3A1280x907%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A5850%3Awv%3A2%3Ads%3A17%2C461%2C186%2C52%2C2506%2C0%2C%2C2621%2C18%2C%2C%2C%2C5845%3Aco%3A0%3Acpf%3A1%3Ans%3A1736173983830%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1736173993%3At%3ASecuri%20Guard&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29 HTTP/1.1Host: mc.yandex.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://cint.securiguard.ccSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://cint.securiguard.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; i=3RB/BiK/UXbC3SNBFpDLGrqNdK6swQVliZZRJ7XRLn/n/Qp0Bg+HsB+NEK9BL5B5/LkYZlri8g+e33/yAfEg74ozDHA=; yandexuid=6872833291736173993; yashr=3331676721736173993; yabs-sid=2303175631736173994; yuidss=6872833291736173993; ymex=1767709994.yrts.1736173994; receive-cookie-deprecation=1; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIo7bJAQipncoBCNT9ygEIk6HLAQiFoM0BCLnKzQEIidPNAQip1c0BGOmYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld51YUqAAAAAF57R6gVpjrDh5VVE3j4NqiQyG19&co=aHR0cHM6Ly9jaW50LnNlY3VyaWd1YXJkLmNjOjQ0Mw..&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=skv68msclsz7Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/1JtfxEoOHYipHDSo6VGFrhhwWN5-nIbCexrboqLdZ4w.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIo7bJAQipncoBCNT9ygEIk6HLAQiFoM0BCLnKzQEIidPNAQip1c0BGOmYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld51YUqAAAAAF57R6gVpjrDh5VVE3j4NqiQyG19&co=aHR0cHM6Ly9jaW50LnNlY3VyaWd1YXJkLmNjOjQ0Mw..&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=skv68msclsz7Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sync_cookie_image_decide?token=10611.Av94cAKee37rKHJtGXSiNeXsw2Yp-47kitFqRLiTCnCTCzxhh81B6VSAcYU4beRhDUn2-cgAlw6L3ROf7adLefYnlDBPbpTnk-Pd3OiWlU4JxBaxHrbK7NUEJsMcc8LbGHJZnYU3IZRi_nOIQ1QFDYFsAQ9UHBZKBwzxzOcl3r2NTVSQ6Ql1dCfvwoCiqomUGU3FkP6jmtYaIMLzVw8xrcGH2-8WNH9dlH82Zk2rGvs%2C.bPrCNYRtHf960s2hz1vbjA8ojI8%2C HTTP/1.1Host: mc.yandex.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cint.securiguard.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; i=3RB/BiK/UXbC3SNBFpDLGrqNdK6swQVliZZRJ7XRLn/n/Qp0Bg+HsB+NEK9BL5B5/LkYZlri8g+e33/yAfEg74ozDHA=; yandexuid=6872833291736173993; yashr=3331676721736173993
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIo7bJAQipncoBCNT9ygEIk6HLAQiFoM0BCLnKzQEIidPNAQip1c0BGOmYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /watch/96921485/1?wmode=7&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22117%22%2C%22Not%3BA%3DBrand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22117%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A117.0.5938.134%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22117.0.5938.134%22%2C%22Not%3BA%3DBrand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22117.0.5938.134%22%0Achm%0A%3F0%0Achp%0AWindows%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1454783664516%3Ahid%3A189034180%3Az%3A-300%3Ai%3A20250106093311%3Aet%3A1736173991%3Ac%3A1%3Arn%3A986580744%3Arqn%3A1%3Au%3A1736173991612706596%3Aw%3A1280x907%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A5850%3Awv%3A2%3Ads%3A17%2C461%2C186%2C52%2C2506%2C0%2C%2C2621%2C18%2C%2C%2C%2C5845%3Aco%3A0%3Acpf%3A1%3Ans%3A1736173983830%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1736173993%3At%3ASecuri%20Guard&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29 HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; i=3RB/BiK/UXbC3SNBFpDLGrqNdK6swQVliZZRJ7XRLn/n/Qp0Bg+HsB+NEK9BL5B5/LkYZlri8g+e33/yAfEg74ozDHA=; yandexuid=6872833291736173993; yashr=3331676721736173993; yabs-sid=2303175631736173994; yuidss=6872833291736173993; ymex=1767709994.yrts.1736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi
Source: global traffic	HTTP traffic detected: GET /private-search/favicons/securi-guard.ico HTTP/1.1Host: cint.securiguard.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24; otid=9948_2025-01-06; mp_9d1f06337c788fcd584725b02fc2e601_mixpanel=%7B%22distinct_id%22%3A%20%2290942988204%22%2C%22%24device_id%22%3A%20%221943c08b1e71991-0b6d4fd70c7531-26031e51-140000-1943c08b1e71991%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22%24user_id%22%3A%20%2290942988204%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _ym_uid=1736173991612706596; _ym_d=1736173991; _ym_isad=2; _ym_visorc=w
Source: global traffic	HTTP traffic detected: GET /js/bg/1JtfxEoOHYipHDSo6VGFrhhwWN5-nIbCexrboqLdZ4w.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIo7bJAQipncoBCNT9ygEIk6HLAQiFoM0BCLnKzQEIidPNAQip1c0BGOmYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sync_cookie_image_decide?token=10611.Av94cAKee37rKHJtGXSiNeXsw2Yp-47kitFqRLiTCnCTCzxhh81B6VSAcYU4beRhDUn2-cgAlw6L3ROf7adLefYnlDBPbpTnk-Pd3OiWlU4JxBaxHrbK7NUEJsMcc8LbGHJZnYU3IZRi_nOIQ1QFDYFsAQ9UHBZKBwzxzOcl3r2NTVSQ6Ql1dCfvwoCiqomUGU3FkP6jmtYaIMLzVw8xrcGH2-8WNH9dlH82Zk2rGvs%2C.bPrCNYRtHf960s2hz1vbjA8ojI8%2C HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; yp=1736260395.yu.6872833291736173993; ymex=1738765995.oyu.6872833291736173993; sync_cookie_ok=synced
Source: global traffic	HTTP traffic detected: GET /engage/?verbose=1&ip=1&_=1736173995401 HTTP/1.1Host: api-js.mixpanel.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/?verbose=1&ip=1&_=1736173995400 HTTP/1.1Host: api-js.mixpanel.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /private-search/favicons/securi-guard.ico HTTP/1.1Host: cint.securiguard.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24; otid=9948_2025-01-06; mp_9d1f06337c788fcd584725b02fc2e601_mixpanel=%7B%22distinct_id%22%3A%20%2290942988204%22%2C%22%24device_id%22%3A%20%221943c08b1e71991-0b6d4fd70c7531-26031e51-140000-1943c08b1e71991%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22%24user_id%22%3A%20%2290942988204%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _ym_uid=1736173991612706596; _ym_d=1736173991; _ym_isad=2; _ym_visorc=w
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=1&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=1039533349&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1736173997%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093317%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736173997&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=1&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=409544272&browser-info=we%3A1%3Aet%3A1736173998%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093317%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736173998&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=2&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=572140388&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1736174001%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093321%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174001&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=2&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=458040263&browser-info=we%3A1%3Aet%3A1736174001%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093321%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174001&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=3&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=483552179&browser-info=we%3A1%3Aet%3A1736174005%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093325%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174005&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991
Source: global traffic	HTTP traffic detected: GET /downloadproxy/intpgpage/90942988204/?ext_name=SecuriGuard&cid=9948&tag=9948_2025-01-06&file=true HTTP/1.1Host: red.securiguard.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://cint.securiguard.ccSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://cint.securiguard.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /clmap/96921485?page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&pointer-click=rn%3A1036642138%3Ax%3A44369%3Ay%3A14914%3At%3A151%3Ap%3AW%3FAAA1%3AX%3A639%3AY%3A426&browser-info=u%3A1736173991612706596%3Av%3A1551%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Arqnl%3A1%3Ast%3A1736174007&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://cint.securiguard.ccSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://cint.securiguard.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; receive-cookie-deprecation=1; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991
Source: global traffic	HTTP traffic detected: GET /lp/signal/ HTTP/1.1Host: cint.securiguard.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24; otid=9948_2025-01-06; mp_9d1f06337c788fcd584725b02fc2e601_mixpanel=%7B%22distinct_id%22%3A%20%2290942988204%22%2C%22%24device_id%22%3A%20%221943c08b1e71991-0b6d4fd70c7531-26031e51-140000-1943c08b1e71991%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22%24user_id%22%3A%20%2290942988204%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _ym_uid=1736173991612706596; _ym_d=1736173991; _ym_isad=2; _ym_visorc=w
Source: global traffic	HTTP traffic detected: GET /app/fr?type=l10&dp1=90942988204&score=9 HTTP/1.1Host: 7proof.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cint.securiguard.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /prvcy/SecuriGuard.Msix HTTP/1.1Host: file.securiguard.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: nullSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://cint.securiguard.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /clmap/96921485?page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&pointer-click=rn%3A1036642138%3Ax%3A44369%3Ay%3A14914%3At%3A151%3Ap%3AW%3FAAA1%3AX%3A639%3AY%3A426&browser-info=u%3A1736173991612706596%3Av%3A1551%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Arqnl%3A1%3Ast%3A1736174007&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991
Source: global traffic	HTTP traffic detected: GET /app/fr?type=l10&dp1=90942988204&score=9 HTTP/1.1Host: 7proof.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=4&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=270190582&browser-info=we%3A1%3Aet%3A1736174007%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093327%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174007&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=3&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=418939205&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1736174007%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093327%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174007&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=5&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=570021541&browser-info=we%3A1%3Aet%3A1736174009%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093329%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174009&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /engage/?verbose=1&ip=1&_=1736174011079 HTTP/1.1Host: api-js.mixpanel.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/?verbose=1&ip=1&_=1736174011098 HTTP/1.1Host: api-js.mixpanel.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=4&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=986460414&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1736174011%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093331%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174011&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=6&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=677564514&browser-info=we%3A1%3Aet%3A1736174013%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093333%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174013&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=7&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=238445954&browser-info=we%3A1%3Aet%3A1736174017%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093337%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174017&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /clmap/96921485?page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&pointer-click=rn%3A620407261%3Ax%3A29484%3Ay%3A47499%3At%3A271%3Ap%3A~%3AX%3A634%3AY%3A889&browser-info=u%3A1736173991612706596%3Av%3A1551%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Arqnl%3A1%3Ast%3A1736174018&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://cint.securiguard.ccSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://cint.securiguard.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; receive-cookie-deprecation=1; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /clmap/96921485?page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&pointer-click=rn%3A620407261%3Ax%3A29484%3Ay%3A47499%3At%3A271%3Ap%3A~%3AX%3A634%3AY%3A889&browser-info=u%3A1736173991612706596%3Av%3A1551%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Arqnl%3A1%3Ast%3A1736174018&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=8&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=452195672&browser-info=we%3A1%3Aet%3A1736174019%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093339%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174019&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=9&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=308317301&browser-info=we%3A1%3Aet%3A1736174021%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093341%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174021&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=1&wv-check=2030&wv-type=0&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=1052884672&browser-info=we%3A1%3Aet%3A1736174021%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093341%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174021&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=10&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=979170264&browser-info=we%3A1%3Aet%3A1736174025%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093345%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174025&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=5&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=875252603&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1736174027%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093347%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174027&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=11&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=1063392642&browser-info=we%3A1%3Aet%3A1736174028%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093347%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174028&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=12&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=435462450&browser-info=we%3A1%3Aet%3A1736174031%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093351%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174031&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=13&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=471684033&browser-info=we%3A1%3Aet%3A1736174033%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093353%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174033&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=14&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=261367693&browser-info=we%3A1%3Aet%3A1736174035%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093355%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174035&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=15&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=994173573&browser-info=we%3A1%3Aet%3A1736174037%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093357%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174037&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=6&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=363423943&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1736174041%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093401%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174041&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=16&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=102680793&browser-info=we%3A1%3Aet%3A1736174042%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093401%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174042&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /clmap/96921485?page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&pointer-click=rn%3A503021263%3Ax%3A29484%3Ay%3A47499%3At%3A547%3Ap%3A~%3AX%3A634%3AY%3A889&browser-info=u%3A1736173991612706596%3Av%3A1551%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Arqnl%3A1%3Ast%3A1736174046&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://cint.securiguard.ccSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://cint.securiguard.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; receive-cookie-deprecation=1; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=17&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=369774060&browser-info=we%3A1%3Aet%3A1736174045%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093405%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174045&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /clmap/96921485?page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&pointer-click=rn%3A503021263%3Ax%3A29484%3Ay%3A47499%3At%3A547%3Ap%3A~%3AX%3A634%3AY%3A889&browser-info=u%3A1736173991612706596%3Av%3A1551%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Arqnl%3A1%3Ast%3A1736174046&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=18&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=122123680&browser-info=we%3A1%3Aet%3A1736174047%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093407%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174047&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=19&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=627135884&browser-info=we%3A1%3Aet%3A1736174049%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093409%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174049&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=2&wv-check=23344&wv-type=0&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=119214285&browser-info=we%3A1%3Aet%3A1736174052%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093411%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174052&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=20&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=128907956&browser-info=we%3A1%3Aet%3A1736174053%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093413%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174053&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET /webvisor/96921485?wv-part=21&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=793907410&browser-info=we%3A1%3Aet%3A1736174055%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093415%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174055&t=gdpr(14)ti(1) HTTP/1.1Host: mc.yandex.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync_cookie_csrf=777161843fake; yashr=3331676721736173993; yabs-sid=2303175631736173994; bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; yandexuid=1811137491736173991; yuidss=1811137491736173991; i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; sync_cookie_ok=synced; yp=1736260396.yu.1811137491736173991; ymex=1738765996.oyu.1811137491736173991#1767710009.yrts.1736174009
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: gleapis.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: gleapis.com
Source: global traffic	DNS traffic detected: DNS query: andoree.com
Source: global traffic	DNS traffic detected: DNS query: cint.securiguard.cc
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: impr.securiguard.cc
Source: global traffic	DNS traffic detected: DNS query: mc.yandex.ru
Source: global traffic	DNS traffic detected: DNS query: cdn.mxpnl.com
Source: global traffic	DNS traffic detected: DNS query: 7proof.com
Source: global traffic	DNS traffic detected: DNS query: mc.yandex.com
Source: global traffic	DNS traffic detected: DNS query: api-js.mixpanel.com
Source: global traffic	DNS traffic detected: DNS query: red.securiguard.cc
Source: global traffic	DNS traffic detected: DNS query: file.securiguard.cc

Source: unknown

HTTP traffic detected: POST /lp/signal/ HTTP/1.1Host: cint.securiguard.ccConnection: keep-aliveContent-Length: 858sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: multipart/form-data; boundary=----WebKitFormBoundary5A91TfeFYLqjIH1bAccept: */*Origin: https://cint.securiguard.ccSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24; otid=9948_2025-01-06

Source: chromecache_130.3.dr, chromecache_129.3.dr	String found in binary or memory: http://tizen.org/system/tizenid
Source: chromecache_103.3.dr	String found in binary or memory: https://7proof.com/app/fr?type=l1&dp1=
Source: chromecache_103.3.dr	String found in binary or memory: https://7proof.com/app/fr?type=l10&dp1=
Source: chromecache_102.3.dr, chromecache_126.3.dr	String found in binary or memory: https://api-js.mixpanel.com
Source: chromecache_102.3.dr, chromecache_126.3.dr	String found in binary or memory: https://cdn.mxpnl.com
Source: chromecache_103.3.dr	String found in binary or memory: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Source: chromecache_102.3.dr, chromecache_126.3.dr	String found in binary or memory: https://cdn.mxpnl.com/libs/mixpanel-recorder.min.js
Source: chromecache_125.3.dr, chromecache_108.3.dr	String found in binary or memory: https://cdn.mxpnl.com/marketing-site/static/favicons/favicon-16x16.png
Source: chromecache_103.3.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/js/all.min.js
Source: chromecache_128.3.dr, chromecache_120.3.dr, chromecache_116.3.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_128.3.dr, chromecache_120.3.dr, chromecache_116.3.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_128.3.dr, chromecache_120.3.dr, chromecache_116.3.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_128.3.dr, chromecache_120.3.dr, chromecache_116.3.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_128.3.dr, chromecache_120.3.dr, chromecache_116.3.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_110.3.dr	String found in binary or memory: https://dmp.adform.net/serving/cookie/match?party=1123
Source: chromecache_130.3.dr, chromecache_129.3.dr	String found in binary or memory: https://eu.asas.yango.com/mapuid
Source: chromecache_101.3.dr, chromecache_114.3.dr	String found in binary or memory: https://fontawesome.com
Source: chromecache_101.3.dr, chromecache_114.3.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: chromecache_103.3.dr	String found in binary or memory: https://fonts.googleapis.com
Source: chromecache_103.3.dr	String found in binary or memory: https://fonts.googleapis.com/css2?family=Inter:wght
Source: chromecache_103.3.dr	String found in binary or memory: https://fonts.gstatic.com
Source: chromecache_107.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2)
Source: chromecache_107.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2)
Source: chromecache_107.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1pL7SUc.woff2)
Source: chromecache_107.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7SUc.woff2)
Source: chromecache_107.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa2JL7SUc.woff2)
Source: chromecache_107.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa2ZL7SUc.woff2)
Source: chromecache_107.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa2pL7SUc.woff2)
Source: chromecache_125.3.dr, chromecache_108.3.dr	String found in binary or memory: https://get.searcheasily.net/report/desktop-apps/?action=page_load
Source: chromecache_103.3.dr	String found in binary or memory: https://impr.securiguard.cc/impression?c=intpgdirect
Source: chromecache_110.3.dr	String found in binary or memory: https://mc.kinopoisk.ru/sync_cookie_image_check
Source: chromecache_130.3.dr, chromecache_129.3.dr	String found in binary or memory: https://mc.yandex.
Source: chromecache_130.3.dr, chromecache_129.3.dr	String found in binary or memory: https://mc.yandex.md/cc
Source: chromecache_102.3.dr, chromecache_126.3.dr	String found in binary or memory: https://mixpanel.com
Source: chromecache_102.3.dr, chromecache_126.3.dr	String found in binary or memory: https://mixpanel.com/projects/replay-redirect?
Source: chromecache_116.3.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_103.3.dr	String found in binary or memory: https://red.securiguard.cc/downloadproxy/intpgpage/
Source: chromecache_116.3.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_128.3.dr, chromecache_120.3.dr, chromecache_116.3.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_128.3.dr, chromecache_120.3.dr, chromecache_116.3.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_128.3.dr, chromecache_120.3.dr, chromecache_116.3.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_103.3.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js?render=6Ld51YUqAAAAAF57R6gVpjrDh5VVE3j4NqiQyG19
Source: chromecache_128.3.dr, chromecache_121.3.dr, chromecache_120.3.dr, chromecache_109.3.dr, chromecache_116.3.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_128.3.dr, chromecache_120.3.dr, chromecache_116.3.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__.
Source: chromecache_121.3.dr, chromecache_109.3.dr, chromecache_96.3.dr, chromecache_106.3.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js
Source: chromecache_130.3.dr, chromecache_129.3.dr	String found in binary or memory: https://yastatic.net/s3/gdpr/v3/gdpr
Source: chromecache_130.3.dr, chromecache_129.3.dr	String found in binary or memory: https://yastatic.net/s3/taxi-front/yango-gdpr-popup/
Source: chromecache_130.3.dr, chromecache_129.3.dr	String found in binary or memory: https://ymetrica1.com/watch/3/1

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50125 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 50085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 49996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50064
Source: unknown	Network traffic detected: HTTP traffic on port 50091 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50113 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50107 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50074
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 50120 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50075
Source: unknown	Network traffic detected: HTTP traffic on port 50114 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50130 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50096 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50081
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50085
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 50119 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50090
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50091
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50094
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50093
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50096
Source: unknown	Network traffic detected: HTTP traffic on port 49955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50095
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50130
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 50090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50025
Source: unknown	Network traffic detected: HTTP traffic on port 50095 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50103 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50032
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50110 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50104 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 50121 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49993
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 50033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50045
Source: unknown	Network traffic detected: HTTP traffic on port 50115 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50109 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50052
Source: unknown	Network traffic detected: HTTP traffic on port 50126 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50094 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50106
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50105
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50108
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50107
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50109
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50102
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50101
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50104
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50103
Source: unknown	Network traffic detected: HTTP traffic on port 50025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50117
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50119
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50118
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50110
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50113
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50112
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50114
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50127 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50007
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50128
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50127
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50129
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49994 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50120
Source: unknown	Network traffic detected: HTTP traffic on port 50020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50093 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50122
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50121
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50003
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50124
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50123
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50126
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50004
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50125
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50105 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50098
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50097
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50099
Source: unknown	Network traffic detected: HTTP traffic on port 50112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50075 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50106 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50129 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50052 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 50064 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50123 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50117 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50098 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 50124 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50097 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49993 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50101 -> 443

Source: classification engine

Classification label: mal48.win@19/81@54/20

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 --field-trial-handle=2172,i,12572247741453265331,13079890883035332652,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://gleapis.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 --field-trial-handle=2172,i,12572247741453265331,13079890883035332652,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.1.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.1.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.1.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.1.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.1.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.1.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	2 Browser Extensions	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	1 Registry Run Keys / Startup Folder	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	3 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	4 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
http://gleapis.com/	0%	Avira URL Cloud	safe

Source	Detection	Scanner	Label
https://cint.securiguard.cc/private-search/fourth/styles/security-check.css?v4	0%	Avira URL Cloud	safe
https://cint.securiguard.cc/private-search/assets/step-2-securi-guard.png	0%	Avira URL Cloud	safe
https://red.securiguard.cc/downloadproxy/intpgpage/	0%	Avira URL Cloud	safe
https://get.searcheasily.net/report/desktop-apps/?action=page_load	0%	Avira URL Cloud	safe
https://cint.securiguard.cc/private-search/assets/step-1.png	0%	Avira URL Cloud	safe
https://cint.securiguard.cc/private-search/fourth/styles/reboot.css	0%	Avira URL Cloud	safe
https://red.securiguard.cc/downloadproxy/intpgpage/90942988204/?ext_name=SecuriGuard&cid=9948&tag=9948_2025-01-06&file=true	0%	Avira URL Cloud	safe
https://cint.securiguard.cc/lp/signal/	0%	Avira URL Cloud	safe
https://cint.securiguard.cc/private-search/fourth/styles/style.css?v15	0%	Avira URL Cloud	safe
https://impr.securiguard.cc/impression?c=intpgdirect	0%	Avira URL Cloud	safe
https://cint.securiguard.cc/private-search/assets/download-video-securi-guard.mp4	0%	Avira URL Cloud	safe
https://cint.securiguard.cc/private-search/favicons/securi-guard.ico	0%	Avira URL Cloud	safe
https://file.securiguard.cc/prvcy/SecuriGuard.Msix	0%	Avira URL Cloud	safe
https://cint.securiguard.cc/lp/js/main.js?v10	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
animate-utahraptor-352svyxp7jrptr7oxot7gzg1.herokudns.com	3.33.148.61	true	false	unknown
mc.yandex.ru	93.158.134.119	true	false	high
dp18jteuf0suj.cloudfront.net	18.66.147.39	true	false	unknown
andoree.com	104.21.80.249	true	false	high
api-js.mixpanel.com	35.190.25.25	true	false	high
cdnjs.cloudflare.com	104.17.25.14	true	false	high
fitted-chickpea-93d5aunl151c7yze17jzeqxz.herokudns.com	3.33.148.61	true	false	unknown
www.google.com	142.250.185.228	true	false	high
cdn.mxpnl.com	130.211.5.208	true	false	high
cint.securiguard.cc	206.189.225.178	true	true	unknown
gleapis.com	94.229.72.125	true	true	unknown
7proof.com	52.116.53.155	true	false	high
red.securiguard.cc	unknown	unknown	false	unknown
mc.yandex.com	unknown	unknown	false	high
file.securiguard.cc	unknown	unknown	false	unknown
impr.securiguard.cc	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://cint.securiguard.cc/private-search/fourth/styles/security-check.css?v4	false	Avira URL Cloud: safe	unknown
https://cint.securiguard.cc/private-search/assets/step-2-securi-guard.png	false	Avira URL Cloud: safe	unknown
https://www.google.com/recaptcha/api.js?render=6Ld51YUqAAAAAF57R6gVpjrDh5VVE3j4NqiQyG19	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=9&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=308317301&browser-info=we%3A1%3Aet%3A1736174021%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093341%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174021&t=gdpr(14)ti(1)	false		high
https://mc.yandex.com/watch/96921485?wmode=7&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22117%22%2C%22Not%3BA%3DBrand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22117%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A117.0.5938.134%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22117.0.5938.134%22%2C%22Not%3BA%3DBrand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22117.0.5938.134%22%0Achm%0A%3F0%0Achp%0AWindows%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1454783664516%3Ahid%3A189034180%3Az%3A-300%3Ai%3A20250106093311%3Aet%3A1736173991%3Ac%3A1%3Arn%3A986580744%3Arqn%3A1%3Au%3A1736173991612706596%3Aw%3A1280x907%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A5850%3Awv%3A2%3Ads%3A17%2C461%2C186%2C52%2C2506%2C0%2C%2C2621%2C18%2C%2C%2C%2C5845%3Aco%3A0%3Acpf%3A1%3Ans%3A1736173983830%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1736173993%3At%3ASecuri%20Guard&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009092)ti(1)	false		high
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld51YUqAAAAAF57R6gVpjrDh5VVE3j4NqiQyG19&co=aHR0cHM6Ly9jaW50LnNlY3VyaWd1YXJkLmNjOjQ0Mw..&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=skv68msclsz7	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=6&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=677564514&browser-info=we%3A1%3Aet%3A1736174013%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093333%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174013&t=gdpr(14)ti(1)	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=13&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=471684033&browser-info=we%3A1%3Aet%3A1736174033%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093353%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174033&t=gdpr(14)ti(1)	false		high
https://www.google.com/js/bg/1JtfxEoOHYipHDSo6VGFrhhwWN5-nIbCexrboqLdZ4w.js	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=2&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=458040263&browser-info=we%3A1%3Aet%3A1736174001%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093321%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174001&t=gdpr(14)ti(1)	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=7&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=238445954&browser-info=we%3A1%3Aet%3A1736174017%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093337%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174017&t=gdpr(14)ti(1)	false		high
https://mc.yandex.com/clmap/96921485?page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&pointer-click=rn%3A620407261%3Ax%3A29484%3Ay%3A47499%3At%3A271%3Ap%3A~%3AX%3A634%3AY%3A889&browser-info=u%3A1736173991612706596%3Av%3A1551%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Arqnl%3A1%3Ast%3A1736174018&t=gdpr(14)ti(1)	false		high
https://mc.yandex.com/watch/96921485?page-url=goal%3A%2F%2Fcint.securiguard.cc%2Fpage_load&page-ref=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22117%22%2C%22Not%3BA%3DBrand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22117%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A117.0.5938.134%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22117.0.5938.134%22%2C%22Not%3BA%3DBrand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22117.0.5938.134%22%0Achm%0A%3F0%0Achp%0AWindows%0Achv%0A10.0.0&hittoken=1736173995_58dd63e1d12f5ea1dce7de0cbbfe477591d98f2d9b1d892022993cd439639060&browser-info=ar%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A1%3Als%3A1454783664516%3Ahid%3A189034180%3Az%3A-300%3Ai%3A20250106093314%3Aet%3A1736173995%3Ac%3A1%3Arn%3A603331979%3Arqn%3A2%3Au%3A1736173991612706596%3Aw%3A1280x907%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1736173983830%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1736173995%3At%3ASecuri%20Guard&t=gdpr(14)mc(g-1)clc(0-0-0)rqnt(2)aw(1)rcm(1)cdl(na)eco(42009092)ti(0)&force-urlencoded=1	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=4&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=986460414&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1736174011%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093331%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174011&t=gdpr(14)ti(1)	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=8&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=452195672&browser-info=we%3A1%3Aet%3A1736174019%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093339%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174019&t=gdpr(14)ti(1)	false		high
https://cint.securiguard.cc/private-search/assets/step-1.png	false	Avira URL Cloud: safe	unknown
https://mc.yandex.com/webvisor/96921485?wv-part=17&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=369774060&browser-info=we%3A1%3Aet%3A1736174045%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093405%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174045&t=gdpr(14)ti(1)	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=1&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=409544272&browser-info=we%3A1%3Aet%3A1736173998%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093317%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736173998&t=gdpr(14)ti(1)	false		high
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10611.kduEsEgOxVk7FXNfiVAPnMAlQcxsiP4dniQbI--eavRVwkUryTVcGYgqCuZP8W7l.TTRPRzfw0j6eZnmSb1WuVNeY7h0%2C	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=20&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=128907956&browser-info=we%3A1%3Aet%3A1736174053%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093413%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174053&t=gdpr(14)ti(1)	false		high
https://7proof.com/app/fr?type=l10&dp1=90942988204&score=9	false		high
http://gleapis.com/	false		unknown
https://cint.securiguard.cc/lp/signal/	false	Avira URL Cloud: safe	unknown
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF	false		high
https://red.securiguard.cc/downloadproxy/intpgpage/90942988204/?ext_name=SecuriGuard&cid=9948&tag=9948_2025-01-06&file=true	false	Avira URL Cloud: safe	unknown
https://mc.yandex.ru/metrika/tag.js	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=2&wv-check=23344&wv-type=0&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=119214285&browser-info=we%3A1%3Aet%3A1736174052%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093411%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174052&t=gdpr(14)ti(1)	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=10&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=979170264&browser-info=we%3A1%3Aet%3A1736174025%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093345%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174025&t=gdpr(14)ti(1)	false		high
https://mc.yandex.com/watch/96921485/1?wmode=7&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22117%22%2C%22Not%3BA%3DBrand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22117%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A117.0.5938.134%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22117.0.5938.134%22%2C%22Not%3BA%3DBrand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22117.0.5938.134%22%0Achm%0A%3F0%0Achp%0AWindows%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1454783664516%3Ahid%3A189034180%3Az%3A-300%3Ai%3A20250106093311%3Aet%3A1736173991%3Ac%3A1%3Arn%3A986580744%3Arqn%3A1%3Au%3A1736173991612706596%3Aw%3A1280x907%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A5850%3Awv%3A2%3Ads%3A17%2C461%2C186%2C52%2C2506%2C0%2C%2C2621%2C18%2C%2C%2C%2C5845%3Aco%3A0%3Acpf%3A1%3Ans%3A1736173983830%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1736173993%3At%3ASecuri%20Guard&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=3&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=483552179&browser-info=we%3A1%3Aet%3A1736174005%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093325%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174005&t=gdpr(14)ti(1)	false		high
https://7proof.com/app/fr?type=l1&dp1=90942988204&score=9	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=3&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=418939205&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1736174007%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093327%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174007&t=gdpr(14)ti(1)	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=5&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=875252603&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1736174027%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093347%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174027&t=gdpr(14)ti(1)	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=11&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=1063392642&browser-info=we%3A1%3Aet%3A1736174028%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093347%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174028&t=gdpr(14)ti(1)	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=18&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=122123680&browser-info=we%3A1%3Aet%3A1736174047%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093407%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174047&t=gdpr(14)ti(1)	false		high
https://cint.securiguard.cc/private-search/fourth/styles/reboot.css	false	Avira URL Cloud: safe	unknown
https://mc.yandex.com/sync_cookie_image_check	false		high
https://mc.yandex.com/watch/96921485?page-url=goal%3A%2F%2Fcint.securiguard.cc%2Fdownload_click&page-ref=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22117%22%2C%22Not%3BA%3DBrand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22117%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A117.0.5938.134%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22117.0.5938.134%22%2C%22Not%3BA%3DBrand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22117.0.5938.134%22%0Achm%0A%3F0%0Achp%0AWindows%0Achv%0A10.0.0&hittoken=1736173995_58dd63e1d12f5ea1dce7de0cbbfe477591d98f2d9b1d892022993cd439639060&browser-info=ar%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A1%3Als%3A1454783664516%3Ahid%3A189034180%3Az%3A-300%3Ai%3A20250106093326%3Aet%3A1736174007%3Ac%3A1%3Arn%3A311241459%3Arqn%3A3%3Au%3A1736173991612706596%3Aw%3A1280x907%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C11388%2C11388%2C0%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A2%3Ans%3A1736173983830%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1736174007%3At%3ASecuri%20Guard&t=gdpr(14)mc(g-1)clc(1-639-426)rqnt(3)aw(1)rcm(1)cdl(na)eco(42009092)dss(2)ti(0)&force-urlencoded=1	false		high
https://mc.yandex.com/watch/96921485/1?page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&charset=utf-8&hittoken=1736173995_58dd63e1d12f5ea1dce7de0cbbfe477591d98f2d9b1d892022993cd439639060&browser-info=nb%3A1%3Acl%3A3524%3Aar%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A1%3Als%3A1454783664516%3Ahid%3A189034180%3Az%3A-300%3Ai%3A20250106093341%3Aet%3A1736174022%3Ac%3A1%3Arn%3A170229745%3Arqn%3A4%3Au%3A1736173991612706596%3Aw%3A1280x907%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A2%3Ans%3A1736173983830%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1736174022&t=gdpr(14)mc(g-2)clc(2-636-657)rqnt(4)aw(1)rcm(1)cdl(na)eco(42009092)dss(2)fid(9000)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22ct%22%3A%5B%5D%7D%7D	false		high
https://mc.yandex.com/clmap/96921485?page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&pointer-click=rn%3A503021263%3Ax%3A29484%3Ay%3A47499%3At%3A547%3Ap%3A~%3AX%3A634%3AY%3A889&browser-info=u%3A1736173991612706596%3Av%3A1551%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Arqnl%3A1%3Ast%3A1736174046&t=gdpr(14)ti(1)	false		high
https://cint.securiguard.cc/private-search/fourth/styles/style.css?v15	false	Avira URL Cloud: safe	unknown
https://impr.securiguard.cc/impression?c=intpgdirect	false	Avira URL Cloud: safe	unknown
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/js/all.min.js	false		high
https://file.securiguard.cc/prvcy/SecuriGuard.Msix	false	Avira URL Cloud: safe	unknown
https://mc.yandex.com/webvisor/96921485?wv-part=2&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=572140388&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1736174001%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093321%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174001&t=gdpr(14)ti(1)	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=14&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=261367693&browser-info=we%3A1%3Aet%3A1736174035%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093355%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174035&t=gdpr(14)ti(1)	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=4&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=270190582&browser-info=we%3A1%3Aet%3A1736174007%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093327%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174007&t=gdpr(14)ti(1)	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=21&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=793907410&browser-info=we%3A1%3Aet%3A1736174055%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093415%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174055&t=gdpr(14)ti(1)	false		high
https://cint.securiguard.cc/private-search/favicons/securi-guard.ico	false	Avira URL Cloud: safe	unknown
https://mc.yandex.com/sync_cookie_image_decide?token=10611.Av94cAKee37rKHJtGXSiNeXsw2Yp-47kitFqRLiTCnCTCzxhh81B6VSAcYU4beRhDUn2-cgAlw6L3ROf7adLefYnlDBPbpTnk-Pd3OiWlU4JxBaxHrbK7NUEJsMcc8LbGHJZnYU3IZRi_nOIQ1QFDYFsAQ9UHBZKBwzxzOcl3r2NTVSQ6Ql1dCfvwoCiqomUGU3FkP6jmtYaIMLzVw8xrcGH2-8WNH9dlH82Zk2rGvs%2C.bPrCNYRtHf960s2hz1vbjA8ojI8%2C	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=16&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=102680793&browser-info=we%3A1%3Aet%3A1736174042%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093401%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174042&t=gdpr(14)ti(1)	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=19&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=627135884&browser-info=we%3A1%3Aet%3A1736174049%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093409%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174049&t=gdpr(14)ti(1)	false		high
https://cint.securiguard.cc/lp/js/main.js?v10	false	Avira URL Cloud: safe	unknown
https://mc.yandex.com/webvisor/96921485?wv-part=5&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=570021541&browser-info=we%3A1%3Aet%3A1736174009%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093329%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174009&t=gdpr(14)ti(1)	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=15&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=994173573&browser-info=we%3A1%3Aet%3A1736174037%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093357%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174037&t=gdpr(14)ti(1)	false		high
https://mc.yandex.com/clmap/96921485?page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&pointer-click=rn%3A1036642138%3Ax%3A44369%3Ay%3A14914%3At%3A151%3Ap%3AW%3FAAA1%3AX%3A639%3AY%3A426&browser-info=u%3A1736173991612706596%3Av%3A1551%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Arqnl%3A1%3Ast%3A1736174007&t=gdpr(14)ti(1)	false		high
https://mc.yandex.com/metrika/metrika_match.html	false		high
https://cint.securiguard.cc/private-search/assets/download-video-securi-guard.mp4	false	Avira URL Cloud: safe	unknown
https://mc.yandex.com/metrika/advert.gif	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=1&wv-check=2030&wv-type=0&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=1052884672&browser-info=we%3A1%3Aet%3A1736174021%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093341%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174021&t=gdpr(14)ti(1)	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=6&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=363423943&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1736174041%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093401%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174041&t=gdpr(14)ti(1)	false		high
https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e	false		unknown
https://mc.yandex.com/webvisor/96921485?wv-part=12&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=435462450&browser-info=we%3A1%3Aet%3A1736174031%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093351%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736174031&t=gdpr(14)ti(1)	false		high
https://mc.yandex.com/webvisor/96921485?wv-part=1&wv-type=7&wmode=0&wv-hit=189034180&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&rn=1039533349&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1736173997%3Aw%3A1280x907%3Av%3A1551%3Az%3A-300%3Ai%3A20250106093317%3Au%3A1736173991612706596%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1736173997&t=gdpr(14)ti(1)	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://7proof.com/app/fr?type=l10&dp1=	chromecache_103.3.dr	false		high
https://developers.google.com/recaptcha/docs/faq#localhost_support	chromecache_128.3.dr, chromecache_120.3.dr, chromecache_116.3.dr	false		high
https://support.google.com/recaptcha#6262736	chromecache_128.3.dr, chromecache_120.3.dr, chromecache_116.3.dr	false		high
https://mc.yandex.	chromecache_130.3.dr, chromecache_129.3.dr	false		high
https://support.google.com/recaptcha/?hl=en#6223828	chromecache_128.3.dr, chromecache_120.3.dr, chromecache_116.3.dr	false		high
https://cloud.google.com/contact	chromecache_128.3.dr, chromecache_120.3.dr, chromecache_116.3.dr	false		high
https://fontawesome.com/license/free	chromecache_101.3.dr, chromecache_114.3.dr	false		high
https://red.securiguard.cc/downloadproxy/intpgpage/	chromecache_103.3.dr	false	Avira URL Cloud: safe	unknown
https://fontawesome.com	chromecache_101.3.dr, chromecache_114.3.dr	false		high
https://www.gstatic.c..?/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__.	chromecache_128.3.dr, chromecache_120.3.dr, chromecache_116.3.dr	false		high
https://support.google.com/recaptcha/#6175971	chromecache_128.3.dr, chromecache_120.3.dr, chromecache_116.3.dr	false		high
https://www.google.com/recaptcha/api2/	chromecache_128.3.dr, chromecache_121.3.dr, chromecache_120.3.dr, chromecache_109.3.dr, chromecache_116.3.dr	false		high
https://7proof.com/app/fr?type=l1&dp1=	chromecache_103.3.dr	false		high
https://mc.yandex.md/cc	chromecache_130.3.dr, chromecache_129.3.dr	false		high
https://support.google.com/recaptcha	chromecache_116.3.dr	false		high
https://dmp.adform.net/serving/cookie/match?party=1123	chromecache_110.3.dr	false		high
https://get.searcheasily.net/report/desktop-apps/?action=page_load	chromecache_125.3.dr, chromecache_108.3.dr	false	Avira URL Cloud: safe	unknown
https://mc.kinopoisk.ru/sync_cookie_image_check	chromecache_110.3.dr	false		high
https://cloud.google.com/recaptcha-enterprise/billing-information	chromecache_128.3.dr, chromecache_120.3.dr, chromecache_116.3.dr	false		high
http://tizen.org/system/tizenid	chromecache_130.3.dr, chromecache_129.3.dr	false		high
https://yastatic.net/s3/gdpr/v3/gdpr	chromecache_130.3.dr, chromecache_129.3.dr	false		high
https://ymetrica1.com/watch/3/1	chromecache_130.3.dr, chromecache_129.3.dr	false		high
https://eu.asas.yango.com/mapuid	chromecache_130.3.dr, chromecache_129.3.dr	false		high
https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que	chromecache_128.3.dr, chromecache_120.3.dr, chromecache_116.3.dr	false		high
https://play.google.com/log?format=json&hasfast=true	chromecache_116.3.dr	false		high
https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca	chromecache_128.3.dr, chromecache_120.3.dr, chromecache_116.3.dr	false		high
https://yastatic.net/s3/taxi-front/yango-gdpr-popup/	chromecache_130.3.dr, chromecache_129.3.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.185.228	www.google.com	United States	15169	GOOGLEUS	false
35.186.241.51	unknown	United States	15169	GOOGLEUS	false
52.116.53.155	7proof.com	United States	36351	SOFTLAYERUS	false
130.211.5.208	cdn.mxpnl.com	United States	15169	GOOGLEUS	false
3.33.148.61	animate-utahraptor-352svyxp7jrptr7oxot7gzg1.herokudns.com	United States	8987	AMAZONEXPANSIONGB	false
93.158.134.119	mc.yandex.ru	Russian Federation	13238	YANDEXRU	false
142.250.186.132	unknown	United States	15169	GOOGLEUS	false
87.250.251.119	unknown	Russian Federation	13238	YANDEXRU	false
18.66.147.39	dp18jteuf0suj.cloudfront.net	United States	3	MIT-GATEWAYSUS	false
104.17.24.14	unknown	United States	13335	CLOUDFLARENETUS	false
94.229.72.125	gleapis.com	United Kingdom	42831	UKSERVERS-ASUKDedicatedServersHostingandCo-Location	true
13.248.241.119	unknown	United States	16509	AMAZON-02US	false
216.58.206.68	unknown	United States	15169	GOOGLEUS	false
35.190.25.25	api-js.mixpanel.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
206.189.225.178	cint.securiguard.cc	United States	14061	DIGITALOCEAN-ASNUS	true
142.250.186.164	unknown	United States	15169	GOOGLEUS	false
104.21.80.249	andoree.com	United States	13335	CLOUDFLARENETUS	false
104.17.25.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.9

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1584819
Start date and time:	2025-01-06 15:32:03 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 45s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://gleapis.com/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	11
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.win@19/81@54/20
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 172.217.18.3, 142.250.185.174, 64.233.166.84, 142.250.185.206, 216.58.212.174, 172.217.16.206, 142.250.185.74, 216.58.212.163, 142.250.186.67, 172.217.16.202, 216.58.212.170, 142.250.186.74, 216.58.212.138, 142.250.184.234, 142.250.186.106, 172.217.16.138, 142.250.186.42, 142.250.185.106, 142.250.186.138, 142.250.185.170, 172.217.18.10, 172.217.23.106, 216.58.206.74, 142.250.185.138, 142.250.181.227, 192.229.221.95, 172.217.16.195, 142.250.185.238, 142.250.185.142, 142.250.181.238, 142.250.184.195, 13.107.246.45, 184.28.90.27, 4.175.87.197, 23.206.229.209
Excluded domains from analysis (whitelisted): www.bing.com, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, otelrules.azureedge.net, slscr.update.microsoft.com, fonts.gstatic.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com, www.gstatic.com
Not all processes where analyzed, report is missing behavior information
Report size exceeded maximum capacity and may have missing network information.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: http://gleapis.com/

Input	Output
URL: http://gleapis.com Model: Joe Sandbox AI	{ "typosquatting": true, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": false, "brand_spoofing_attempt": true, "third_party_hosting": true }
URL: http://gleapis.com
URL: https://cint.securiguard.cc/lp/js/main.js?v10... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript code appears to be a set of utility functions for handling cookies, URL parameters, and user identification. While it includes some potentially sensitive operations, such as setting cookies and generating unique user IDs, the overall behavior seems to be focused on common web development practices rather than any malicious intent. The code does not exhibit any high-risk indicators like dynamic code execution, data exfiltration, or redirects to suspicious domains. Some moderate-risk indicators, such as external data transmission and aggressive DOM manipulation, are present, but the context suggests these are likely for legitimate purposes like analytics and user tracking. Overall, the code appears to be a well-intentioned, if somewhat outdated, set of utility functions." }
function getCookie(name) { let namePart = name + '=', decodedCookie = decodeURIComponent(document.cookie), cookies = decodedCookie.split(';'); for(let index = 0; index < cookies.length; index++) { let cookie = cookies[index]; while (cookie.charAt(0) === ' ') { cookie = cookie.substring(1); } if (cookie.indexOf(namePart) === 0) { return cookie.substring(namePart.length, cookie.length); } } return null; } function setCookie(name, value, expireDays = 0, domain = '') { domain = domain ? domain : location.host; let expires = ''; if (expireDays) { let date = new Date(); date.setTime(date.getTime() + (expireDays * 24 * 60 * 60 * 1000)); expires = 'expires=' + date.toUTCString(); } document.cookie = name + '=' + value + ';domain=.' + domain + ';path=/;' + expires; } function getPOption(name, defaultValue = null) { if (window.poptions) { return window.poptions[name] ?? defaultValue; } return defaultValue; } function getParameterByName(name, defaultValue = null) { let parameter = getQueryParameterByName(name); if (parameter) { return parameter; } parameter = getPOption(name) ?? getCookie(name); return parameter ? parameter : defaultValue; } function getQueryParameterByName(name, url = window.location.href) { let urlObject = new URL(url), urlParameters = urlObject.searchParams; return urlParameters.has(name) ? decodeURIComponent(urlParameters.get(name)) : null; } function uidGenerate(length) { let result = '', characters = 'abcdefghijklmnopqrstuvwxyz', charactersLength = characters.length; for (let i = 0; i < length; i++) { result += characters.charAt(Math.floor(Math.random() * charactersLength)); } return result; } function uid() { let clickIdValue = clickId(); if (clickIdValue) { return clickIdValue; } let subIdValue = subId(); if (subIdValue) { return subIdValue; } let userId = getCookie('uid'); if (!userId) { userId = uidGenerate(8); setCookie('uid', userId); } return userId; } function clickId() { let clickIdValue = getParameterByName('clickid'); if (clickIdValue) { return clickIdValue; } clickIdValue = getParameterByName('click-id'); if (!clickIdValue) { return getParameterByName('click_id'); } return clickIdValue; } function subId() { let subIdValue = getParameterByName('subid'); if (subIdValue) { return subIdValue; } subIdValue = getParameterByName('sub-id'); if (!subIdValue) { return getParameterByName('sub_id'); } return subIdValue; } function executeOnReady(callback) { if (document.readyState !== 'loading') { callback(); } else { document.addEventListener('DOMContentLoaded', callback); } } function mixPanelInit() { let userId = uid(); mixpanel.init('9d1f06337c788fcd584725b02fc2e601', {debug: false, track_pageview: false, ignore_dnt: true}); mixpanel.register({distinct_id: userId, $user_id: userId}); mixpanel.identify(userId); } function mixPanelEvent(eventName, options = {}) { mixpanel.identify(uid()); mixpanel.people.set_once(options); mixpanel.track(eventName, options); } function yandexGoal(goalName) { if ('ym' in window) { ym(96921485, 'reachGoal', goalName); } } function downloadFromUrl(url) { let downloadIframe = document.querySelector('.download-kit-frame'); if (!downloadIframe) { downloadIframe = document.createElement('iframe'); downloadIframe.setAttribute('style', 'position:absolute;top:-9999px;left:-9999px;visibility:hidden;width:1px;height:1px;border:0;'); downloadIframe.classList.add('download-kit-frame'); document.body.appendChild(downloadIframe); } downloadI
URL: https://cint.securiguard.cc/?subid=90942988204&cid... Model: Joe Sandbox AI	{ "risk_score": 7, "reasoning": "This script demonstrates several high-risk behaviors, including data exfiltration, redirects to suspicious domains, and the use of obfuscated URLs. While some of the functionality may be intended for legitimate purposes, such as analytics or download tracking, the overall implementation raises significant security concerns." }
window.showDownloadedTimeout = null; window.taskVerification = true; window.verificationVariant = 1; window.recaptchaVerification = true; window.recaptchaVerified = false; window.hintVariant = 1; window.content = null; window.verificationMinDelay = 2; window.verificationProgress = 0; window.downloadProgress = 0; window.downloaded = false; function toggleDownloadStep(step) { let body = document.querySelector('body'); body.classList.toggle('download-step-1', step === 1); body.classList.toggle('download-step-2', step === 2); body.classList.toggle('download-step-3', step === 3); body.classList.toggle('download-step-4', step === 4); } function downloadUrl() { let downloadUrl = 'https://red.securiguard.cc/downloadproxy/intpgpage/@CLICK_ID@/?ext_name=SecuriGuard&cid=@CID@&tag=@OTID@&file=true'; downloadUrl = downloadUrl.replace('@CLICK_ID@', uid()); downloadUrl = downloadUrl.replace('@CID@', getParameterByName('cid', '')); downloadUrl = downloadUrl.replace('@OTID@', getParameterByName('otid', '')); return downloadUrl; } function triggerDownload() { download(downloadUrl()); } function triggerPixel() { let pixelUrl = 'https://7proof.com/app/fr?type=l1&dp1=' + uid() + '&score=9'; let img = document.createElement('img'); img.src = pixelUrl; img.style.position = 'absolute'; img.style.left = '-9999px'; document.body.appendChild(img); } function triggerPixelDownload() { let pixelUrl = 'https://7proof.com/app/fr?type=l10&dp1=' + uid() + '&score=9'; let img = document.createElement('img'); img.src = pixelUrl; img.style.position = 'absolute'; img.style.left = '-9999px'; document.body.appendChild(img); } function showOverlay() { let overlay = document.querySelector('[data-part="overlay"]'); overlay.addEventListener('click', () => overlay.classList.add('d-none')); overlay.classList.remove('d-none'); } function hideOverlay() { document.querySelector('[data-part="overlay"]').classList.add('d-none'); } function showPointer() { let overlay = document.querySelector('[data-part="overlay-pointer"]'); overlay.addEventListener('click', () => overlay.classList.add('d-none')); overlay.classList.remove('d-none'); } function showPointerArea() { let overlay = document.querySelector('[data-part="overlay-pointer-area"]'); overlay.addEventListener('click', () => overlay.classList.add('d-none')); overlay.classList.remove('d-none'); } function openDownloadedWindow() { showOverlay(); let screenWidth = window.innerWidth; let screenHeight = window.innerHeight; let topMargin = 60; let height = 400, width = 450, left = (Math.ceil((screenWidth - width)/2) + window.screenLeft), top = (Math.ceil((screenHeight - height)/2) + topMargin + window.screenTop); const popup = window.open('', 'Downloading Window', 'width=' + width + ',height=' + height + ',left=' + left + ',top=' + top + ',menubar=no,toolbar=no,location=no'); popup.document.write('\ <!DOCTYPE html>\ <html>\ <head>\ <title>Download File</title>\ <style>\ body {\ font-family: Arial, sans-serif;\ display: flex;\ flex-direction: column;\
URL: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Security Check", "prominent_button_name": "I'm a human", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": true, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Before we continue to download", "prominent_button_name": "I'm a human", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": true, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }
URL: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }
URL: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Before we continue to download", "prominent_button_name": "I'm a human", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": true, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }
URL: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Before we continue to download", "prominent_button_name": "I'm a human", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": true, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }
URL: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Security Check", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": true, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jan 6 13:33:01 2025, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.976881078367111
Encrypted:	false
SSDEEP:	48:8ydqTwkGHhidAKZdA1P4ehwiZUklqehBy+3:8P8LOuy
MD5:	02E6E8C3297B1DC835A56A07181FB9EC
SHA1:	2B26BC2B2308A1437774961469A60CDFA56E0C49
SHA-256:	7AE2EAD7783535E44D10B26075147ACBEB7C7A51EB25EC093FE1D708940FA654
SHA-512:	D8AB1A7D302BEE652A218C0BBF0B35AD9E901E54C60DA481DCF5BAD9EF149C3D19DD81844637B2457FCA1452775E4C034C20156E31D6BA44E6C0ACEBE96DAD55
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....IZ.G`....v'&... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW.I..PROGRA~1..t......O.I&Z.t....B...............J.....\...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V&Z.t....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.F..Chrome..>......CW.V&Z.t....M......................O..C.h.r.o.m.e.....`.1.....EW.F..APPLIC~1..H......CW.V&Z.t.............................A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.L .CHROME~1.EXE..R......CW.V&Z!t...........................).c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Q..e.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Jan 6, 2025 15:33:03.387119055 CET	192.168.2.9	1.1.1.1	0xc43d	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:03.387257099 CET	192.168.2.9	1.1.1.1	0xab0	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jan 6, 2025 15:33:04.437618017 CET	192.168.2.9	1.1.1.1	0x8a0d	Standard query (0)	gleapis.com	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:04.437747955 CET	192.168.2.9	1.1.1.1	0x36d2	Standard query (0)	gleapis.com	65	IN (0x0001)	false
Jan 6, 2025 15:33:05.662198067 CET	192.168.2.9	1.1.1.1	0x3d1f	Standard query (0)	andoree.com	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:05.662368059 CET	192.168.2.9	1.1.1.1	0xf84d	Standard query (0)	andoree.com	65	IN (0x0001)	false
Jan 6, 2025 15:33:06.921092987 CET	192.168.2.9	1.1.1.1	0xdd43	Standard query (0)	cint.securiguard.cc	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:06.921586990 CET	192.168.2.9	1.1.1.1	0x7229	Standard query (0)	cint.securiguard.cc	65	IN (0x0001)	false
Jan 6, 2025 15:33:07.638431072 CET	192.168.2.9	1.1.1.1	0x8417	Standard query (0)	cdnjs.cloudflare.com	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:07.639015913 CET	192.168.2.9	1.1.1.1	0x72b4	Standard query (0)	cdnjs.cloudflare.com	65	IN (0x0001)	false
Jan 6, 2025 15:33:08.220113039 CET	192.168.2.9	1.1.1.1	0x8fad	Standard query (0)	impr.securiguard.cc	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:08.220288038 CET	192.168.2.9	1.1.1.1	0x4a53	Standard query (0)	impr.securiguard.cc	65	IN (0x0001)	false
Jan 6, 2025 15:33:08.225987911 CET	192.168.2.9	1.1.1.1	0xa1ed	Standard query (0)	cint.securiguard.cc	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:08.226155996 CET	192.168.2.9	1.1.1.1	0x5991	Standard query (0)	cint.securiguard.cc	65	IN (0x0001)	false
Jan 6, 2025 15:33:08.803452969 CET	192.168.2.9	1.1.1.1	0x3c44	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:08.803639889 CET	192.168.2.9	1.1.1.1	0xfdd3	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jan 6, 2025 15:33:08.956336975 CET	192.168.2.9	1.1.1.1	0x9790	Standard query (0)	impr.securiguard.cc	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:08.956605911 CET	192.168.2.9	1.1.1.1	0x75b1	Standard query (0)	impr.securiguard.cc	65	IN (0x0001)	false
Jan 6, 2025 15:33:09.610336065 CET	192.168.2.9	1.1.1.1	0x259b	Standard query (0)	cdnjs.cloudflare.com	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:09.610707998 CET	192.168.2.9	1.1.1.1	0xb1be	Standard query (0)	cdnjs.cloudflare.com	65	IN (0x0001)	false
Jan 6, 2025 15:33:09.742213964 CET	192.168.2.9	1.1.1.1	0x642c	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:09.742393970 CET	192.168.2.9	1.1.1.1	0xf930	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jan 6, 2025 15:33:10.196993113 CET	192.168.2.9	1.1.1.1	0xc192	Standard query (0)	mc.yandex.ru	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:10.197288990 CET	192.168.2.9	1.1.1.1	0x3f41	Standard query (0)	mc.yandex.ru	65	IN (0x0001)	false
Jan 6, 2025 15:33:10.200284958 CET	192.168.2.9	1.1.1.1	0xc351	Standard query (0)	cdn.mxpnl.com	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:10.200607061 CET	192.168.2.9	1.1.1.1	0x95c	Standard query (0)	cdn.mxpnl.com	65	IN (0x0001)	false
Jan 6, 2025 15:33:10.286864996 CET	192.168.2.9	1.1.1.1	0x8a31	Standard query (0)	7proof.com	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:10.287020922 CET	192.168.2.9	1.1.1.1	0x4f1c	Standard query (0)	7proof.com	65	IN (0x0001)	false
Jan 6, 2025 15:33:10.883120060 CET	192.168.2.9	1.1.1.1	0x473d	Standard query (0)	cdn.mxpnl.com	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:10.883120060 CET	192.168.2.9	1.1.1.1	0xb4d	Standard query (0)	cdn.mxpnl.com	65	IN (0x0001)	false
Jan 6, 2025 15:33:11.239602089 CET	192.168.2.9	1.1.1.1	0xddd5	Standard query (0)	7proof.com	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:11.239602089 CET	192.168.2.9	1.1.1.1	0x7a2f	Standard query (0)	7proof.com	65	IN (0x0001)	false
Jan 6, 2025 15:33:11.907702923 CET	192.168.2.9	1.1.1.1	0x41ae	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:11.907834053 CET	192.168.2.9	1.1.1.1	0x1900	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jan 6, 2025 15:33:11.972898006 CET	192.168.2.9	1.1.1.1	0x42bb	Standard query (0)	mc.yandex.com	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:11.973659039 CET	192.168.2.9	1.1.1.1	0x53a	Standard query (0)	mc.yandex.com	65	IN (0x0001)	false
Jan 6, 2025 15:33:12.203840017 CET	192.168.2.9	1.1.1.1	0xcf0a	Standard query (0)	mc.yandex.ru	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:12.204005003 CET	192.168.2.9	1.1.1.1	0x1884	Standard query (0)	mc.yandex.ru	65	IN (0x0001)	false
Jan 6, 2025 15:33:12.300520897 CET	192.168.2.9	1.1.1.1	0x1b79	Standard query (0)	mc.yandex.com	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:12.300520897 CET	192.168.2.9	1.1.1.1	0xc8e2	Standard query (0)	mc.yandex.com	65	IN (0x0001)	false
Jan 6, 2025 15:33:13.259016037 CET	192.168.2.9	1.1.1.1	0x766d	Standard query (0)	mc.yandex.com	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:13.259171963 CET	192.168.2.9	1.1.1.1	0x5545	Standard query (0)	mc.yandex.com	65	IN (0x0001)	false
Jan 6, 2025 15:33:15.984817982 CET	192.168.2.9	1.1.1.1	0x8780	Standard query (0)	api-js.mixpanel.com	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:15.984973907 CET	192.168.2.9	1.1.1.1	0xa89f	Standard query (0)	api-js.mixpanel.com	65	IN (0x0001)	false
Jan 6, 2025 15:33:16.670382977 CET	192.168.2.9	1.1.1.1	0x666d	Standard query (0)	api-js.mixpanel.com	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:16.670665979 CET	192.168.2.9	1.1.1.1	0x8268	Standard query (0)	api-js.mixpanel.com	65	IN (0x0001)	false
Jan 6, 2025 15:33:27.160682917 CET	192.168.2.9	1.1.1.1	0xf84f	Standard query (0)	red.securiguard.cc	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:27.160871983 CET	192.168.2.9	1.1.1.1	0x7978	Standard query (0)	red.securiguard.cc	65	IN (0x0001)	false
Jan 6, 2025 15:33:27.850419044 CET	192.168.2.9	1.1.1.1	0x7992	Standard query (0)	file.securiguard.cc	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:27.850589991 CET	192.168.2.9	1.1.1.1	0x7e53	Standard query (0)	file.securiguard.cc	65	IN (0x0001)	false
Jan 6, 2025 15:34:12.092956066 CET	192.168.2.9	1.1.1.1	0x8667	Standard query (0)	mc.yandex.com	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:34:12.093291044 CET	192.168.2.9	1.1.1.1	0x5c6a	Standard query (0)	mc.yandex.com	65	IN (0x0001)	false
Jan 6, 2025 15:34:14.991600990 CET	192.168.2.9	1.1.1.1	0xebbf	Standard query (0)	mc.yandex.com	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:34:14.991727114 CET	192.168.2.9	1.1.1.1	0x4b80	Standard query (0)	mc.yandex.com	65	IN (0x0001)	false

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Jan 6, 2025 15:33:03.393783092 CET	1.1.1.1	192.168.2.9	0xc43d	No error (0)	www.google.com		142.250.185.228	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:03.394609928 CET	1.1.1.1	192.168.2.9	0xab0	No error (0)	www.google.com			65	IN (0x0001)	false
Jan 6, 2025 15:33:04.510226965 CET	1.1.1.1	192.168.2.9	0x8a0d	No error (0)	gleapis.com		94.229.72.125	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:05.694889069 CET	1.1.1.1	192.168.2.9	0xf84d	No error (0)	andoree.com			65	IN (0x0001)	false
Jan 6, 2025 15:33:05.716392994 CET	1.1.1.1	192.168.2.9	0x3d1f	No error (0)	andoree.com		104.21.80.249	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:05.716392994 CET	1.1.1.1	192.168.2.9	0x3d1f	No error (0)	andoree.com		172.67.136.85	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:06.937267065 CET	1.1.1.1	192.168.2.9	0xdd43	No error (0)	cint.securiguard.cc		206.189.225.178	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:07.645109892 CET	1.1.1.1	192.168.2.9	0x8417	No error (0)	cdnjs.cloudflare.com		104.17.25.14	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:07.645109892 CET	1.1.1.1	192.168.2.9	0x8417	No error (0)	cdnjs.cloudflare.com		104.17.24.14	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:07.645879984 CET	1.1.1.1	192.168.2.9	0x72b4	No error (0)	cdnjs.cloudflare.com			65	IN (0x0001)	false
Jan 6, 2025 15:33:08.233417034 CET	1.1.1.1	192.168.2.9	0x4a53	No error (0)	impr.securiguard.cc	animate-utahraptor-352svyxp7jrptr7oxot7gzg1.herokudns.com		CNAME (Canonical name)	IN (0x0001)	false
Jan 6, 2025 15:33:08.237199068 CET	1.1.1.1	192.168.2.9	0xa1ed	No error (0)	cint.securiguard.cc		206.189.225.178	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:08.238708973 CET	1.1.1.1	192.168.2.9	0x8fad	No error (0)	impr.securiguard.cc	animate-utahraptor-352svyxp7jrptr7oxot7gzg1.herokudns.com		CNAME (Canonical name)	IN (0x0001)	false
Jan 6, 2025 15:33:08.238708973 CET	1.1.1.1	192.168.2.9	0x8fad	No error (0)	animate-utahraptor-352svyxp7jrptr7oxot7gzg1.herokudns.com		3.33.148.61	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:08.238708973 CET	1.1.1.1	192.168.2.9	0x8fad	No error (0)	animate-utahraptor-352svyxp7jrptr7oxot7gzg1.herokudns.com		13.248.144.105	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:08.238708973 CET	1.1.1.1	192.168.2.9	0x8fad	No error (0)	animate-utahraptor-352svyxp7jrptr7oxot7gzg1.herokudns.com		13.248.241.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:08.238708973 CET	1.1.1.1	192.168.2.9	0x8fad	No error (0)	animate-utahraptor-352svyxp7jrptr7oxot7gzg1.herokudns.com		35.71.131.46	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:08.810085058 CET	1.1.1.1	192.168.2.9	0x3c44	No error (0)	www.google.com		142.250.186.132	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:08.810468912 CET	1.1.1.1	192.168.2.9	0xfdd3	No error (0)	www.google.com			65	IN (0x0001)	false
Jan 6, 2025 15:33:08.963274956 CET	1.1.1.1	192.168.2.9	0x9790	No error (0)	impr.securiguard.cc	animate-utahraptor-352svyxp7jrptr7oxot7gzg1.herokudns.com		CNAME (Canonical name)	IN (0x0001)	false
Jan 6, 2025 15:33:08.963274956 CET	1.1.1.1	192.168.2.9	0x9790	No error (0)	animate-utahraptor-352svyxp7jrptr7oxot7gzg1.herokudns.com		13.248.241.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:08.963274956 CET	1.1.1.1	192.168.2.9	0x9790	No error (0)	animate-utahraptor-352svyxp7jrptr7oxot7gzg1.herokudns.com		35.71.131.46	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:08.963274956 CET	1.1.1.1	192.168.2.9	0x9790	No error (0)	animate-utahraptor-352svyxp7jrptr7oxot7gzg1.herokudns.com		3.33.148.61	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:08.963274956 CET	1.1.1.1	192.168.2.9	0x9790	No error (0)	animate-utahraptor-352svyxp7jrptr7oxot7gzg1.herokudns.com		13.248.144.105	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:08.975625038 CET	1.1.1.1	192.168.2.9	0x75b1	No error (0)	impr.securiguard.cc	animate-utahraptor-352svyxp7jrptr7oxot7gzg1.herokudns.com		CNAME (Canonical name)	IN (0x0001)	false
Jan 6, 2025 15:33:09.617063999 CET	1.1.1.1	192.168.2.9	0x259b	No error (0)	cdnjs.cloudflare.com		104.17.24.14	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:09.617063999 CET	1.1.1.1	192.168.2.9	0x259b	No error (0)	cdnjs.cloudflare.com		104.17.25.14	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:09.617531061 CET	1.1.1.1	192.168.2.9	0xb1be	No error (0)	cdnjs.cloudflare.com			65	IN (0x0001)	false
Jan 6, 2025 15:33:09.749142885 CET	1.1.1.1	192.168.2.9	0x642c	No error (0)	www.google.com		216.58.206.68	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:09.749170065 CET	1.1.1.1	192.168.2.9	0xf930	No error (0)	www.google.com			65	IN (0x0001)	false
Jan 6, 2025 15:33:10.204471111 CET	1.1.1.1	192.168.2.9	0xc192	No error (0)	mc.yandex.ru		93.158.134.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:10.204471111 CET	1.1.1.1	192.168.2.9	0xc192	No error (0)	mc.yandex.ru		77.88.21.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:10.204471111 CET	1.1.1.1	192.168.2.9	0xc192	No error (0)	mc.yandex.ru		87.250.251.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:10.204471111 CET	1.1.1.1	192.168.2.9	0xc192	No error (0)	mc.yandex.ru		87.250.250.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:10.206758022 CET	1.1.1.1	192.168.2.9	0xc351	No error (0)	cdn.mxpnl.com		130.211.5.208	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:10.206758022 CET	1.1.1.1	192.168.2.9	0xc351	No error (0)	cdn.mxpnl.com		35.186.235.23	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:10.303721905 CET	1.1.1.1	192.168.2.9	0x8a31	No error (0)	7proof.com		52.116.53.155	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:10.890182018 CET	1.1.1.1	192.168.2.9	0x473d	No error (0)	cdn.mxpnl.com		130.211.5.208	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:10.890182018 CET	1.1.1.1	192.168.2.9	0x473d	No error (0)	cdn.mxpnl.com		35.186.235.23	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:11.253407955 CET	1.1.1.1	192.168.2.9	0xddd5	No error (0)	7proof.com		52.116.53.155	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:11.914603949 CET	1.1.1.1	192.168.2.9	0x41ae	No error (0)	www.google.com		142.250.186.164	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:11.914625883 CET	1.1.1.1	192.168.2.9	0x1900	No error (0)	www.google.com			65	IN (0x0001)	false
Jan 6, 2025 15:33:11.979645967 CET	1.1.1.1	192.168.2.9	0x42bb	No error (0)	mc.yandex.com	mc.yandex.ru		CNAME (Canonical name)	IN (0x0001)	false
Jan 6, 2025 15:33:11.979645967 CET	1.1.1.1	192.168.2.9	0x42bb	No error (0)	mc.yandex.ru		87.250.251.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:11.979645967 CET	1.1.1.1	192.168.2.9	0x42bb	No error (0)	mc.yandex.ru		77.88.21.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:11.979645967 CET	1.1.1.1	192.168.2.9	0x42bb	No error (0)	mc.yandex.ru		93.158.134.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:11.979645967 CET	1.1.1.1	192.168.2.9	0x42bb	No error (0)	mc.yandex.ru		87.250.250.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:11.980501890 CET	1.1.1.1	192.168.2.9	0x53a	No error (0)	mc.yandex.com	mc.yandex.ru		CNAME (Canonical name)	IN (0x0001)	false
Jan 6, 2025 15:33:12.211507082 CET	1.1.1.1	192.168.2.9	0xcf0a	No error (0)	mc.yandex.ru		87.250.251.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:12.211507082 CET	1.1.1.1	192.168.2.9	0xcf0a	No error (0)	mc.yandex.ru		87.250.250.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:12.211507082 CET	1.1.1.1	192.168.2.9	0xcf0a	No error (0)	mc.yandex.ru		77.88.21.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:12.211507082 CET	1.1.1.1	192.168.2.9	0xcf0a	No error (0)	mc.yandex.ru		93.158.134.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:12.307320118 CET	1.1.1.1	192.168.2.9	0x1b79	No error (0)	mc.yandex.com	mc.yandex.ru		CNAME (Canonical name)	IN (0x0001)	false
Jan 6, 2025 15:33:12.307320118 CET	1.1.1.1	192.168.2.9	0x1b79	No error (0)	mc.yandex.ru		87.250.251.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:12.307320118 CET	1.1.1.1	192.168.2.9	0x1b79	No error (0)	mc.yandex.ru		87.250.250.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:12.307320118 CET	1.1.1.1	192.168.2.9	0x1b79	No error (0)	mc.yandex.ru		93.158.134.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:12.307320118 CET	1.1.1.1	192.168.2.9	0x1b79	No error (0)	mc.yandex.ru		77.88.21.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:12.307405949 CET	1.1.1.1	192.168.2.9	0xc8e2	No error (0)	mc.yandex.com	mc.yandex.ru		CNAME (Canonical name)	IN (0x0001)	false
Jan 6, 2025 15:33:13.265573025 CET	1.1.1.1	192.168.2.9	0x766d	No error (0)	mc.yandex.com	mc.yandex.ru		CNAME (Canonical name)	IN (0x0001)	false
Jan 6, 2025 15:33:13.265573025 CET	1.1.1.1	192.168.2.9	0x766d	No error (0)	mc.yandex.ru		87.250.251.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:13.265573025 CET	1.1.1.1	192.168.2.9	0x766d	No error (0)	mc.yandex.ru		93.158.134.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:13.265573025 CET	1.1.1.1	192.168.2.9	0x766d	No error (0)	mc.yandex.ru		87.250.250.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:13.265573025 CET	1.1.1.1	192.168.2.9	0x766d	No error (0)	mc.yandex.ru		77.88.21.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:13.266185045 CET	1.1.1.1	192.168.2.9	0x5545	No error (0)	mc.yandex.com	mc.yandex.ru		CNAME (Canonical name)	IN (0x0001)	false
Jan 6, 2025 15:33:15.992130995 CET	1.1.1.1	192.168.2.9	0x8780	No error (0)	api-js.mixpanel.com		35.190.25.25	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:15.992130995 CET	1.1.1.1	192.168.2.9	0x8780	No error (0)	api-js.mixpanel.com		35.186.241.51	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:15.992130995 CET	1.1.1.1	192.168.2.9	0x8780	No error (0)	api-js.mixpanel.com		130.211.34.183	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:15.992130995 CET	1.1.1.1	192.168.2.9	0x8780	No error (0)	api-js.mixpanel.com		107.178.240.159	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:16.678654909 CET	1.1.1.1	192.168.2.9	0x666d	No error (0)	api-js.mixpanel.com		35.186.241.51	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:16.678654909 CET	1.1.1.1	192.168.2.9	0x666d	No error (0)	api-js.mixpanel.com		107.178.240.159	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:16.678654909 CET	1.1.1.1	192.168.2.9	0x666d	No error (0)	api-js.mixpanel.com		35.190.25.25	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:16.678654909 CET	1.1.1.1	192.168.2.9	0x666d	No error (0)	api-js.mixpanel.com		130.211.34.183	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:27.174478054 CET	1.1.1.1	192.168.2.9	0xf84f	No error (0)	red.securiguard.cc	fitted-chickpea-93d5aunl151c7yze17jzeqxz.herokudns.com		CNAME (Canonical name)	IN (0x0001)	false
Jan 6, 2025 15:33:27.174478054 CET	1.1.1.1	192.168.2.9	0xf84f	No error (0)	fitted-chickpea-93d5aunl151c7yze17jzeqxz.herokudns.com		3.33.148.61	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:27.174478054 CET	1.1.1.1	192.168.2.9	0xf84f	No error (0)	fitted-chickpea-93d5aunl151c7yze17jzeqxz.herokudns.com		13.248.144.105	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:27.174478054 CET	1.1.1.1	192.168.2.9	0xf84f	No error (0)	fitted-chickpea-93d5aunl151c7yze17jzeqxz.herokudns.com		13.248.241.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:27.174478054 CET	1.1.1.1	192.168.2.9	0xf84f	No error (0)	fitted-chickpea-93d5aunl151c7yze17jzeqxz.herokudns.com		35.71.131.46	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:27.183228970 CET	1.1.1.1	192.168.2.9	0x7978	No error (0)	red.securiguard.cc	fitted-chickpea-93d5aunl151c7yze17jzeqxz.herokudns.com		CNAME (Canonical name)	IN (0x0001)	false
Jan 6, 2025 15:33:27.870542049 CET	1.1.1.1	192.168.2.9	0x7992	No error (0)	file.securiguard.cc	dp18jteuf0suj.cloudfront.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 6, 2025 15:33:27.870542049 CET	1.1.1.1	192.168.2.9	0x7992	No error (0)	dp18jteuf0suj.cloudfront.net		18.66.147.39	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:27.870542049 CET	1.1.1.1	192.168.2.9	0x7992	No error (0)	dp18jteuf0suj.cloudfront.net		18.66.147.19	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:27.870542049 CET	1.1.1.1	192.168.2.9	0x7992	No error (0)	dp18jteuf0suj.cloudfront.net		18.66.147.25	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:27.870542049 CET	1.1.1.1	192.168.2.9	0x7992	No error (0)	dp18jteuf0suj.cloudfront.net		18.66.147.85	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:33:27.878936052 CET	1.1.1.1	192.168.2.9	0x7e53	No error (0)	file.securiguard.cc	dp18jteuf0suj.cloudfront.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 6, 2025 15:34:12.099591017 CET	1.1.1.1	192.168.2.9	0x8667	No error (0)	mc.yandex.com	mc.yandex.ru		CNAME (Canonical name)	IN (0x0001)	false
Jan 6, 2025 15:34:12.099591017 CET	1.1.1.1	192.168.2.9	0x8667	No error (0)	mc.yandex.ru		93.158.134.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:34:12.099591017 CET	1.1.1.1	192.168.2.9	0x8667	No error (0)	mc.yandex.ru		87.250.250.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:34:12.099591017 CET	1.1.1.1	192.168.2.9	0x8667	No error (0)	mc.yandex.ru		87.250.251.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:34:12.099591017 CET	1.1.1.1	192.168.2.9	0x8667	No error (0)	mc.yandex.ru		77.88.21.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:34:12.099931955 CET	1.1.1.1	192.168.2.9	0x5c6a	No error (0)	mc.yandex.com	mc.yandex.ru		CNAME (Canonical name)	IN (0x0001)	false
Jan 6, 2025 15:34:14.998328924 CET	1.1.1.1	192.168.2.9	0xebbf	No error (0)	mc.yandex.com	mc.yandex.ru		CNAME (Canonical name)	IN (0x0001)	false
Jan 6, 2025 15:34:14.998328924 CET	1.1.1.1	192.168.2.9	0xebbf	No error (0)	mc.yandex.ru		93.158.134.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:34:14.998328924 CET	1.1.1.1	192.168.2.9	0xebbf	No error (0)	mc.yandex.ru		87.250.250.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:34:14.998328924 CET	1.1.1.1	192.168.2.9	0xebbf	No error (0)	mc.yandex.ru		87.250.251.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:34:14.998328924 CET	1.1.1.1	192.168.2.9	0xebbf	No error (0)	mc.yandex.ru		77.88.21.119	A (IP address)	IN (0x0001)	false
Jan 6, 2025 15:34:14.998356104 CET	1.1.1.1	192.168.2.9	0x4b80	No error (0)	mc.yandex.com	mc.yandex.ru		CNAME (Canonical name)	IN (0x0001)	false

Timestamp	Bytes transferred	Direction	Data
Jan 6, 2025 15:33:04.516902924 CET	426	OUT	GET / HTTP/1.1 Host: gleapis.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 6, 2025 15:33:05.658668041 CET	1236	IN	HTTP/1.1 302 Found cache-control: max-age=0, private, must-revalidate connection: close content-length: 11 date: Mon, 06 Jan 2025 14:33:05 GMT location: https://andoree.com/aS/feedclick?s=pQ5DI472BJ6CC1JPcX589HYx7yoEOjrxfSMU3tyux_z96E0CoBhqM6LP-aljHpXLSF-z0hVrtQYmbF8uElIcuTcfW0ZYUoCrGOo-gB3eQlf5d62wLB_4bQ1UXFiBrxv0qzWLdEVI7Ombifo0Skp9Lf2y6AMrdDwUgMO6K_1h2e6eTb6pYnOT5az6lMWcoIuGvBUyZwfN9FUmFsWfUcb_y0xrrgxny4aKAk34BNBiMT4SG3kCQMAW3LIIw217mC2oyRI-FndcvcEoqiL7mkaeKz_CGU2KM8A_NhU-mejR2-N_82_CGaQZ2jTpOugtfas8rzMuacikk0UEA52E0dIT02_6fP3G23SqMmI8cZkXjXPd-eT3EP1VIM0lvaEtRFzeTQBUfhbmIg2Sl9DwRfUQi_pX4AR9NYDVPP4Mh2T4f-_US0yMq-H0dOD6ECDkaURiFGq24t6kLi9kmpkFkUOqMA-ayXlrD0Xjg802LiRW7o0VC4DY9Kmh37baOt94Qi8a7mYdKiWU3z9H-3uz5Zt3HaJbzIrK5N9EmlDaB7tSj71nxBZbuPpufgYxIEoB2FTxDZW6g141J0FUMOCtRPh07PhXmretIozc1AbS0PSXZp0Vx7N5t9vxBGk_cvFOjY7Csy3CjqQFwkigghTOFvPChPFVMy4cSL-YQ_kHyAjmZhks2WYdzATN7ZbFu0rDj85oOFubxSgbeICVBQkFZKDlF4xpmHv3wgcI--etJI-IUvlgKhrL34NxYJbkm--QRf2gnufdqcAe9DFHUVgE-cuaYC7DCLYeRl_sr5IrQUlaoG-aP9Cvqy-dwlnzSJGjFQP_Xjae4xN1vFN0UuwFJsoiR__RU_60-5rpVJ4DA4-UgjQrDlU0U4J5AK97mi6qC6WK6PDw8CmGicUb79SpVfB3-0PsGry9FNKZH3uQ_C8dteQZnk547BHwUzDffQpdJWdEWoMoQg0m5G6tUmchbIG [TRUNCATED] Data Raw: Data Ascii:
Jan 6, 2025 15:33:05.658706903 CET	224	IN	Data Raw: 36 50 76 6e 44 63 66 71 7a 6a 4d 5f 32 41 67 64 32 31 6f 7a 4f 43 45 2d 52 30 47 54 59 77 62 6b 4e 71 51 49 38 49 45 78 71 4d 53 38 35 46 57 33 6a 50 4a 54 73 79 35 34 53 37 54 46 71 5f 30 43 47 63 39 69 35 62 6a 65 72 37 77 4c 42 46 72 4e 64 6c Data Ascii: 6PvnDcfqzjM_2Agd21ozOCE-R0GTYwbkNqQI8IExqMS85FW3jPJTsy54S7TFq_0CGc9i5bjer7wLBFrNdlrqLQkynDW41xujob36AaSXeBeUGWmPEz9HLu8OHMS0o9IV2HeeHT4ZeS0e_80K-WP4iLJeNKGgpUYstUGM9H5WSHa2urvGlapXzbHzcFqCGuLWs39zolWIUS4GZuSJ6rEklaF6euGphWWk
Jan 6, 2025 15:33:05.658718109 CET	569	IN	Data Raw: 78 58 77 52 38 6b 31 32 38 6e 55 44 65 54 53 74 6b 7a 71 38 30 56 50 45 6e 35 75 6d 71 72 6e 58 50 57 31 69 53 68 5f 57 72 64 58 62 4f 62 64 62 5f 76 6f 53 36 6a 4a 39 68 53 65 4d 48 53 72 33 7a 65 41 63 68 50 50 2d 71 68 72 35 64 7a 6d 32 53 2d Data Ascii: xXwR8k128nUDeTStkzq80VPEn5umqrnXPW1iSh_WrdXbObdb_voS6jJ9hSeMHSr3zeAchPP-qhr5dzm2S-Bpn94vwF81yXuWQ3A0tavoHnhgBhjKAsQGoGjBGOpJa06eopZwrG0QCl_jQD7S14eutFZ7ilpbsz6HFN36o2sRTW35cOiHTSKvqDxFdFTI807aT3OdEbFvuRrPFtQ1szdHspx_AEaoMWyNkcnuREkaPEmFu-_7Pwa

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:06 UTC	2323	OUT	GET /aS/feedclick?s=pQ5DI472BJ6CC1JPcX589HYx7yoEOjrxfSMU3tyux_z96E0CoBhqM6LP-aljHpXLSF-z0hVrtQYmbF8uElIcuTcfW0ZYUoCrGOo-gB3eQlf5d62wLB_4bQ1UXFiBrxv0qzWLdEVI7Ombifo0Skp9Lf2y6AMrdDwUgMO6K_1h2e6eTb6pYnOT5az6lMWcoIuGvBUyZwfN9FUmFsWfUcb_y0xrrgxny4aKAk34BNBiMT4SG3kCQMAW3LIIw217mC2oyRI-FndcvcEoqiL7mkaeKz_CGU2KM8A_NhU-mejR2-N_82_CGaQZ2jTpOugtfas8rzMuacikk0UEA52E0dIT02_6fP3G23SqMmI8cZkXjXPd-eT3EP1VIM0lvaEtRFzeTQBUfhbmIg2Sl9DwRfUQi_pX4AR9NYDVPP4Mh2T4f-_US0yMq-H0dOD6ECDkaURiFGq24t6kLi9kmpkFkUOqMA-ayXlrD0Xjg802LiRW7o0VC4DY9Kmh37baOt94Qi8a7mYdKiWU3z9H-3uz5Zt3HaJbzIrK5N9EmlDaB7tSj71nxBZbuPpufgYxIEoB2FTxDZW6g141J0FUMOCtRPh07PhXmretIozc1AbS0PSXZp0Vx7N5t9vxBGk_cvFOjY7Csy3CjqQFwkigghTOFvPChPFVMy4cSL-YQ_kHyAjmZhks2WYdzATN7ZbFu0rDj85oOFubxSgbeICVBQkFZKDlF4xpmHv3wgcI--etJI-IUvlgKhrL34NxYJbkm--QRf2gnufdqcAe9DFHUVgE-cuaYC7DCLYeRl_sr5IrQUlaoG-aP9Cvqy-dwlnzSJGjFQP_Xjae4xN1vFN0UuwFJsoiR__RU_60-5rpVJ4DA4-UgjQrDlU0U4J5AK97mi6qC6WK6PDw8CmGicUb79SpVfB3-0PsGry9FNKZH3uQ_C8dteQZnk547BHwUzDffQpdJWdEWoMoQg0m5G6tUmchbIGtcmlGz77benHrl1PLjlY-5aF0 [TRUNCATED] Host: andoree.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-06 14:33:06 UTC	1106	IN	HTTP/1.1 302 Date: Mon, 06 Jan 2025 14:33:06 GMT Content-Length: 0 Connection: close Set-Cookie: rhid=83870246146; Max-Age=15552000; Expires=Sat, 05 Jul 2025 14:33:06 GMT; Path=/; SameSite=None; secure; Set-Cookie: efd=570542524; Max-Age=30; Expires=Mon, 06 Jan 2025 14:33:36 GMT; Path=/; SameSite=None; secure; Location: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e cf-cache-status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KyoJFIfFVUN4I2seOnNqeD16CrfWY3mgbgaQ7nDNuGL9wOTJtW95OCcczedDQvas8PgFok180KIPfnCWM%2BqPS9FfP%2B2WI1%2BLQ7VOlrYcDhNTLh40zq6mMllYLj4ZfQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8fdc6bd91a7342ce-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1583&min_rtt=1582&rtt_var=595&sent=5&recv=9&lost=0&retrans=0&sent_bytes=2825&recv_bytes=2923&delivery_rate=1836477&cwnd=233&unsent_bytes=0&cid=0c0f4f3ff07e0838&ts=261&x=0"

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:07 UTC	764	OUT	GET /?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e HTTP/1.1 Host: cint.securiguard.cc Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-06 14:33:07 UTC	474	IN	HTTP/1.1 200 OK Server: nginx Date: Mon, 06 Jan 2025 14:33:07 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding X-Powered-By: PHP/8.0.30 Set-Cookie: tst=%7B%2224%22%3A%22A%22%7D; expires=Wed, 05-Feb-2025 14:33:07 GMT; Max-Age=2592000; path=/ Set-Cookie: ggr=A; path=/ Set-Cookie: gid=24; path=/ Set-Cookie: tst=%7B%2224%22%3A%22A%22%7D; expires=Wed, 05-Feb-2025 14:33:07 GMT; Max-Age=2592000; path=/
2025-01-06 14:33:07 UTC	15910	IN	Data Raw: 31 65 61 39 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 0a 20 20 20 20 20 20 20 20 20 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f Data Ascii: 1ea9<!doctype html><html lang="en"><head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0"> <meta http-equiv="X-UA-Compatible" co
2025-01-06 14:33:07 UTC	16384	IN	Data Raw: 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6f 76 65 72 6c 61 79 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 63 6c 69 63 6b 27 2c 20 28 29 20 3d 3e 20 6f 76 65 72 6c 61 79 2e 63 6c 61 73 73 4c 69 73 74 2e 61 64 64 28 27 64 2d 6e 6f 6e 65 27 29 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6f 76 65 72 6c 61 79 2e 63 6c 61 73 73 4c 69 73 74 2e 72 65 6d 6f 76 65 28 27 64 2d 6e 6f 6e 65 27 29 3b 0a 20 0d 0a 34 35 31 31 0d 0a 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 73 68 6f 77 50 6f 69 6e 74 65 72 41 72 65 61 28 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 65 74 20 6f 76 65 72 6c 61 79 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 27 5b 64 61 74 61 2d 70 61 72 74 3d 22 6f Data Ascii: ; overlay.addEventListener('click', () => overlay.classList.add('d-none')); overlay.classList.remove('d-none'); 4511 } function showPointerArea() { let overlay = document.querySelector('[data-part="o
2025-01-06 14:33:07 UTC	1449	IN	Data Raw: 6f 74 69 64 27 2c 20 6e 75 6c 6c 29 3b 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 21 6f 54 69 64 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6f 54 69 64 20 3d 20 67 65 74 50 61 72 61 6d 65 74 65 72 42 79 4e 61 6d 65 28 27 63 69 64 27 2c 20 27 27 29 20 2b 20 27 5f 27 20 2b 20 28 6e 65 77 20 44 61 74 65 28 29 2e 74 6f 49 53 4f 53 74 72 69 6e 67 28 29 2e 73 6c 69 63 65 28 30 2c 20 31 30 29 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 73 65 74 43 6f 6f 6b 69 65 28 27 6f 74 69 64 27 2c 20 6f 54 69 64 2c 20 30 2c 20 77 69 6e 64 6f 77 2e 72 6f 6f 74 44 6f 6d 61 69 6e 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 69 72 65 45 76 65 6e 74 28 27 70 61 67 65 5f 6c 6f 61 64 27 2c 20 Data Ascii: otid', null); if (!oTid) { oTid = getParameterByName('cid', '') + '_' + (new Date().toISOString().slice(0, 10)); setCookie('otid', oTid, 0, window.rootDomain); } fireEvent('page_load',

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:08 UTC	734	OUT	GET /private-search/fourth/styles/style.css?v15 HTTP/1.1 Host: cint.securiguard.cc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24
2025-01-06 14:33:08 UTC	251	IN	HTTP/1.1 200 OK Server: nginx Date: Mon, 06 Jan 2025 14:33:08 GMT Content-Type: text/css Content-Length: 13221 Last-Modified: Fri, 29 Nov 2024 10:17:06 GMT Connection: close Vary: Accept-Encoding ETag: "674994a2-33a5" Accept-Ranges: bytes
2025-01-06 14:33:08 UTC	13221	IN	Data Raw: 40 69 6d 70 6f 72 74 20 22 72 65 62 6f 6f 74 2e 63 73 73 22 3b 0a 0a 68 74 6d 6c 20 7b 0a 20 20 20 20 73 63 72 6f 6c 6c 2d 62 65 68 61 76 69 6f 72 3a 20 73 6d 6f 6f 74 68 3b 0a 20 20 20 20 6f 76 65 72 66 6c 6f 77 2d 78 3a 20 68 69 64 64 65 6e 3b 0a 7d 0a 0a 2a 20 7b 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 62 6f 78 2d 73 69 7a 69 6e 67 3a 20 62 6f 72 64 65 72 2d 62 6f 78 3b 0a 7d 0a 0a 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 49 6e 74 65 72 27 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 36 70 78 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 Data Ascii: @import "reboot.css";html { scroll-behavior: smooth; overflow-x: hidden;}* { padding: 0; margin: 0; box-sizing: border-box;}body { font-family: 'Inter', sans-serif; font-size: 16px; font-weight: 400; line-height

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:08 UTC	742	OUT	GET /private-search/fourth/styles/security-check.css?v4 HTTP/1.1 Host: cint.securiguard.cc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24
2025-01-06 14:33:08 UTC	250	IN	HTTP/1.1 200 OK Server: nginx Date: Mon, 06 Jan 2025 14:33:08 GMT Content-Type: text/css Content-Length: 5662 Last-Modified: Fri, 29 Nov 2024 10:17:06 GMT Connection: close Vary: Accept-Encoding ETag: "674994a2-161e" Accept-Ranges: bytes
2025-01-06 14:33:08 UTC	5662	IN	Data Raw: 2e 62 6f 72 64 65 72 2d 61 6e 69 6d 61 74 65 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 39 30 64 65 67 2c 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 35 30 29 20 35 30 25 2c 20 74 72 61 6e 73 70 61 72 65 6e 74 20 35 30 25 29 2c 0a 20 20 20 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 39 30 64 65 67 2c 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 35 30 29 20 35 30 25 2c 20 74 72 61 6e 73 70 61 72 65 6e 74 20 35 30 25 29 2c 0a 20 20 20 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 30 64 65 67 2c 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 35 30 29 20 35 30 25 2c 20 74 72 61 6e 73 70 61 72 65 6e 74 20 35 30 25 29 2c 0a 20 20 20 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 Data Ascii: .border-animate { background: linear-gradient(90deg, rgba(0, 0, 0, 0.50) 50%, transparent 50%), linear-gradient(90deg, rgba(0, 0, 0, 0.50) 50%, transparent 50%), linear-gradient(0deg, rgba(0, 0, 0, 0.50) 50%, transparent 50%), linear-gradi

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:08 UTC	770	OUT	GET /private-search/assets/step-1.png HTTP/1.1 Host: cint.securiguard.cc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24
2025-01-06 14:33:08 UTC	228	IN	HTTP/1.1 200 OK Server: nginx Date: Mon, 06 Jan 2025 14:33:08 GMT Content-Type: image/png Content-Length: 8730 Last-Modified: Thu, 18 Jul 2024 15:08:57 GMT Connection: close ETag: "66993009-221a" Accept-Ranges: bytes
2025-01-06 14:33:08 UTC	8730	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 8c 00 00 00 b9 08 06 00 00 00 3b f9 08 e0 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 21 af 49 44 41 54 78 01 ed 9d 09 90 5c d5 7d ee ff b7 b7 99 9e 7d d5 32 33 da f7 5d 32 20 90 10 20 09 09 43 1c 8c f3 1c 70 fc fc aa 02 2e c7 6f 49 5c c1 76 bd 57 af ca 79 15 f3 92 98 38 55 89 49 55 82 93 72 8c 9d 04 92 38 b6 13 8c ed 80 30 48 08 30 42 0b da d0 be 8e 34 1a 69 a4 d9 f7 e9 99 5e 72 be d3 73 9a 3b ad ee 99 db 33 3d e3 ee 9e ef 07 57 bd dd 5e a6 fb de f3 9d ff 7a 2c 19 83 cb 97 db cb 8a 3c c1 f5 11 cb 9a 6f 59 d6 3c 21 84 10 92 33 b8 2c 57 c7 60 28 78 6c f6 9c ea b7 c6 da d7 4a f6 c0 d0 d0 d0 Data Ascii: PNGIHDR;pHYssRGBgAMAa!IDATx\}}23]2 Cp.oI\vWy8UIUr80H0B4i^rs;3=W^z,<oY<!3,W`(xlJ

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:08 UTC	783	OUT	GET /private-search/assets/step-2-securi-guard.png HTTP/1.1 Host: cint.securiguard.cc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24
2025-01-06 14:33:08 UTC	229	IN	HTTP/1.1 200 OK Server: nginx Date: Mon, 06 Jan 2025 14:33:08 GMT Content-Type: image/png Content-Length: 15454 Last-Modified: Wed, 11 Sep 2024 06:34:16 GMT Connection: close ETag: "66e139e8-3c5e" Accept-Ranges: bytes
2025-01-06 14:33:08 UTC	15454	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 8c 00 00 00 a8 08 06 00 00 00 f3 73 d9 de 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 3b f3 49 44 41 54 78 01 ed 7d 09 98 24 c5 75 e6 cb aa ea fb 98 ee b9 bb e7 1e e6 be 98 19 86 1b 86 43 42 07 e8 00 c9 08 76 8d b8 8c fc ed 27 64 09 ed 5a 9f 0d 42 82 05 24 5b 96 6d 81 25 79 fd c9 12 60 d9 b2 19 b4 42 20 59 68 c5 21 6e 31 82 39 30 62 98 1b e6 ea ee 39 bb 7b fa 3e aa ab 36 fe a8 8a 9a a8 e8 c8 ac ac ee aa 9e ac ea f7 f7 e4 64 65 66 64 44 64 46 e4 fb e3 bd 17 87 43 3e f1 fe fb 6d 75 e5 d4 57 47 0c 06 83 c1 28 1a f4 51 79 fb bc 79 f5 ed 7e c2 3a 5e 17 db da 3a 2f 8d 0d 44 6f 8a 13 5d 4d 71 62 Data Ascii: PNGIHDRspHYssRGBgAMAa;IDATx}$uCBv'dZB$[m%y`B Yh!n190b9{>6defdDdFC>muWG(Qyy~:^:/Do]Mqb

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:08 UTC	565	OUT	GET /ajax/libs/font-awesome/6.0.0/js/all.min.js HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://cint.securiguard.cc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-06 14:33:08 UTC	949	IN	HTTP/1.1 200 OK Date: Mon, 06 Jan 2025 14:33:08 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: W/"620188b3-8592f" Last-Modified: Mon, 07 Feb 2022 21:01:39 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: MISS Expires: Sat, 27 Dec 2025 14:33:08 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ullbQlVtH8B9sPj%2BSD%2FgiVZvoWPm5xCEcklKnLtbuqF9wwLu3QvXJ6xXG8olqG7oPqcNAnMFXsueIgmsgMIdP%2F%2BcNStDEORznxGtxoThy7OYCvlbX4QJ4CmdVpLQkyxJvvkek5tz"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 8fdc6be258b742d1-EWR alt-svc: h3=":443"; ma=86400
2025-01-06 14:33:08 UTC	420	IN	Data Raw: 37 62 66 34 0d 0a 2f 2a 21 0a 20 2a 20 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 46 72 65 65 20 36 2e 30 2e 30 20 62 79 20 40 66 6f 6e 74 61 77 65 73 6f 6d 65 20 2d 20 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 0a 20 2a 20 4c 69 63 65 6e 73 65 20 2d 20 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 2f 6c 69 63 65 6e 73 65 2f 66 72 65 65 20 28 49 63 6f 6e 73 3a 20 43 43 20 42 59 20 34 2e 30 2c 20 46 6f 6e 74 73 3a 20 53 49 4c 20 4f 46 4c 20 31 2e 31 2c 20 43 6f 64 65 3a 20 4d 49 54 20 4c 69 63 65 6e 73 65 29 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 32 32 20 46 6f 6e 74 69 63 6f 6e 73 2c 20 49 6e 63 2e 0a 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 43 Data Ascii: 7bf4/! Font Awesome Free 6.0.0 by @fontawesome - https://fontawesome.com * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) * Copyright 2022 Fonticons, Inc. */!function(){"use strict";var C
2025-01-06 14:33:08 UTC	1369	IN	Data Raw: 61 2e 64 6f 63 75 6d 65 6e 74 2c 65 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 26 26 65 2e 68 65 61 64 26 26 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 26 26 65 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 2c 7e 7a 2e 69 6e 64 65 78 4f 66 28 22 4d 53 49 45 22 29 7c 7c 7a 2e 69 6e 64 65 78 4f 66 28 22 54 72 69 64 65 6e 74 2f 22 29 3b 66 75 6e 63 74 69 6f 6e 20 4d 28 63 2c 43 29 7b 76 61 72 20 6c 2c 7a 3d 4f 62 6a 65 63 74 2e 6b 65 79 73 28 63 29 3b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 53 79 6d 62 6f 6c 73 26 26 28 6c 3d 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 53 79 6d 62 6f 6c 73 28 63 29 2c 43 26 26 28 6c 3d 6c 2e 66 Data Ascii: a.document,e.documentElement&&e.head&&"function"==typeof e.addEventListener&&e.createElement,~z.indexOf("MSIE")\|\|z.indexOf("Trident/");function M(c,C){var l,z=Object.keys(c);return Object.getOwnPropertySymbols&&(l=Object.getOwnPropertySymbols(c),C&&(l=l.f
2025-01-06 14:33:08 UTC	1369	IN	Data Raw: 72 6e 20 41 72 72 61 79 2e 66 72 6f 6d 28 43 29 7d 28 7a 29 7c 7c 66 75 6e 63 74 69 6f 6e 28 43 2c 63 29 7b 69 66 28 43 29 7b 69 66 28 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 43 29 72 65 74 75 72 6e 20 73 28 43 2c 63 29 3b 76 61 72 20 6c 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 74 6f 53 74 72 69 6e 67 2e 63 61 6c 6c 28 43 29 2e 73 6c 69 63 65 28 38 2c 2d 31 29 3b 72 65 74 75 72 6e 22 4d 61 70 22 3d 3d 3d 28 6c 3d 22 4f 62 6a 65 63 74 22 3d 3d 3d 6c 26 26 43 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3f 43 2e 63 6f 6e 73 74 72 75 63 74 6f 72 2e 6e 61 6d 65 3a 6c 29 7c 7c 22 53 65 74 22 3d 3d 3d 6c 3f 41 72 72 61 79 2e 66 72 6f 6d 28 43 29 3a 22 41 72 67 75 6d 65 6e 74 73 22 3d 3d 3d 6c 7c 7c 2f 5e 28 3f 3a 55 69 7c 49 29 6e 74 28 3f 3a 38 Data Ascii: rn Array.from(C)}(z)\|\|function(C,c){if(C){if("string"==typeof C)return s(C,c);var l=Object.prototype.toString.call(C).slice(8,-1);return"Map"===(l="Object"===l&&C.constructor?C.constructor.name:l)\|\|"Set"===l?Array.from(C):"Arguments"===l\|\|/^(?:Ui\|I)nt(?:8
2025-01-06 14:33:08 UTC	1369	IN	Data Raw: 2c 56 28 63 29 29 2c 22 66 61 73 22 3d 3d 3d 43 26 26 69 28 22 66 61 22 2c 63 29 7d 76 61 72 20 6f 3d 7b 22 34 32 2d 67 72 6f 75 70 22 3a 5b 36 34 30 2c 35 31 32 2c 5b 22 69 6e 6e 6f 73 6f 66 74 22 5d 2c 22 65 30 38 30 22 2c 22 4d 33 32 30 20 39 36 56 34 31 36 43 33 34 31 20 34 31 36 20 33 36 31 2e 38 20 34 31 31 2e 39 20 33 38 31 2e 32 20 34 30 33 2e 38 43 34 30 30 2e 36 20 33 39 35 2e 38 20 34 31 38 2e 33 20 33 38 33 2e 31 20 34 33 33 2e 31 20 33 36 39 2e 31 43 34 34 37 2e 31 20 33 35 34 2e 33 20 34 35 39 2e 38 20 33 33 36 2e 36 20 34 36 37 2e 38 20 33 31 37 2e 32 43 34 37 35 2e 39 20 32 39 37 2e 38 20 34 38 30 20 32 37 37 20 34 38 30 20 32 35 36 43 34 38 30 20 32 33 34 2e 31 20 34 37 35 2e 39 20 32 31 34 2e 32 20 34 36 37 2e 38 20 31 39 34 2e 38 43 34 Data Ascii: ,V(c)),"fas"===C&&i("fa",c)}var o={"42-group":[640,512,["innosoft"],"e080","M320 96V416C341 416 361.8 411.9 381.2 403.8C400.6 395.8 418.3 383.1 433.1 369.1C447.1 354.3 459.8 336.6 467.8 317.2C475.9 297.8 480 277 480 256C480 234.1 475.9 214.2 467.8 194.8C4
2025-01-06 14:33:08 UTC	1369	IN	Data Raw: 34 2e 35 2d 35 37 2d 32 33 38 2e 33 2d 33 38 2e 32 7a 4d 33 39 33 20 34 31 34 2e 37 43 32 38 33 20 35 32 34 2e 36 20 39 34 20 34 37 35 2e 35 20 36 31 20 33 31 30 2e 35 63 30 2d 31 32 2e 32 2d 33 30 2e 34 2d 37 2e 34 2d 32 38 2e 39 20 33 2e 33 20 32 34 20 31 37 33 2e 34 20 32 34 36 20 32 35 36 2e 39 20 33 38 31 2e 36 20 31 32 31 2e 33 20 36 2e 39 2d 37 2e 38 2d 31 32 2e 36 2d 32 38 2e 34 2d 32 30 2e 37 2d 32 30 2e 34 7a 4d 32 31 33 2e 36 20 33 30 36 2e 36 63 30 20 34 20 34 2e 33 20 37 2e 33 20 35 2e 35 20 38 2e 35 20 33 20 33 20 36 2e 31 20 34 2e 34 20 38 2e 35 20 34 2e 34 20 33 2e 38 20 30 20 32 2e 36 20 2e 32 20 32 32 2e 33 2d 31 39 2e 35 20 31 39 2e 36 20 31 39 2e 33 20 31 39 2e 31 20 31 39 2e 35 20 32 32 2e 33 20 31 39 2e 35 20 35 2e 34 20 30 20 31 38 Data Ascii: 4.5-57-238.3-38.2zM393 414.7C283 524.6 94 475.5 61 310.5c0-12.2-30.4-7.4-28.9 3.3 24 173.4 246 256.9 381.6 121.3 6.9-7.8-12.6-28.4-20.7-20.4zM213.6 306.6c0 4 4.3 7.3 5.5 8.5 3 3 6.1 4.4 8.5 4.4 3.8 0 2.6 .2 22.3-19.5 19.6 19.3 19.1 19.5 22.3 19.5 5.4 0 18
2025-01-06 14:33:08 UTC	1369	IN	Data Raw: 2e 39 20 37 2d 38 2e 39 6c 39 32 2e 36 2d 33 33 2e 38 63 2e 36 2d 2e 38 20 38 38 2e 35 2d 38 31 2e 37 20 39 30 2e 32 2d 38 33 2e 33 7a 6d 31 36 30 2e 31 20 31 32 30 2e 31 63 31 33 2e 33 20 31 36 2e 31 20 32 30 2e 37 20 31 33 2e 33 20 33 30 2e 38 20 39 2e 33 20 33 2e 32 2d 31 2e 32 20 31 31 35 2e 34 2d 34 37 2e 36 20 31 31 37 2e 38 2d 34 38 2e 39 20 38 2d 34 2e 33 2d 31 2e 37 2d 31 36 2e 37 2d 37 2e 32 2d 32 33 2e 34 2d 32 2e 31 2d 32 2e 35 2d 32 30 35 2e 31 2d 32 34 35 2e 36 2d 32 30 37 2e 32 2d 32 34 38 2e 33 2d 39 2e 37 2d 31 32 2e 32 2d 31 34 2e 33 2d 31 32 2e 39 2d 33 38 2e 34 2d 31 32 2e 38 2d 31 30 2e 32 20 30 2d 31 30 36 2e 38 20 2e 35 2d 31 31 36 2e 35 20 2e 36 2d 31 39 2e 32 20 2e 31 2d 33 32 2e 39 2d 2e 33 2d 31 39 2e 32 20 31 36 2e 39 43 32 35 Data Ascii: .9 7-8.9l92.6-33.8c.6-.8 88.5-81.7 90.2-83.3zm160.1 120.1c13.3 16.1 20.7 13.3 30.8 9.3 3.2-1.2 115.4-47.6 117.8-48.9 8-4.3-1.7-16.7-7.2-23.4-2.1-2.5-205.1-245.6-207.2-248.3-9.7-12.2-14.3-12.9-38.4-12.8-10.2 0-106.8 .5-116.5 .6-19.2 .1-32.9-.3-19.2 16.9C25
2025-01-06 14:33:08 UTC	1369	IN	Data Raw: 2e 38 20 31 31 34 2d 33 30 2e 39 20 31 2e 31 2d 31 30 2e 32 2d 31 2e 39 2d 32 30 2e 31 2d 31 31 2e 33 2d 32 37 2e 33 7a 6d 32 38 36 2e 37 20 32 32 32 63 30 20 31 35 2e 31 2d 31 31 2e 31 20 39 2e 39 2d 31 37 2e 38 20 39 2e 39 48 35 32 2e 34 63 2d 37 2e 34 20 30 2d 31 38 2e 32 20 34 2e 38 2d 31 37 2e 38 2d 31 30 2e 37 20 2e 34 2d 31 33 2e 39 20 31 30 2e 35 2d 39 2e 31 20 31 37 2e 31 2d 39 2e 31 20 31 33 32 2e 33 2d 2e 34 20 32 36 34 2e 35 2d 2e 34 20 33 39 36 2e 38 20 30 20 36 2e 38 20 30 20 31 36 2e 36 2d 34 2e 34 20 31 36 2e 36 20 39 2e 39 7a 6d 33 2e 38 2d 33 34 30 2e 35 76 32 39 31 63 30 20 35 2e 37 2d 2e 37 20 31 33 2e 39 2d 38 2e 31 20 31 33 2e 39 2d 31 32 2e 34 2d 2e 34 2d 32 37 2e 35 20 37 2e 31 2d 33 36 2e 31 2d 35 2e 36 2d 35 2e 38 2d 38 2e 37 2d Data Ascii: .8 114-30.9 1.1-10.2-1.9-20.1-11.3-27.3zm286.7 222c0 15.1-11.1 9.9-17.8 9.9H52.4c-7.4 0-18.2 4.8-17.8-10.7 .4-13.9 10.5-9.1 17.1-9.1 132.3-.4 264.5-.4 396.8 0 6.8 0 16.6-4.4 16.6 9.9zm3.8-340.5v291c0 5.7-.7 13.9-8.1 13.9-12.4-.4-27.5 7.1-36.1-5.6-5.8-8.7-
2025-01-06 14:33:08 UTC	1369	IN	Data Raw: 30 35 2d 36 30 2e 35 35 20 35 32 2e 36 39 2d 38 35 2e 31 35 20 35 34 2e 39 32 2d 35 30 20 37 2e 34 33 2d 38 39 2e 31 31 2d 34 31 2e 30 36 2d 37 31 2e 33 2d 39 31 2e 30 39 20 31 35 2e 31 2d 33 39 2e 31 36 20 31 31 31 2e 37 2d 32 33 31 2e 32 20 31 31 35 2e 39 2d 32 34 31 2e 36 20 31 35 2e 37 35 2d 33 30 2e 30 37 20 32 35 2e 35 36 2d 35 37 2e 34 20 35 39 2e 33 38 2d 35 37 2e 34 20 33 32 2e 33 34 20 30 20 34 33 2e 34 20 32 35 2e 39 34 20 36 30 2e 33 37 20 35 39 2e 38 37 20 33 36 20 37 30 2e 36 32 20 38 39 2e 33 35 20 31 37 37 2e 35 20 31 31 34 2e 38 20 32 33 39 2e 31 20 31 33 2e 31 37 20 33 33 2e 30 37 2d 31 2e 33 37 20 37 31 2e 32 39 2d 33 37 2e 30 31 20 38 36 2e 36 34 7a 6d 34 37 2d 31 33 36 2e 31 43 32 38 30 2e 33 20 33 35 2e 39 33 20 32 37 33 2e 31 20 33 Data Ascii: 05-60.55 52.69-85.15 54.92-50 7.43-89.11-41.06-71.3-91.09 15.1-39.16 111.7-231.2 115.9-241.6 15.75-30.07 25.56-57.4 59.38-57.4 32.34 0 43.4 25.94 60.37 59.87 36 70.62 89.35 177.5 114.8 239.1 13.17 33.07-1.37 71.29-37.01 86.64zm47-136.1C280.3 35.93 273.1 3
2025-01-06 14:33:08 UTC	1369	IN	Data Raw: 31 32 2c 5b 5d 2c 22 66 36 34 32 22 2c 22 4d 33 37 37 2e 37 20 33 32 48 37 30 2e 32 36 43 33 31 2e 34 31 20 33 32 20 30 20 36 33 2e 34 31 20 30 20 31 30 32 2e 33 76 33 30 37 2e 35 43 30 20 34 34 38 2e 36 20 33 31 2e 34 31 20 34 38 30 20 37 30 2e 32 36 20 34 38 30 68 33 30 37 2e 35 63 33 38 2e 35 32 20 30 20 36 39 2e 37 36 2d 33 31 2e 30 38 20 37 30 2e 32 36 2d 36 39 2e 36 2d 34 35 2e 39 36 2d 32 35 2e 36 32 2d 31 31 30 2e 36 2d 36 30 2e 33 34 2d 31 37 31 2e 36 2d 38 38 2e 34 34 2d 33 32 2e 30 37 20 34 33 2e 39 37 2d 38 34 2e 31 34 20 38 31 2d 31 34 38 2e 36 20 38 31 2d 37 30 2e 35 39 20 30 2d 39 33 2e 37 33 2d 34 35 2e 33 2d 39 37 2e 30 34 2d 37 36 2e 33 37 2d 33 2e 39 37 2d 33 39 2e 30 31 20 31 34 2e 38 38 2d 38 31 2e 35 20 39 39 2e 35 32 2d 38 31 2e 35 Data Ascii: 12,[],"f642","M377.7 32H70.26C31.41 32 0 63.41 0 102.3v307.5C0 448.6 31.41 480 70.26 480h307.5c38.52 0 69.76-31.08 70.26-69.6-45.96-25.62-110.6-60.34-171.6-88.44-32.07 43.97-84.14 81-148.6 81-70.59 0-93.73-45.3-97.04-76.37-3.97-39.01 14.88-81.5 99.52-81.5
2025-01-06 14:33:08 UTC	1369	IN	Data Raw: 35 2e 33 63 32 2e 33 2d 34 2e 32 20 35 2e 32 2d 34 2e 39 20 39 2e 37 2d 32 2e 35 20 31 30 2e 34 20 35 2e 36 20 32 30 2e 36 20 31 31 2e 34 20 33 31 2e 32 20 31 36 2e 37 61 35 39 35 2e 39 20 35 39 35 2e 39 20 30 20 30 20 30 20 31 32 37 2e 34 20 34 36 2e 33 20 36 31 36 2e 36 20 36 31 36 2e 36 20 30 20 30 20 30 20 36 33 2e 32 20 31 31 2e 38 20 36 30 33 2e 33 20 36 30 33 2e 33 20 30 20 30 20 30 20 39 35 20 35 2e 32 63 31 37 2e 34 2d 2e 34 20 33 34 2e 38 2d 31 2e 38 20 35 32 2e 31 2d 33 2e 38 61 36 30 33 2e 37 20 36 30 33 2e 37 20 30 20 30 20 30 20 31 36 33 2e 33 2d 34 32 2e 38 63 32 2e 39 2d 31 2e 32 20 35 2e 39 2d 32 20 39 2e 31 2d 31 2e 32 20 36 2e 37 20 31 2e 38 20 39 20 39 20 34 2e 31 20 31 33 2e 39 61 37 30 20 37 30 20 30 20 30 20 31 20 2d 39 2e 36 20 37 Data Ascii: 5.3c2.3-4.2 5.2-4.9 9.7-2.5 10.4 5.6 20.6 11.4 31.2 16.7a595.9 595.9 0 0 0 127.4 46.3 616.6 616.6 0 0 0 63.2 11.8 603.3 603.3 0 0 0 95 5.2c17.4-.4 34.8-1.8 52.1-3.8a603.7 603.7 0 0 0 163.3-42.8c2.9-1.2 5.9-2 9.1-1.2 6.7 1.8 9 9 4.1 13.9a70 70 0 0 1 -9.6 7

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (18302)
Category:	downloaded
Size (bytes):	18922
Entropy (8bit):	5.641250894548377
Encrypted:	false
SSDEEP:	384:5NZLtNljiKQueXjJNswg2o3T468i4nae5TUq/z6nx8:5zLtHfijgwgv338rae91ex8
MD5:	4D2A2F131CB35C65CBC8C5F7D8D8078F
SHA1:	036EA13372C74F2BB49D5718A4BE1CC19AC256BB
SHA-256:	D49B5FC44A0E1D88A91C34A8E95185AE187058DE7E9C86C27B1ADBA2A2DD678C
SHA-512:	F2926684BAC931F2015AFDB40E17A763DB1569C2A6D7A99D6078EF91440D67AA6EA481989B8912B7466598632C97567FED19F3D63478F0B51C2E8FDB24EA85EC
Malicious:	false
Reputation:	low
URL:	https://www.google.com/js/bg/1JtfxEoOHYipHDSo6VGFrhhwWN5-nIbCexrboqLdZ4w.js
Preview:	/* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t / (function(){var S=function(D,l){if((D=(l=null,g).trustedTypes,!D)\|\|!D.createPolicy)return l;try{l=D.createPolicy("bg",{createHTML:y,createScript:y,createScriptURL:y})}catch(C){g.console&&g.console.error(C.message)}return l},y=function(D){return D},g=this\|\|self;(0,eval)(function(D,l){return(l=S())&&D.eval(l.createScript("1"))===1?function(C){return l.createScript(C)}:function(C){return""+C}}(g)(Array(Math.random()7824\|0).join("\n")+['(function(){/',.'',.' Copyright Google LLC',.' SPDX-License-Identifier: Apache-2.0',.'/',.'var Dt=function(l,D,C){return D.vu(function(y){C=y},false,l),C},r=function(l,D,C,y,S,Y,I,B){if((C.D=(((I=(Y=(S=(y\|\|C.i++,C.I)>0&&C.S&&C.UW&&C.N<=1&&!C.O&&!C.l&&(!y\|\|C.ts-D>1)&&document.hidden==0,B=C.i==4)\|\|S?C.G():C.C,Y-C.C),C).o+=I>>14>0,C).U&&(C.U^=(C.o+1>>2)*(I<<2)),C.o+1>>2)!=0\|\|C.D,B)\|\|S)C.i=0,C.C=Y;if(!S)return false;if(Y-C.P<C.I-((C.I>C.V&&(C.V=C.I),l)?255:y?5:2))return

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (607)
Category:	dropped
Size (bytes):	62012
Entropy (8bit):	5.3308855453734365
Encrypted:	false
SSDEEP:	1536:MrKZ02v10J/QTB9qNKHTs++coL3R55ISwLnb:jiJwsQ4N6zb
MD5:	99E54FC5DC8DF56A8CAF484E35C93949
SHA1:	6AEDEF0F1B1D8B6350769433F07FA6EE9F290D73
SHA-256:	9E7A0215F52ACD7A420CCEE95705322EA9AD8CA563E5B641E6838529E433724E
SHA-512:	51A4BB6132412A8E1D17A245810DB8C872BE2F8D7E9B57D0E39704E3DAAF348B63E5E218C4DB755732DED579BE30467FFBC479D651363B60119B97E2E77C9186
Malicious:	false
Reputation:	low
Preview:	(function() {.var j=void 0,l=!0,r=null,B=!1;.(function(){function Ua(){function a(){if(!a.Rc)ua=a.Rc=l,va=B,c.a(G,function(a){a.Ec()})}function b(){try{t.documentElement.doScroll("left")}catch(d){setTimeout(b,1);return}a()}if(t.addEventListener)"complete"===t.readyState?a():t.addEventListener("DOMContentLoaded",a,B);else if(t.attachEvent){t.attachEvent("onreadystatechange",a);var d=B;try{d=p.frameElement===r}catch(f){}t.documentElement.doScroll&&d&&b()}c.gc(p,"load",a,l)}function Va(){x.init=function(a,b,d){if(d)return x[d]\|\|(x[d]=G[d]=W(a,.b,d),x[d].ra()),x[d];d=x;if(G.mixpanel)d=G.mixpanel;else if(a)d=W(a,b,"mixpanel"),d.ra(),G.mixpanel=d;x=d;1===ia&&(p.mixpanel=x);Wa()}}function Wa(){c.a(G,function(a,b){"mixpanel"!==b&&(x[b]=a)});x._=c}function ja(a){a=c.g(a)?a:c.e(a)?{}:{days:a};return c.extend({},Xa,a)}function W(a,b,d){var f,g="mixpanel"===d?x:x[d];if(g&&0===ia)f=g;else{if(g&&!c.isArray(g)){o.error("You have already initialized "+d);return}f=new e}f.vb={};f.ba(a,b,d);f.people=new

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:08 UTC	695	OUT	GET /lp/js/main.js?v10 HTTP/1.1 Host: cint.securiguard.cc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24
2025-01-06 14:33:08 UTC	265	IN	HTTP/1.1 200 OK Server: nginx Date: Mon, 06 Jan 2025 14:33:08 GMT Content-Type: application/javascript Content-Length: 10202 Last-Modified: Mon, 25 Nov 2024 13:26:51 GMT Connection: close Vary: Accept-Encoding ETag: "67447b1b-27da" Accept-Ranges: bytes
2025-01-06 14:33:08 UTC	10202	IN	Data Raw: 66 75 6e 63 74 69 6f 6e 20 67 65 74 43 6f 6f 6b 69 65 28 6e 61 6d 65 29 0a 7b 0a 20 20 20 20 6c 65 74 20 6e 61 6d 65 50 61 72 74 20 3d 20 6e 61 6d 65 20 2b 20 27 3d 27 2c 0a 20 20 20 20 20 20 20 20 64 65 63 6f 64 65 64 43 6f 6f 6b 69 65 20 3d 20 64 65 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 64 6f 63 75 6d 65 6e 74 2e 63 6f 6f 6b 69 65 29 2c 0a 20 20 20 20 20 20 20 20 63 6f 6f 6b 69 65 73 20 3d 20 64 65 63 6f 64 65 64 43 6f 6f 6b 69 65 2e 73 70 6c 69 74 28 27 3b 27 29 3b 0a 0a 20 20 20 20 66 6f 72 28 6c 65 74 20 69 6e 64 65 78 20 3d 20 30 3b 20 69 6e 64 65 78 20 3c 20 63 6f 6f 6b 69 65 73 2e 6c 65 6e 67 74 68 3b 20 69 6e 64 65 78 2b 2b 29 20 7b 0a 20 20 20 20 20 20 20 20 6c 65 74 20 63 6f 6f 6b 69 65 20 3d 20 63 6f 6f 6b 69 65 73 5b 69 6e 64 65 Data Ascii: function getCookie(name){ let namePart = name + '=', decodedCookie = decodeURIComponent(document.cookie), cookies = decodedCookie.split(';'); for(let index = 0; index < cookies.length; index++) { let cookie = cookies[inde

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:08 UTC	605	OUT	GET /impression?c=intpgdirect HTTP/1.1 Host: impr.securiguard.cc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://cint.securiguard.cc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-06 14:33:08 UTC	739	IN	HTTP/1.1 200 OK Server: Cowboy Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1736173988&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=eIOSIPFgzR6U%2FBDD3gLb97qZLY10kvYRaOBof%2FnD0e4%3D"}]} Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1736173988&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=eIOSIPFgzR6U%2FBDD3gLb97qZLY10kvYRaOBof%2FnD0e4%3D Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Connection: close X-Powered-By: Express Content-Type: text/html; charset=utf-8 Content-Length: 2 Etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" Date: Mon, 06 Jan 2025 14:33:08 GMT Via: 1.1 vegur
2025-01-06 14:33:08 UTC	2	IN	Data Raw: 4f 4b Data Ascii: OK

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:09 UTC	413	OUT	GET /lp/js/main.js?v10 HTTP/1.1 Host: cint.securiguard.cc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24
2025-01-06 14:33:09 UTC	265	IN	HTTP/1.1 200 OK Server: nginx Date: Mon, 06 Jan 2025 14:33:09 GMT Content-Type: application/javascript Content-Length: 10202 Last-Modified: Mon, 25 Nov 2024 13:26:51 GMT Connection: close Vary: Accept-Encoding ETag: "67447b1b-27da" Accept-Ranges: bytes
2025-01-06 14:33:09 UTC	10202	IN	Data Raw: 66 75 6e 63 74 69 6f 6e 20 67 65 74 43 6f 6f 6b 69 65 28 6e 61 6d 65 29 0a 7b 0a 20 20 20 20 6c 65 74 20 6e 61 6d 65 50 61 72 74 20 3d 20 6e 61 6d 65 20 2b 20 27 3d 27 2c 0a 20 20 20 20 20 20 20 20 64 65 63 6f 64 65 64 43 6f 6f 6b 69 65 20 3d 20 64 65 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 64 6f 63 75 6d 65 6e 74 2e 63 6f 6f 6b 69 65 29 2c 0a 20 20 20 20 20 20 20 20 63 6f 6f 6b 69 65 73 20 3d 20 64 65 63 6f 64 65 64 43 6f 6f 6b 69 65 2e 73 70 6c 69 74 28 27 3b 27 29 3b 0a 0a 20 20 20 20 66 6f 72 28 6c 65 74 20 69 6e 64 65 78 20 3d 20 30 3b 20 69 6e 64 65 78 20 3c 20 63 6f 6f 6b 69 65 73 2e 6c 65 6e 67 74 68 3b 20 69 6e 64 65 78 2b 2b 29 20 7b 0a 20 20 20 20 20 20 20 20 6c 65 74 20 63 6f 6f 6b 69 65 20 3d 20 63 6f 6f 6b 69 65 73 5b 69 6e 64 65 Data Ascii: function getCookie(name){ let namePart = name + '=', decodedCookie = decodeURIComponent(document.cookie), cookies = decodedCookie.split(';'); for(let index = 0; index < cookies.length; index++) { let cookie = cookies[inde

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:09 UTC	674	OUT	GET /recaptcha/api.js?render=6Ld51YUqAAAAAF57R6gVpjrDh5VVE3j4NqiQyG19 HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CIu2yQEIo7bJAQipncoBCNT9ygEIk6HLAQiFoM0BCLnKzQEIidPNAQip1c0BGOmYzQEY642lFw== Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://cint.securiguard.cc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-06 14:33:09 UTC	749	IN	HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 Expires: Mon, 06 Jan 2025 14:33:09 GMT Date: Mon, 06 Jan 2025 14:33:09 GMT Cache-Control: private, max-age=300 Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" Report-To: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2025-01-06 14:33:09 UTC	641	IN	Data Raw: 35 62 63 0d 0a 2f 2a 20 50 4c 45 41 53 45 20 44 4f 20 4e 4f 54 20 43 4f 50 59 20 41 4e 44 20 50 41 53 54 45 20 54 48 49 53 20 43 4f 44 45 2e 20 2a 2f 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 77 3d 77 69 6e 64 6f 77 2c 43 3d 27 5f 5f 5f 67 72 65 63 61 70 74 63 68 61 5f 63 66 67 27 2c 63 66 67 3d 77 5b 43 5d 3d 77 5b 43 5d 7c 7c 7b 7d 2c 4e 3d 27 67 72 65 63 61 70 74 63 68 61 27 3b 76 61 72 20 67 72 3d 77 5b 4e 5d 3d 77 5b 4e 5d 7c 7c 7b 7d 3b 67 72 2e 72 65 61 64 79 3d 67 72 2e 72 65 61 64 79 7c 7c 66 75 6e 63 74 69 6f 6e 28 66 29 7b 28 63 66 67 5b 27 66 6e 73 27 5d 3d 63 66 67 5b 27 66 6e 73 27 5d 7c 7c 5b 5d 29 2e 70 75 73 68 28 66 29 3b 7d 3b 77 5b 27 5f 5f 72 65 63 61 70 74 63 68 61 5f 61 70 69 27 5d 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 Data Ascii: 5bc/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]\|\|{},N='grecaptcha';var gr=w[N]=w[N]\|\|{};gr.ready=gr.ready\|\|function(f){(cfg['fns']=cfg['fns']\|\|[]).push(f);};w['__recaptcha_api']='https://www.g
2025-01-06 14:33:09 UTC	834	IN	Data Raw: 59 66 66 78 72 4d 38 54 6d 5a 54 36 52 41 72 57 47 51 56 43 4a 30 4c 52 69 76 44 37 67 6c 63 41 55 41 41 41 43 51 65 79 4a 76 63 6d 6c 6e 61 57 34 69 4f 69 4a 6f 64 48 52 77 63 7a 6f 76 4c 32 64 76 62 32 64 73 5a 53 35 6a 62 32 30 36 4e 44 51 7a 49 69 77 69 5a 6d 56 68 64 48 56 79 5a 53 49 36 49 6b 52 70 63 32 46 69 62 47 56 55 61 47 6c 79 5a 46 42 68 63 6e 52 35 55 33 52 76 63 6d 46 6e 5a 56 42 68 63 6e 52 70 64 47 6c 76 62 6d 6c 75 5a 7a 49 69 4c 43 4a 6c 65 48 42 70 63 6e 6b 69 4f 6a 45 33 4e 44 49 7a 4e 44 49 7a 4f 54 6b 73 49 6d 6c 7a 55 33 56 69 5a 47 39 74 59 57 6c 75 49 6a 70 30 63 6e 56 6c 4c 43 4a 70 63 31 52 6f 61 58 4a 6b 55 47 46 79 64 48 6b 69 4f 6e 52 79 64 57 56 39 27 3b 69 66 28 76 26 26 76 2e 63 6f 6f 6b 69 65 44 65 70 72 65 63 61 74 69 Data Ascii: YffxrM8TmZT6RArWGQVCJ0LRivD7glcAUAAACQeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZzIiLCJleHBpcnkiOjE3NDIzNDIzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9';if(v&&v.cookieDeprecati
2025-01-06 14:33:09 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:10 UTC	386	OUT	GET /ajax/libs/font-awesome/6.0.0/js/all.min.js HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-06 14:33:10 UTC	952	IN	HTTP/1.1 200 OK Date: Mon, 06 Jan 2025 14:33:10 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: W/"620188b3-8592f" Last-Modified: Mon, 07 Feb 2022 21:01:39 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: HIT Age: 2 Expires: Sat, 27 Dec 2025 14:33:10 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UU5yEY7lbQiEU3h37bFvb3H0GhMaLBsHPuoO7yjNzahoNaRx4glXI3EMpRXCGEAo9ad%2Fgx92cdBHXPrZuqzBMCOoqEpaAl3%2BYu4cOWlG0McCeMDoeIPXnFFlXuMmWfOP441wh8Kc"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 8fdc6beeaab67c69-EWR alt-svc: h3=":443"; ma=86400
2025-01-06 14:33:10 UTC	417	IN	Data Raw: 37 62 66 31 0d 0a 2f 2a 21 0a 20 2a 20 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 46 72 65 65 20 36 2e 30 2e 30 20 62 79 20 40 66 6f 6e 74 61 77 65 73 6f 6d 65 20 2d 20 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 0a 20 2a 20 4c 69 63 65 6e 73 65 20 2d 20 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 2f 6c 69 63 65 6e 73 65 2f 66 72 65 65 20 28 49 63 6f 6e 73 3a 20 43 43 20 42 59 20 34 2e 30 2c 20 46 6f 6e 74 73 3a 20 53 49 4c 20 4f 46 4c 20 31 2e 31 2c 20 43 6f 64 65 3a 20 4d 49 54 20 4c 69 63 65 6e 73 65 29 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 32 32 20 46 6f 6e 74 69 63 6f 6e 73 2c 20 49 6e 63 2e 0a 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 43 Data Ascii: 7bf1/! Font Awesome Free 6.0.0 by @fontawesome - https://fontawesome.com * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) * Copyright 2022 Fonticons, Inc. */!function(){"use strict";var C
2025-01-06 14:33:10 UTC	1369	IN	Data Raw: 3d 63 3b 61 2e 64 6f 63 75 6d 65 6e 74 2c 65 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 26 26 65 2e 68 65 61 64 26 26 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 26 26 65 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 2c 7e 7a 2e 69 6e 64 65 78 4f 66 28 22 4d 53 49 45 22 29 7c 7c 7a 2e 69 6e 64 65 78 4f 66 28 22 54 72 69 64 65 6e 74 2f 22 29 3b 66 75 6e 63 74 69 6f 6e 20 4d 28 63 2c 43 29 7b 76 61 72 20 6c 2c 7a 3d 4f 62 6a 65 63 74 2e 6b 65 79 73 28 63 29 3b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 53 79 6d 62 6f 6c 73 26 26 28 6c 3d 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 53 79 6d 62 6f 6c 73 28 63 29 2c 43 26 26 28 6c 3d Data Ascii: =c;a.document,e.documentElement&&e.head&&"function"==typeof e.addEventListener&&e.createElement,~z.indexOf("MSIE")\|\|z.indexOf("Trident/");function M(c,C){var l,z=Object.keys(c);return Object.getOwnPropertySymbols&&(l=Object.getOwnPropertySymbols(c),C&&(l=
2025-01-06 14:33:10 UTC	1369	IN	Data Raw: 65 74 75 72 6e 20 41 72 72 61 79 2e 66 72 6f 6d 28 43 29 7d 28 7a 29 7c 7c 66 75 6e 63 74 69 6f 6e 28 43 2c 63 29 7b 69 66 28 43 29 7b 69 66 28 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 43 29 72 65 74 75 72 6e 20 73 28 43 2c 63 29 3b 76 61 72 20 6c 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 74 6f 53 74 72 69 6e 67 2e 63 61 6c 6c 28 43 29 2e 73 6c 69 63 65 28 38 2c 2d 31 29 3b 72 65 74 75 72 6e 22 4d 61 70 22 3d 3d 3d 28 6c 3d 22 4f 62 6a 65 63 74 22 3d 3d 3d 6c 26 26 43 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3f 43 2e 63 6f 6e 73 74 72 75 63 74 6f 72 2e 6e 61 6d 65 3a 6c 29 7c 7c 22 53 65 74 22 3d 3d 3d 6c 3f 41 72 72 61 79 2e 66 72 6f 6d 28 43 29 3a 22 41 72 67 75 6d 65 6e 74 73 22 3d 3d 3d 6c 7c 7c 2f 5e 28 3f 3a 55 69 7c 49 29 6e 74 28 Data Ascii: eturn Array.from(C)}(z)\|\|function(C,c){if(C){if("string"==typeof C)return s(C,c);var l=Object.prototype.toString.call(C).slice(8,-1);return"Map"===(l="Object"===l&&C.constructor?C.constructor.name:l)\|\|"Set"===l?Array.from(C):"Arguments"===l\|\|/^(?:Ui\|I)nt(
2025-01-06 14:33:10 UTC	1369	IN	Data Raw: 6b 28 43 2c 56 28 63 29 29 2c 22 66 61 73 22 3d 3d 3d 43 26 26 69 28 22 66 61 22 2c 63 29 7d 76 61 72 20 6f 3d 7b 22 34 32 2d 67 72 6f 75 70 22 3a 5b 36 34 30 2c 35 31 32 2c 5b 22 69 6e 6e 6f 73 6f 66 74 22 5d 2c 22 65 30 38 30 22 2c 22 4d 33 32 30 20 39 36 56 34 31 36 43 33 34 31 20 34 31 36 20 33 36 31 2e 38 20 34 31 31 2e 39 20 33 38 31 2e 32 20 34 30 33 2e 38 43 34 30 30 2e 36 20 33 39 35 2e 38 20 34 31 38 2e 33 20 33 38 33 2e 31 20 34 33 33 2e 31 20 33 36 39 2e 31 43 34 34 37 2e 31 20 33 35 34 2e 33 20 34 35 39 2e 38 20 33 33 36 2e 36 20 34 36 37 2e 38 20 33 31 37 2e 32 43 34 37 35 2e 39 20 32 39 37 2e 38 20 34 38 30 20 32 37 37 20 34 38 30 20 32 35 36 43 34 38 30 20 32 33 34 2e 31 20 34 37 35 2e 39 20 32 31 34 2e 32 20 34 36 37 2e 38 20 31 39 34 2e Data Ascii: k(C,V(c)),"fas"===C&&i("fa",c)}var o={"42-group":[640,512,["innosoft"],"e080","M320 96V416C341 416 361.8 411.9 381.2 403.8C400.6 395.8 418.3 383.1 433.1 369.1C447.1 354.3 459.8 336.6 467.8 317.2C475.9 297.8 480 277 480 256C480 234.1 475.9 214.2 467.8 194.
2025-01-06 14:33:10 UTC	1369	IN	Data Raw: 2d 32 33 34 2e 35 2d 35 37 2d 32 33 38 2e 33 2d 33 38 2e 32 7a 4d 33 39 33 20 34 31 34 2e 37 43 32 38 33 20 35 32 34 2e 36 20 39 34 20 34 37 35 2e 35 20 36 31 20 33 31 30 2e 35 63 30 2d 31 32 2e 32 2d 33 30 2e 34 2d 37 2e 34 2d 32 38 2e 39 20 33 2e 33 20 32 34 20 31 37 33 2e 34 20 32 34 36 20 32 35 36 2e 39 20 33 38 31 2e 36 20 31 32 31 2e 33 20 36 2e 39 2d 37 2e 38 2d 31 32 2e 36 2d 32 38 2e 34 2d 32 30 2e 37 2d 32 30 2e 34 7a 4d 32 31 33 2e 36 20 33 30 36 2e 36 63 30 20 34 20 34 2e 33 20 37 2e 33 20 35 2e 35 20 38 2e 35 20 33 20 33 20 36 2e 31 20 34 2e 34 20 38 2e 35 20 34 2e 34 20 33 2e 38 20 30 20 32 2e 36 20 2e 32 20 32 32 2e 33 2d 31 39 2e 35 20 31 39 2e 36 20 31 39 2e 33 20 31 39 2e 31 20 31 39 2e 35 20 32 32 2e 33 20 31 39 2e 35 20 35 2e 34 20 30 Data Ascii: -234.5-57-238.3-38.2zM393 414.7C283 524.6 94 475.5 61 310.5c0-12.2-30.4-7.4-28.9 3.3 24 173.4 246 256.9 381.6 121.3 6.9-7.8-12.6-28.4-20.7-20.4zM213.6 306.6c0 4 4.3 7.3 5.5 8.5 3 3 6.1 4.4 8.5 4.4 3.8 0 2.6 .2 22.3-19.5 19.6 19.3 19.1 19.5 22.3 19.5 5.4 0
2025-01-06 14:33:10 UTC	1369	IN	Data Raw: 32 2d 36 2e 39 20 37 2d 38 2e 39 6c 39 32 2e 36 2d 33 33 2e 38 63 2e 36 2d 2e 38 20 38 38 2e 35 2d 38 31 2e 37 20 39 30 2e 32 2d 38 33 2e 33 7a 6d 31 36 30 2e 31 20 31 32 30 2e 31 63 31 33 2e 33 20 31 36 2e 31 20 32 30 2e 37 20 31 33 2e 33 20 33 30 2e 38 20 39 2e 33 20 33 2e 32 2d 31 2e 32 20 31 31 35 2e 34 2d 34 37 2e 36 20 31 31 37 2e 38 2d 34 38 2e 39 20 38 2d 34 2e 33 2d 31 2e 37 2d 31 36 2e 37 2d 37 2e 32 2d 32 33 2e 34 2d 32 2e 31 2d 32 2e 35 2d 32 30 35 2e 31 2d 32 34 35 2e 36 2d 32 30 37 2e 32 2d 32 34 38 2e 33 2d 39 2e 37 2d 31 32 2e 32 2d 31 34 2e 33 2d 31 32 2e 39 2d 33 38 2e 34 2d 31 32 2e 38 2d 31 30 2e 32 20 30 2d 31 30 36 2e 38 20 2e 35 2d 31 31 36 2e 35 20 2e 36 2d 31 39 2e 32 20 2e 31 2d 33 32 2e 39 2d 2e 33 2d 31 39 2e 32 20 31 36 2e 39 Data Ascii: 2-6.9 7-8.9l92.6-33.8c.6-.8 88.5-81.7 90.2-83.3zm160.1 120.1c13.3 16.1 20.7 13.3 30.8 9.3 3.2-1.2 115.4-47.6 117.8-48.9 8-4.3-1.7-16.7-7.2-23.4-2.1-2.5-205.1-245.6-207.2-248.3-9.7-12.2-14.3-12.9-38.4-12.8-10.2 0-106.8 .5-116.5 .6-19.2 .1-32.9-.3-19.2 16.9
2025-01-06 14:33:10 UTC	1369	IN	Data Raw: 2d 31 31 2e 38 20 31 31 34 2d 33 30 2e 39 20 31 2e 31 2d 31 30 2e 32 2d 31 2e 39 2d 32 30 2e 31 2d 31 31 2e 33 2d 32 37 2e 33 7a 6d 32 38 36 2e 37 20 32 32 32 63 30 20 31 35 2e 31 2d 31 31 2e 31 20 39 2e 39 2d 31 37 2e 38 20 39 2e 39 48 35 32 2e 34 63 2d 37 2e 34 20 30 2d 31 38 2e 32 20 34 2e 38 2d 31 37 2e 38 2d 31 30 2e 37 20 2e 34 2d 31 33 2e 39 20 31 30 2e 35 2d 39 2e 31 20 31 37 2e 31 2d 39 2e 31 20 31 33 32 2e 33 2d 2e 34 20 32 36 34 2e 35 2d 2e 34 20 33 39 36 2e 38 20 30 20 36 2e 38 20 30 20 31 36 2e 36 2d 34 2e 34 20 31 36 2e 36 20 39 2e 39 7a 6d 33 2e 38 2d 33 34 30 2e 35 76 32 39 31 63 30 20 35 2e 37 2d 2e 37 20 31 33 2e 39 2d 38 2e 31 20 31 33 2e 39 2d 31 32 2e 34 2d 2e 34 2d 32 37 2e 35 20 37 2e 31 2d 33 36 2e 31 2d 35 2e 36 2d 35 2e 38 2d 38 Data Ascii: -11.8 114-30.9 1.1-10.2-1.9-20.1-11.3-27.3zm286.7 222c0 15.1-11.1 9.9-17.8 9.9H52.4c-7.4 0-18.2 4.8-17.8-10.7 .4-13.9 10.5-9.1 17.1-9.1 132.3-.4 264.5-.4 396.8 0 6.8 0 16.6-4.4 16.6 9.9zm3.8-340.5v291c0 5.7-.7 13.9-8.1 13.9-12.4-.4-27.5 7.1-36.1-5.6-5.8-8
2025-01-06 14:33:10 UTC	1369	IN	Data Raw: 33 36 2e 30 35 2d 36 30 2e 35 35 20 35 32 2e 36 39 2d 38 35 2e 31 35 20 35 34 2e 39 32 2d 35 30 20 37 2e 34 33 2d 38 39 2e 31 31 2d 34 31 2e 30 36 2d 37 31 2e 33 2d 39 31 2e 30 39 20 31 35 2e 31 2d 33 39 2e 31 36 20 31 31 31 2e 37 2d 32 33 31 2e 32 20 31 31 35 2e 39 2d 32 34 31 2e 36 20 31 35 2e 37 35 2d 33 30 2e 30 37 20 32 35 2e 35 36 2d 35 37 2e 34 20 35 39 2e 33 38 2d 35 37 2e 34 20 33 32 2e 33 34 20 30 20 34 33 2e 34 20 32 35 2e 39 34 20 36 30 2e 33 37 20 35 39 2e 38 37 20 33 36 20 37 30 2e 36 32 20 38 39 2e 33 35 20 31 37 37 2e 35 20 31 31 34 2e 38 20 32 33 39 2e 31 20 31 33 2e 31 37 20 33 33 2e 30 37 2d 31 2e 33 37 20 37 31 2e 32 39 2d 33 37 2e 30 31 20 38 36 2e 36 34 7a 6d 34 37 2d 31 33 36 2e 31 43 32 38 30 2e 33 20 33 35 2e 39 33 20 32 37 33 2e Data Ascii: 36.05-60.55 52.69-85.15 54.92-50 7.43-89.11-41.06-71.3-91.09 15.1-39.16 111.7-231.2 115.9-241.6 15.75-30.07 25.56-57.4 59.38-57.4 32.34 0 43.4 25.94 60.37 59.87 36 70.62 89.35 177.5 114.8 239.1 13.17 33.07-1.37 71.29-37.01 86.64zm47-136.1C280.3 35.93 273.
2025-01-06 14:33:10 UTC	1369	IN	Data Raw: 38 2c 35 31 32 2c 5b 5d 2c 22 66 36 34 32 22 2c 22 4d 33 37 37 2e 37 20 33 32 48 37 30 2e 32 36 43 33 31 2e 34 31 20 33 32 20 30 20 36 33 2e 34 31 20 30 20 31 30 32 2e 33 76 33 30 37 2e 35 43 30 20 34 34 38 2e 36 20 33 31 2e 34 31 20 34 38 30 20 37 30 2e 32 36 20 34 38 30 68 33 30 37 2e 35 63 33 38 2e 35 32 20 30 20 36 39 2e 37 36 2d 33 31 2e 30 38 20 37 30 2e 32 36 2d 36 39 2e 36 2d 34 35 2e 39 36 2d 32 35 2e 36 32 2d 31 31 30 2e 36 2d 36 30 2e 33 34 2d 31 37 31 2e 36 2d 38 38 2e 34 34 2d 33 32 2e 30 37 20 34 33 2e 39 37 2d 38 34 2e 31 34 20 38 31 2d 31 34 38 2e 36 20 38 31 2d 37 30 2e 35 39 20 30 2d 39 33 2e 37 33 2d 34 35 2e 33 2d 39 37 2e 30 34 2d 37 36 2e 33 37 2d 33 2e 39 37 2d 33 39 2e 30 31 20 31 34 2e 38 38 2d 38 31 2e 35 20 39 39 2e 35 32 2d 38 Data Ascii: 8,512,[],"f642","M377.7 32H70.26C31.41 32 0 63.41 0 102.3v307.5C0 448.6 31.41 480 70.26 480h307.5c38.52 0 69.76-31.08 70.26-69.6-45.96-25.62-110.6-60.34-171.6-88.44-32.07 43.97-84.14 81-148.6 81-70.59 0-93.73-45.3-97.04-76.37-3.97-39.01 14.88-81.5 99.52-8
2025-01-06 14:33:10 UTC	1369	IN	Data Raw: 20 33 32 35 2e 33 63 32 2e 33 2d 34 2e 32 20 35 2e 32 2d 34 2e 39 20 39 2e 37 2d 32 2e 35 20 31 30 2e 34 20 35 2e 36 20 32 30 2e 36 20 31 31 2e 34 20 33 31 2e 32 20 31 36 2e 37 61 35 39 35 2e 39 20 35 39 35 2e 39 20 30 20 30 20 30 20 31 32 37 2e 34 20 34 36 2e 33 20 36 31 36 2e 36 20 36 31 36 2e 36 20 30 20 30 20 30 20 36 33 2e 32 20 31 31 2e 38 20 36 30 33 2e 33 20 36 30 33 2e 33 20 30 20 30 20 30 20 39 35 20 35 2e 32 63 31 37 2e 34 2d 2e 34 20 33 34 2e 38 2d 31 2e 38 20 35 32 2e 31 2d 33 2e 38 61 36 30 33 2e 37 20 36 30 33 2e 37 20 30 20 30 20 30 20 31 36 33 2e 33 2d 34 32 2e 38 63 32 2e 39 2d 31 2e 32 20 35 2e 39 2d 32 20 39 2e 31 2d 31 2e 32 20 36 2e 37 20 31 2e 38 20 39 20 39 20 34 2e 31 20 31 33 2e 39 61 37 30 20 37 30 20 30 20 30 20 31 20 2d 39 2e Data Ascii: 325.3c2.3-4.2 5.2-4.9 9.7-2.5 10.4 5.6 20.6 11.4 31.2 16.7a595.9 595.9 0 0 0 127.4 46.3 616.6 616.6 0 0 0 63.2 11.8 603.3 603.3 0 0 0 95 5.2c17.4-.4 34.8-1.8 52.1-3.8a603.7 603.7 0 0 0 163.3-42.8c2.9-1.2 5.9-2 9.1-1.2 6.7 1.8 9 9 4.1 13.9a70 70 0 0 1 -9.

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:10 UTC	671	OUT	GET /private-search/fourth/styles/reboot.css HTTP/1.1 Host: cint.securiguard.cc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://cint.securiguard.cc/private-search/fourth/styles/style.css?v15 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24
2025-01-06 14:33:10 UTC	250	IN	HTTP/1.1 200 OK Server: nginx Date: Mon, 06 Jan 2025 14:33:10 GMT Content-Type: text/css Content-Length: 5060 Last-Modified: Thu, 11 Apr 2024 14:49:06 GMT Connection: close Vary: Accept-Encoding ETag: "6617f862-13c4" Accept-Ranges: bytes
2025-01-06 14:33:10 UTC	5060	IN	Data Raw: 2a 2c 0a 3a 3a 61 66 74 65 72 2c 0a 3a 3a 62 65 66 6f 72 65 20 7b 0a 20 20 20 20 62 6f 78 2d 73 69 7a 69 6e 67 3a 20 62 6f 72 64 65 72 2d 62 6f 78 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 7d 0a 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 72 65 64 75 63 65 64 2d 6d 6f 74 69 6f 6e 3a 20 6e 6f 2d 70 72 65 66 65 72 65 6e 63 65 29 20 7b 0a 20 20 20 20 3a 72 6f 6f 74 20 7b 0a 20 20 20 20 20 20 20 20 73 63 72 6f 6c 6c 2d 62 65 68 61 76 69 6f 72 3a 20 73 6d 6f 6f 74 68 3b 0a 20 20 20 20 7d 0a 7d 0a 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 79 73 74 65 6d 2d 75 69 2c 20 2d 61 70 70 6c 65 2d 73 79 73 74 65 6d 2c 20 22 53 65 67 6f 65 20 55 49 22 2c 20 52 6f 62 6f 74 6f 2c Data Ascii: *,::after,::before { box-sizing: border-box; margin: 0; padding: 0;}@media (prefers-reduced-motion: no-preference) { :root { scroll-behavior: smooth; }}body { font-family: system-ui, -apple-system, "Segoe UI", Roboto,

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:10 UTC	545	OUT	GET /libs/mixpanel-2-latest.min.js HTTP/1.1 Host: cdn.mxpnl.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://cint.securiguard.cc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-06 14:33:10 UTC	874	IN	HTTP/1.1 200 OK X-GUploader-UploadID: AFiumC4WMT30hTFsMjG03u6p-riD6tWhhdq_iHdzt2etuI5TMpIyTuUlAT1XMoTOrv8HEXbR x-goog-generation: 1734555447442587 x-goog-metageneration: 2 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 20487 x-goog-hash: crc32c=gWz/Ig== x-goog-hash: md5=4a1YjWSajdMTCnWCmVHNaw== x-goog-storage-class: MULTI_REGIONAL Access-Control-Allow-Origin: * X-GUploader-Response-Body-Transformations: gunzipped Warning: 214 UploadServer gunzipped Server: UploadServer Date: Mon, 06 Jan 2025 14:31:03 GMT Expires: Mon, 06 Jan 2025 14:41:03 GMT Cache-Control: public,max-age=600 Last-Modified: Wed, 18 Dec 2024 20:57:27 GMT ETag: W/"e1ad588d649a8dd3130a75829951cd6b" Content-Type: text/javascript Vary: Accept-Encoding Content-Length: 62012 Age: 127 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2025-01-06 14:33:10 UTC	516	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 28 29 20 7b 0a 76 61 72 20 6a 3d 76 6f 69 64 20 30 2c 6c 3d 21 30 2c 72 3d 6e 75 6c 6c 2c 42 3d 21 31 3b 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 55 61 28 29 7b 66 75 6e 63 74 69 6f 6e 20 61 28 29 7b 69 66 28 21 61 2e 52 63 29 75 61 3d 61 2e 52 63 3d 6c 2c 76 61 3d 42 2c 63 2e 61 28 47 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 2e 45 63 28 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 62 28 29 7b 74 72 79 7b 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 64 6f 53 63 72 6f 6c 6c 28 22 6c 65 66 74 22 29 7d 63 61 74 63 68 28 64 29 7b 73 65 74 54 69 6d 65 6f 75 74 28 62 2c 31 29 3b 72 65 74 75 72 6e 7d 61 28 29 7d 69 66 28 74 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 29 22 63 6f 6d 70 6c 65 74 65 22 Data Ascii: (function() {var j=void 0,l=!0,r=null,B=!1;(function(){function Ua(){function a(){if(!a.Rc)ua=a.Rc=l,va=B,c.a(G,function(a){a.Ec()})}function b(){try{t.documentElement.doScroll("left")}catch(d){setTimeout(b,1);return}a()}if(t.addEventListener)"complete"
2025-01-06 14:33:10 UTC	1390	IN	Data Raw: 64 29 72 65 74 75 72 6e 20 78 5b 64 5d 7c 7c 28 78 5b 64 5d 3d 47 5b 64 5d 3d 57 28 61 2c 0a 62 2c 64 29 2c 78 5b 64 5d 2e 72 61 28 29 29 2c 78 5b 64 5d 3b 64 3d 78 3b 69 66 28 47 2e 6d 69 78 70 61 6e 65 6c 29 64 3d 47 2e 6d 69 78 70 61 6e 65 6c 3b 65 6c 73 65 20 69 66 28 61 29 64 3d 57 28 61 2c 62 2c 22 6d 69 78 70 61 6e 65 6c 22 29 2c 64 2e 72 61 28 29 2c 47 2e 6d 69 78 70 61 6e 65 6c 3d 64 3b 78 3d 64 3b 31 3d 3d 3d 69 61 26 26 28 70 2e 6d 69 78 70 61 6e 65 6c 3d 78 29 3b 57 61 28 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 57 61 28 29 7b 63 2e 61 28 47 2c 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 22 6d 69 78 70 61 6e 65 6c 22 21 3d 3d 62 26 26 28 78 5b 62 5d 3d 61 29 7d 29 3b 78 2e 5f 3d 63 7d 66 75 6e 63 74 69 6f 6e 20 6a 61 28 61 29 7b 61 3d 63 2e 67 28 61 Data Ascii: d)return x[d]\|\|(x[d]=G[d]=W(a,b,d),x[d].ra()),x[d];d=x;if(G.mixpanel)d=G.mixpanel;else if(a)d=W(a,b,"mixpanel"),d.ra(),G.mixpanel=d;x=d;1===ia&&(p.mixpanel=x);Wa()}}function Wa(){c.a(G,function(a,b){"mixpanel"!==b&&(x[b]=a)});x._=c}function ja(a){a=c.g(a
2025-01-06 14:33:10 UTC	1390	IN	Data Raw: 3d 74 68 69 73 2e 46 2e 62 61 74 63 68 5f 73 69 7a 65 3b 74 68 69 73 2e 78 61 3d 74 68 69 73 2e 46 2e 62 61 74 63 68 5f 66 6c 75 73 68 5f 69 6e 74 65 72 76 61 6c 5f 6d 73 3b 74 68 69 73 2e 6b 61 3d 21 74 68 69 73 2e 46 2e 62 61 74 63 68 5f 61 75 74 6f 73 74 61 72 74 3b 74 68 69 73 2e 52 61 3d 30 3b 74 68 69 73 2e 4d 3d 7b 7d 3b 74 68 69 73 2e 4f 62 3d 62 2e 4f 62 7c 7c 42 7d 66 75 6e 63 74 69 6f 6e 20 78 61 28 61 2c 62 29 7b 76 61 72 20 64 3d 5b 5d 3b 63 2e 61 28 61 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 63 3d 61 2e 69 64 3b 69 66 28 63 20 69 6e 0a 62 29 7b 69 66 28 63 3d 62 5b 63 5d 2c 63 21 3d 3d 72 29 61 2e 70 61 79 6c 6f 61 64 3d 63 2c 64 2e 70 75 73 68 28 61 29 7d 65 6c 73 65 20 64 2e 70 75 73 68 28 61 29 7d 29 3b 72 65 74 75 72 6e 20 64 Data Ascii: =this.F.batch_size;this.xa=this.F.batch_flush_interval_ms;this.ka=!this.F.batch_autostart;this.Ra=0;this.M={};this.Ob=b.Ob\|\|B}function xa(a,b){var d=[];c.a(a,function(a){var c=a.id;if(c inb){if(c=b[c],c!==r)a.payload=c,d.push(a)}else d.push(a)});return d
2025-01-06 14:33:10 UTC	1390	IN	Data Raw: 6f 61 2e 61 64 64 28 61 2c 62 29 3b 70 61 7c 7c 28 70 61 3d 61 62 28 6f 61 2e 53 63 29 29 7d 66 75 6e 63 74 69 6f 6e 20 43 61 28 61 29 7b 76 61 72 20 62 2c 64 3d 74 79 70 65 6f 66 20 61 3b 69 66 28 61 21 3d 3d 72 26 26 28 22 6f 62 6a 65 63 74 22 3d 3d 3d 64 7c 7c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 3d 64 29 29 62 3d 61 2e 74 68 65 6e 3b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 3d 74 79 70 65 6f 66 20 62 3f 62 3a 42 7d 66 75 6e 63 74 69 6f 6e 20 71 61 28 29 7b 66 6f 72 28 76 61 72 20 61 3d 30 3b 61 3c 74 68 69 73 2e 43 2e 6c 65 6e 67 74 68 3b 61 2b 2b 29 7b 76 61 72 20 62 3d 31 3d 3d 3d 74 68 69 73 2e 73 74 61 74 65 3f 74 68 69 73 2e 43 5b 61 5d 2e 46 64 3a 74 68 69 73 2e 43 5b 61 5d 2e 54 63 2c 64 3d 74 68 69 73 2e 43 5b 61 5d 2c 63 3d 6a 2c Data Ascii: oa.add(a,b);pa\|\|(pa=ab(oa.Sc))}function Ca(a){var b,d=typeof a;if(a!==r&&("object"===d\|\|"function"===d))b=a.then;return"function"===typeof b?b:B}function qa(){for(var a=0;a<this.C.length;a++){var b=1===this.state?this.C[a].Fd:this.C[a].Tc,d=this.C[a],c=j,
2025-01-06 14:33:10 UTC	1390	IN	Data Raw: 65 6f 66 20 62 29 74 68 72 6f 77 20 54 79 70 65 45 72 72 6f 72 28 22 4e 6f 74 20 61 20 66 75 6e 63 74 69 6f 6e 22 29 3b 63 2e 72 65 73 6f 6c 76 65 3d 61 3b 63 2e 72 65 6a 65 63 74 3d 62 7d 29 3b 62 2e 43 2e 70 75 73 68 28 63 29 3b 30 21 3d 3d 62 2e 73 74 61 74 65 26 26 5a 28 71 61 2c 62 29 3b 72 65 74 75 72 6e 20 63 2e 69 62 7d 3b 74 68 69 73 5b 22 63 61 74 63 68 22 5d 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 74 68 65 6e 28 6a 2c 61 29 7d 3b 74 72 79 7b 61 2e 63 61 6c 6c 28 6a 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 44 61 2e 63 61 6c 6c 28 62 2c 61 29 7d 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 54 2e 63 61 6c 6c 28 62 2c 61 29 7d 29 7d 63 61 74 63 68 28 64 29 7b 54 2e 63 61 6c 6c 28 62 2c 64 29 7d 7d 66 75 6e 63 74 69 6f 6e Data Ascii: eof b)throw TypeError("Not a function");c.resolve=a;c.reject=b});b.C.push(c);0!==b.state&&Z(qa,b);return c.ib};this["catch"]=function(a){return this.then(j,a)};try{a.call(j,function(a){Da.call(b,a)},function(a){T.call(b,a)})}catch(d){T.call(b,d)}}function
2025-01-06 14:33:10 UTC	1390	IN	Data Raw: 29 3a 28 64 3d 64 7c 7c 7b 7d 2c 24 28 64 29 2e 73 65 74 28 61 61 28 62 2c 64 29 2c 61 3f 31 3a 30 2c 63 2e 57 62 28 64 2e 49 62 29 3f 64 2e 49 62 3a 72 2c 21 21 64 2e 4a 62 2c 21 21 64 2e 71 64 2c 21 21 64 2e 4f 63 2c 64 2e 48 62 29 2c 64 2e 6f 26 26 61 26 26 64 2e 6f 28 64 2e 4a 64 7c 7c 22 24 6f 70 74 5f 69 6e 22 2c 64 2e 4b 64 2c 7b 73 65 6e 64 5f 69 6d 6d 65 64 69 61 74 65 6c 79 3a 6c 7d 29 29 7d 66 75 6e 63 74 69 6f 6e 20 72 61 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 64 3d 42 3b 74 72 79 7b 76 61 72 20 63 3d 62 2e 63 61 6c 6c 28 74 68 69 73 2c 22 74 6f 6b 65 6e 22 29 2c 67 3d 62 2e 63 61 6c 6c 28 74 68 69 73 2c 22 69 67 6e 6f 72 65 5f 64 6e 74 22 29 2c 0a 68 3d 62 2e 63 61 6c 6c 28 74 68 69 73 2c 22 6f 70 Data Ascii: ):(d=d\|\|{},$(d).set(aa(b,d),a?1:0,c.Wb(d.Ib)?d.Ib:r,!!d.Jb,!!d.qd,!!d.Oc,d.Hb),d.o&&a&&d.o(d.Jd\|\|"$opt_in",d.Kd,{send_immediately:l}))}function ra(a,b){return function(){var d=B;try{var c=b.call(this,"token"),g=b.call(this,"ignore_dnt"),h=b.call(this,"op
2025-01-06 14:33:10 UTC	1390	IN	Data Raw: 6f 66 20 61 26 26 31 3d 3d 3d 61 2e 5f 5f 4e 50 4f 5f 5f 3f 61 3a 6e 65 77 20 74 68 69 73 28 66 75 6e 63 74 69 6f 6e 28 62 2c 64 29 7b 69 66 28 22 66 75 6e 63 74 69 6f 6e 22 21 3d 3d 74 79 70 65 6f 66 20 62 7c 7c 22 66 75 6e 63 74 69 6f 6e 22 21 3d 3d 74 79 70 65 6f 66 20 64 29 74 68 72 6f 77 20 54 79 70 65 45 72 72 6f 72 28 22 4e 6f 74 20 61 20 66 75 6e 63 74 69 6f 6e 22 29 3b 62 28 61 29 7d 29 7d 29 3b 4a 28 48 2c 22 72 65 6a 65 63 74 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 74 68 69 73 28 66 75 6e 63 74 69 6f 6e 28 62 2c 64 29 7b 69 66 28 22 66 75 6e 63 74 69 6f 6e 22 21 3d 3d 74 79 70 65 6f 66 20 62 7c 7c 22 66 75 6e 63 74 69 6f 6e 22 21 3d 3d 74 79 70 65 6f 66 20 64 29 74 68 72 6f 77 20 54 79 70 65 45 72 72 6f 72 28 Data Ascii: of a&&1===a.__NPO__?a:new this(function(b,d){if("function"!==typeof b\|\|"function"!==typeof d)throw TypeError("Not a function");b(a)})});J(H,"reject",function(a){return new this(function(b,d){if("function"!==typeof b\|\|"function"!==typeof d)throw TypeError(
2025-01-06 14:33:10 UTC	1390	IN	Data Raw: 63 74 69 6f 6e 28 29 7b 69 66 28 4c 26 26 21 63 2e 65 28 7a 29 26 26 7a 29 7b 76 61 72 20 61 3d 5b 22 4d 69 78 70 61 6e 65 6c 20 77 61 72 6e 69 6e 67 3a 22 5d 2e 63 6f 6e 63 61 74 28 63 2e 55 28 61 72 67 75 6d 65 6e 74 73 29 29 3b 0a 74 72 79 7b 7a 2e 77 61 72 6e 2e 61 70 70 6c 79 28 7a 2c 61 29 7d 63 61 74 63 68 28 62 29 7b 63 2e 61 28 61 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 7a 2e 77 61 72 6e 28 61 29 7d 29 7d 7d 7d 2c 65 72 72 6f 72 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 4c 26 26 21 63 2e 65 28 7a 29 26 26 7a 29 7b 76 61 72 20 61 3d 5b 22 4d 69 78 70 61 6e 65 6c 20 65 72 72 6f 72 3a 22 5d 2e 63 6f 6e 63 61 74 28 63 2e 55 28 61 72 67 75 6d 65 6e 74 73 29 29 3b 74 72 79 7b 7a 2e 65 72 72 6f 72 2e 61 70 70 6c 79 28 7a 2c 61 29 7d 63 61 74 63 68 28 Data Ascii: ction(){if(L&&!c.e(z)&&z){var a=["Mixpanel warning:"].concat(c.U(arguments));try{z.warn.apply(z,a)}catch(b){c.a(a,function(a){z.warn(a)})}}},error:function(){if(L&&!c.e(z)&&z){var a=["Mixpanel error:"].concat(c.U(arguments));try{z.error.apply(z,a)}catch(
2025-01-06 14:33:10 UTC	1390	IN	Data Raw: 61 6c 6c 28 61 29 3a 63 2e 53 64 28 61 29 7d 3b 63 2e 6d 61 70 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 64 29 7b 69 66 28 50 61 26 26 61 2e 6d 61 70 3d 3d 3d 50 61 29 72 65 74 75 72 6e 20 61 2e 6d 61 70 28 62 2c 64 29 3b 76 61 72 20 66 3d 5b 5d 3b 63 2e 61 28 61 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 66 2e 70 75 73 68 28 62 2e 63 61 6c 6c 28 64 2c 61 29 29 7d 29 3b 72 65 74 75 72 6e 20 66 7d 3b 63 2e 6b 65 79 73 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 5b 5d 3b 69 66 28 61 3d 3d 3d 72 29 72 65 74 75 72 6e 20 62 3b 63 2e 61 28 61 2c 66 75 6e 63 74 69 6f 6e 28 61 2c 63 29 7b 62 5b 62 2e 6c 65 6e 67 74 68 5d 3d 63 7d 29 3b 72 65 74 75 72 6e 20 62 7d 3b 0a 63 2e 53 64 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 5b 5d 3b 69 66 28 Data Ascii: all(a):c.Sd(a)};c.map=function(a,b,d){if(Pa&&a.map===Pa)return a.map(b,d);var f=[];c.a(a,function(a){f.push(b.call(d,a))});return f};c.keys=function(a){var b=[];if(a===r)return b;c.a(a,function(a,c){b[b.length]=c});return b};c.Sd=function(a){var b=[];if(
2025-01-06 14:33:10 UTC	1390	IN	Data Raw: 61 29 26 26 30 3c 61 2e 6c 65 6e 67 74 68 26 26 28 62 5b 66 5d 3d 61 29 7d 29 3b 72 65 74 75 72 6e 20 62 7d 3b 63 2e 74 72 75 6e 63 61 74 65 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 76 61 72 20 64 3b 22 73 74 72 69 6e 67 22 3d 3d 3d 74 79 70 65 6f 66 20 61 3f 64 3d 61 2e 73 6c 69 63 65 28 30 2c 62 29 3a 63 2e 69 73 41 72 72 61 79 28 61 29 3f 28 64 3d 5b 5d 2c 63 2e 61 28 61 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 64 2e 70 75 73 68 28 63 2e 74 72 75 6e 63 61 74 65 28 61 2c 62 29 29 7d 29 29 3a 63 2e 67 28 61 29 3f 28 64 3d 7b 7d 2c 63 2e 61 28 61 2c 66 75 6e 63 74 69 6f 6e 28 61 2c 67 29 7b 64 5b 67 5d 3d 63 2e 74 72 75 6e 63 61 74 65 28 61 2c 62 29 7d 29 29 3a 64 3d 61 3b 72 65 74 75 72 6e 20 64 7d 3b 63 2e 6f 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 Data Ascii: a)&&0<a.length&&(b[f]=a)});return b};c.truncate=function(a,b){var d;"string"===typeof a?d=a.slice(0,b):c.isArray(a)?(d=[],c.a(a,function(a){d.push(c.truncate(a,b))})):c.g(a)?(d={},c.a(a,function(a,g){d[g]=c.truncate(a,b)})):d=a;return d};c.oa=function(){r

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:10 UTC	749	OUT	GET /private-search/assets/download-video-securi-guard.mp4 HTTP/1.1 Host: cint.securiguard.cc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Accept-Encoding: identity;q=1, ;q=0 sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: /* Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: video Referer: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e Accept-Language: en-US,en;q=0.9 Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24 Range: bytes=0-
2025-01-06 14:33:10 UTC	260	IN	HTTP/1.1 206 Partial Content Server: nginx Date: Mon, 06 Jan 2025 14:33:10 GMT Content-Type: video/mp4 Content-Length: 740950 Last-Modified: Wed, 11 Sep 2024 14:56:56 GMT Connection: close ETag: "66e1afb8-b4e56" Content-Range: bytes 0-740949/740950
2025-01-06 14:33:10 UTC	16124	IN	Data Raw: 00 00 00 18 66 74 79 70 6d 70 34 32 00 00 00 00 6d 70 34 32 6d 70 34 31 00 00 05 df 6d 6f 6f 76 00 00 00 6c 6d 76 68 64 00 00 00 00 e3 07 59 29 e3 07 59 29 00 01 5f 90 00 06 39 c0 00 01 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 05 31 74 72 61 6b 00 00 00 5c 74 6b 68 64 00 00 00 07 e3 07 59 29 e3 07 59 29 00 00 00 01 00 00 00 00 00 06 39 c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 02 00 00 00 01 c6 00 00 00 00 00 24 65 64 74 73 00 00 00 1c 65 6c 73 Data Ascii: ftypmp42mp42mp41moovlmvhdY)Y)_9@1trak\tkhdY)Y)9@$edtsels
2025-01-06 14:33:10 UTC	16384	IN	Data Raw: 2d f4 b0 ac c8 f0 e4 1c 17 45 2a ad 7b f4 84 f9 97 67 b6 51 d1 bc 3a 93 01 2c 3b 27 c6 8d 2f f2 6c 6b 8a 77 fc 6e 58 49 4e 70 19 3c 22 a3 81 f1 84 98 b2 a8 dc 5a af 98 34 90 b5 3a 06 ce 87 79 8b 1c ff 50 dc 44 40 eb 50 19 1f 83 fa 4d d2 31 82 2a b7 2d 77 5f b1 0f 27 ce 32 73 b0 c4 37 70 f4 33 de f3 70 e4 3b 58 fb 61 f6 35 c7 b1 b9 68 e0 09 72 37 ec 46 6d ca bf 9e cb 8e 90 b1 b8 61 a6 46 35 62 44 ce dc d5 0d cf c7 f6 19 9a df f9 f3 32 f9 35 3a ef 81 91 80 d0 e9 a6 c1 ba 91 46 b4 32 89 50 42 27 4e e6 66 62 d9 1c f2 df 0f cb fd fb 2a 30 b4 05 5c 9e 77 e9 95 d0 48 21 8c 13 ec 6e d4 9e 64 7f 2b 86 a0 1c 39 d7 83 e4 6f 6c 99 ef 5d ab ab 27 9d 6e e5 02 3d ba cc c1 72 cc 3d f5 30 cc a7 60 d5 39 f6 31 7f cb 83 53 7c e9 95 e0 57 50 bb 16 d7 76 28 dc 7a 6c 39 e6 f9 Data Ascii: -E{gQ:,;'/lkwnXINp<"Z4:yPD@PM1-w_'2s7p3p;Xa5hr7FmaF5bD25:F2PB'Nfb*0\wH!nd+9ol]'n=r=0`91S\|WPv(zl9
2025-01-06 14:33:11 UTC	16384	IN	Data Raw: f7 0c 53 32 b8 a4 74 fe e8 23 fc 04 8b 8a 21 7d 25 02 43 b3 c0 3c e8 e5 64 05 70 1e f6 4a 23 ad 53 2c f5 03 74 20 6d 42 4f ed f0 97 b1 e8 be 6a 05 0d 91 e0 09 26 89 27 99 5d fc a5 58 1f 7f d6 3e ad 4d e1 c2 b0 31 a0 27 1e e3 d9 28 27 b8 c4 dc 2a c6 15 5d a1 56 b8 61 ac ed fc 0b a0 af 86 c5 b7 f9 eb 97 4b e9 78 34 f6 32 2d a7 09 74 2f 8f 52 ef 33 d0 d3 ec e6 fa ce bd 1f 37 e2 5d 24 20 51 87 85 07 b3 cc ad 35 17 af ec ca 83 ff f4 d2 8f 80 ba 97 8b 89 9c d8 49 6d 01 86 72 d2 99 fe cf 70 bf d4 0b 3d ce 01 d6 cf 26 43 64 26 ea 91 65 1b 6f 11 a9 c3 6c ca f4 53 36 10 67 af e4 0b fc 63 5e 86 29 eb f3 63 6b 52 b5 cd 2c 17 e1 5b ee 4a d0 a4 3c 2d 33 b9 b4 76 48 5e 5b 1d 79 56 32 e1 64 25 03 32 27 6e 08 3e 89 5c a8 9a b7 5f d0 59 71 c5 76 fb 6d 32 7e cf de d9 fa 91 Data Ascii: S2t#!}%C<dpJ#S,t mBOj&']X>M1'('*]VaKx42-t/R37]$ Q5Imrp=&Cd&eolS6gc^)ckR,[J<-3vH^[yV2d%2'n>\_Yqvm2~
2025-01-06 14:33:11 UTC	16384	IN	Data Raw: f5 de 29 0d 0f 7f 66 fb 08 ae 17 3c fd e4 46 6f 9a 2a 48 d6 19 b9 46 90 2a 34 12 1a 15 3d df dc f9 43 80 ea 71 c9 bd a9 b6 16 01 91 d3 29 0e 8c 84 4e 2f 0b 97 8b ea ea 59 b7 7d 62 bc 21 03 72 7a f6 9d b9 7d e1 4b 19 6a 76 a3 48 e4 7c 18 79 7c 9f 44 e1 09 2a e7 f8 65 1d 58 82 30 9c 69 51 b2 b6 f4 2b 9d 98 61 84 77 26 e9 b1 3f 7b 6d f8 c0 68 27 bb d2 49 78 08 48 48 5a 97 a5 ae 9d ab 41 ef 10 86 a3 46 ce ab 48 31 32 4a 97 04 7a d7 e6 53 e6 5d 64 0f 73 7a 6f 35 15 86 2d 8c 06 e6 31 38 96 bb 54 c8 05 f4 22 c4 5d e3 91 d2 08 44 75 18 1c 42 e5 b2 c2 12 1f d0 f0 74 f5 6f 30 5f 9f c5 ce 8e a0 45 11 d9 81 d9 e0 a5 0a 2f d6 3a 56 c6 ef 41 86 db 93 c8 9b e6 94 24 b2 fc 1d dd aa af f1 2c 3f cb f7 ed b7 ec f5 21 41 75 ba 6c 94 04 39 b1 51 4a 67 1a 96 65 57 9a d4 34 88 Data Ascii: )f<FoHF4=Cq)N/Y}b!rz}KjvH\|y\|D*eX0iQ+aw&?{mh'IxHHZAFH12JzS]dszo5-18T"]DuBto0_E/:VA$,?!Aul9QJgeW4
2025-01-06 14:33:11 UTC	16384	IN	Data Raw: 53 87 d0 d2 0d a4 22 3a 4a d8 ee 19 da 6a a9 4b 1a c6 02 cb 81 5c f1 af 5d 9f 8b e4 ff ab 7d 12 c0 7a ba a6 a0 ea 84 70 ef 9d 52 b2 9a 42 af 3f fa 4a 93 b9 31 72 63 18 53 fe df f1 2c 55 ef bf 9e 40 ab b6 7b 0f 6f c7 1e 67 16 03 42 89 f4 46 f4 50 88 20 14 a7 b1 6f 99 7e 68 a1 f6 63 38 b5 42 e7 9d 24 e9 64 d3 ce 45 96 e0 b8 11 cc 18 2a 20 16 91 49 16 59 0f 0c 7e 73 6a 16 53 00 00 66 0d 5c c4 fb a3 8a b2 6a 95 50 88 c9 5a c9 3b 5d cb 16 f0 f6 1c 5a a5 12 d5 8c 9e a8 00 43 72 d2 3b de f9 5e 85 4f 3b b1 d3 a1 a7 64 3a 56 b5 b5 53 3e 93 ca 27 51 8d 99 ed 6e 29 9d 90 05 48 a7 54 ce 59 37 c1 41 aa 91 71 30 14 fd 23 94 c3 8a ea b4 a1 be 10 12 6d d6 b6 08 f0 35 be da 78 69 c9 37 7c 6c f1 b4 62 7f 90 a5 4e 1c fd f4 10 45 02 9e 9b 78 e7 72 a6 d4 34 06 1e 08 d1 45 bc Data Ascii: S":JjK\]}zpRB?J1rcS,U@{ogBFP o~hc8B$dE* IY~sjSf\jPZ;]ZCr;^O;d:VS>'Qn)HTY7Aq0#m5xi7\|lbNExr4E
2025-01-06 14:33:11 UTC	16384	IN	Data Raw: de b6 8a 07 83 c8 94 a0 bc a4 4a 6e 34 f5 39 e2 0b 73 33 54 2a 0b e2 37 da da 1b 25 13 20 1a ed ee 33 7f 1f 3f 88 a4 28 19 cf 48 98 b4 9c dd bb f5 43 e6 9c 26 09 68 a3 08 39 fc f9 ee 03 f8 4b 62 1c 27 d1 67 08 7d 84 cd 90 66 e6 e5 96 e7 3a 32 d6 7e 03 88 92 52 3b 17 92 e9 a3 55 a0 4e 03 5c 2f f4 c1 4a 2b 8f 31 8c ba ac 04 88 e2 61 02 2b a0 2e 42 33 12 1a 84 e9 59 cc cd 8a ac d0 5f e8 53 85 f2 73 64 80 fa 5e 31 6b d6 9f 76 71 88 64 08 08 ca 0d da bd e6 b0 10 56 05 e2 b4 d4 4f 5e c4 9e 42 d6 bf 97 1a e0 f1 57 63 23 d1 43 b9 81 6d 6f 2d 63 5a 8b 36 53 05 39 0c 9f 6e c5 db 11 57 aa 99 c1 d2 e8 57 7c 8b 39 04 de 86 39 e5 15 79 45 be 19 0d e6 be f1 d3 a6 2a 0e 14 ad a0 88 af ac 60 62 45 71 c9 f3 b5 66 0c 45 78 68 c6 4b 6b 70 49 37 3f cc 77 b9 8f 17 e1 a5 1d 5b Data Ascii: Jn49s3T7% 3?(HC&h9Kb'g}f:2~R;UN\/J+1a+.B3Y_Ssd^1kvqdVO^BWc#Cmo-cZ6S9nWW\|99yE`bEqfExhKkpI7?w[
2025-01-06 14:33:11 UTC	16384	IN	Data Raw: 7f 56 82 7d 11 18 9e 75 1e e6 61 f4 a9 55 ff f6 c2 da eb 48 ff e5 da 4d ff e6 0b 0f 29 18 35 1a 96 f3 10 53 ec cb f2 dd c4 1e b5 78 16 8d 78 49 02 15 bc 56 6c cb 2e 3d d2 bd 1b 19 45 05 dd 03 44 2d ec fd 7c 7c 3a c3 2e 0c 34 ee 3a 7f f2 40 fb ed 90 1a a7 fe cd 27 33 3a 21 ae 71 02 ee a7 7c ea af 39 ee 40 62 98 1b 38 01 9d 72 12 c0 29 aa 4e 5d fa bf 3a 23 e4 dc e1 6a f0 ec c6 8a 2e e1 82 d0 aa d8 2c 7b e4 4b 76 34 6a d2 ff a5 e1 69 c2 d7 30 98 29 ec 79 a2 1f 2a 9f 68 b3 d1 ed e3 b7 2d e0 ed 72 ee cf 38 eb a6 ad 54 d7 c4 3a 88 24 8b 58 01 de c1 7a 4d 99 40 c5 42 0f db c4 da fe 35 96 23 cb f4 55 6b 1f 2d cd e9 c3 2f e6 fc d0 2b 3c f7 bd 59 65 4a 4c cc de c7 37 1c 54 a0 e6 12 67 cd 37 5f ee 7d 53 21 a0 3e b3 44 82 aa e6 67 eb bf 76 5c 31 f8 80 9e 61 de 87 7b Data Ascii: V}uaUHM)5SxxIVl.=ED-\|\|:.4:@'3:!q\|9@b8r)N]:#j.,{Kv4ji0)y*h-r8T:$XzM@B5#Uk-/+<YeJL7Tg7_}S!>Dgv\1a{
2025-01-06 14:33:11 UTC	16384	IN	Data Raw: 21 b5 3f 47 b7 70 a8 5e d2 d5 45 95 94 6e b8 eb 89 97 74 90 95 ee 2b ba aa d7 36 12 ab 22 57 81 ad 5b 4e 4d 47 ec 4e fd 5f c4 69 2a fb f6 f6 49 91 6d 0f 6a fb 72 50 fc a9 5d b1 63 41 dc 51 81 5c 9a 2b 6a d5 10 fa 0f 87 69 03 70 01 09 86 08 80 c5 a2 c9 6a bd 17 a9 b2 04 e0 61 a8 7f ab 73 d7 67 6b 37 30 c0 79 0d 93 8e 17 e1 6a 41 22 96 6c 33 d2 7d 67 d5 11 c5 83 c7 70 df f1 d3 23 b8 11 49 cb 02 de 2e bb 69 2c e6 06 4b 72 60 b6 48 bc 18 26 f2 d4 36 d2 d2 0e d6 40 9e 1c 9a df f5 2e 02 1e 21 25 51 80 97 43 c7 bb 7f c4 0c 61 79 8b 7a cf 36 98 9f 5b f0 b7 51 e7 35 8e 25 ca 77 f7 85 41 1b ba 1e 10 78 93 c5 7a 0c 18 88 f3 3b 33 2b ff a9 7f 71 6c 81 01 15 d3 7d 46 7e ed f3 ff 98 59 03 c9 fa 15 af 6f 92 2e 2d 2a ba 83 7b 8f 8a ff 92 81 61 a5 23 5f 45 92 3e 16 cf c9 Data Ascii: !?Gp^Ent+6"W[NMGN_iImjrP]cAQ\+jipjasgk70yjA"l3}gp#I.i,Kr`H&6@.!%QCayz6[Q5%wAxz;3+ql}F~Yo.-{a#_E>
2025-01-06 14:33:11 UTC	16384	IN	Data Raw: 97 81 61 d3 87 67 05 4b b2 ce 93 b7 6f 03 c7 88 fe 3e b8 a5 b5 cb eb 7e c0 1b fa bf 54 9b 81 9a 03 8a cc fb 4a cf a4 e8 f2 f5 20 74 00 6b 75 7e 06 01 04 7d fb 4d 3b 50 1b 8c cb 80 0a 3c 6d c7 ac 66 45 9b 4e a7 b4 58 54 b7 4a f2 85 0b 83 15 4e 58 25 58 6d 49 40 10 58 62 ba e9 17 3f a6 56 aa a9 f3 a7 12 6a 28 d9 30 eb fe d9 60 8b fc 08 c1 e7 5b 29 d8 d4 c5 63 39 01 01 f0 e0 6d 8c b7 70 85 58 79 5c 31 52 51 c0 17 eb d7 2b 39 70 94 d0 a4 46 ea c9 6a 01 fc d6 3d 4d c0 f5 71 65 a3 fe 7c 50 17 33 05 06 eb 5f 2e db e4 eb 13 39 1e 62 15 34 5e ad 9c 52 18 db 5b fd cc 70 6f 37 08 be 58 1a aa 1c 00 00 00 02 09 30 00 00 27 ec 61 e0 82 0c 7f fe d6 a5 50 00 29 46 11 d7 aa f9 b5 78 e2 6e c9 de de 45 a5 86 d5 86 ad 52 a3 1e 14 4b 7f 9e d9 05 90 d5 39 60 cc 9f c7 11 a5 ef Data Ascii: agKo>~TJ tku~}M;P<mfENXTJNX%XmI@Xb?Vj(0`[)c9mpXy\1RQ+9pFj=Mqe\|P3_.9b4^R[po7X0'aP)FxnERK9`
2025-01-06 14:33:11 UTC	16384	IN	Data Raw: da 70 37 01 e3 f9 9f c0 4e 27 4c 6e 54 e5 d8 3b 97 c9 77 56 e6 96 55 8d cb f2 a8 d9 a2 76 d0 9f 1d ba 49 97 db f1 48 a6 be 5c 1c 8d bc 42 cf 99 5a 7b 5a 95 04 68 2d 89 ec 7f c5 6e 26 4a a4 ee 37 5c 00 3c d5 d7 a4 0f 87 76 0f 30 11 b0 40 ac 73 14 95 b8 99 2a 93 b8 dd 70 00 f3 03 22 63 62 df cd 9a 66 c8 c6 11 ba 5f fa db 53 43 63 7d e4 ee 0e 03 e2 c4 62 d4 87 3f ee 8a d3 da d4 a6 1c cc 56 9e d5 dc 6a 43 9f f7 45 69 ed 6a 54 11 a0 b2 82 c6 48 8a 47 d6 ed b5 3f bf 12 51 fb 62 1a 4d a7 1c 08 d0 5b 13 d9 18 c2 37 4b ff 5b 6a 68 6e 21 91 51 e5 f1 3a 63 72 a7 2e c1 dc be 4b ba b7 34 b2 f1 28 33 2f b7 e2 91 4e a4 39 ff 74 56 9e d6 a5 41 1a 06 fb b8 3c 89 e7 9b 9f 79 7b 2e e8 82 5f 1d ba 49 95 bc 10 22 79 e6 a0 1d c1 e4 4f 3c dc fb cb d9 77 44 19 18 50 e3 dc e7 48 Data Ascii: p7N'LnT;wVUvIH\BZ{Zh-n&J7\<v0@s*p"cbf_SCc}b?VjCEijTHG?QbM[7K[jhn!Q:cr.K4(3/N9tVA<y{._I"yO<wDPH

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:10 UTC	624	OUT	GET /marketing-site/static/favicons/favicon-16x16.png HTTP/1.1 Host: cdn.mxpnl.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://cint.securiguard.cc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-06 14:33:10 UTC	869	IN	HTTP/1.1 200 OK X-GUploader-UploadID: AFiumC6CDV_iaxPLMDaPKZc-iWFrONVzkiUOYCYS887z9yPwgNA4ZBnibWhTGTmu-RmZr6j3W8rcnus x-goog-generation: 1733862084267625 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 686 x-goog-hash: crc32c=QHjniA== x-goog-hash: md5=aULXLqKZtc1Rx1LSnVADKw== x-goog-storage-class: MULTI_REGIONAL Access-Control-Allow-Origin: * X-GUploader-Response-Body-Transformations: gunzipped Warning: 214 UploadServer gunzipped Server: UploadServer Date: Wed, 11 Dec 2024 00:58:04 GMT Expires: Thu, 11 Dec 2025 00:58:04 GMT Cache-Control: public, max-age=31536000, immutable Last-Modified: Tue, 10 Dec 2024 20:21:24 GMT ETag: W/"6942d72ea299b5cd51c752d29d50032b" Content-Type: image/png Content-Length: 755 Age: 2295306 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2025-01-06 14:33:10 UTC	521	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 10 00 00 00 10 08 03 00 00 00 28 2d 0f 53 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 96 50 4c 54 45 00 00 00 78 57 ff 78 56 ff 77 56 ff 79 53 ff 79 57 ff 78 56 ff 78 56 ff 55 55 ff 80 40 ff 78 56 ff 78 57 ff 78 56 ff 78 56 ff 66 66 ff 78 57 ff 77 56 ff 78 56 ff 79 57 ff 79 58 ff 7a 57 ff 78 55 ff 80 60 ff 78 56 ff 78 56 ff 77 57 ff 79 56 ff 78 56 ff 71 55 ff 78 56 ff 6d 49 ff 80 55 ff 79 56 ff 78 56 ff 78 56 ff 77 57 ff 77 58 ff 7a 55 ff 78 56 ff 78 56 ff 78 56 ff 00 00 ff 80 80 ff 78 56 ff 78 56 ff 78 56 ff 77 53 ff 77 56 ff 78 56 ff ff ff ff 65 8c b4 13 Data Ascii: PNGIHDR(-SgAMAa cHRMz&u0`:pQ<PLTExWxVwVySyWxVxVUU@xVxWxVxVffxWwVxVyWyXzWxU`xVxVwWyVxVqUxVmIUyVxVxVwWwXzUxVxVxVxVxVxVwSwVxVe
2025-01-06 14:33:10 UTC	234	IN	Data Raw: 3a 63 72 65 61 74 65 00 32 30 32 33 2d 30 33 2d 32 39 54 32 30 3a 32 36 3a 30 34 2b 30 30 3a 30 30 df a6 fa 3a 00 00 00 25 74 45 58 74 64 61 74 65 3a 6d 6f 64 69 66 79 00 32 30 32 33 2d 30 33 2d 32 39 54 32 30 3a 32 36 3a 30 34 2b 30 30 3a 30 30 ae fb 42 86 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 77 77 77 2e 69 6e 6b 73 63 61 70 65 2e 6f 72 67 9b ee 3c 1a 00 00 00 57 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 69 70 74 63 00 00 78 9c e3 f2 0c 08 71 56 28 28 ca 4f cb cc 49 e5 52 00 03 23 0b 2e 63 0b 13 23 13 4b 93 14 03 13 20 44 80 34 c3 64 03 23 b3 54 20 cb d8 d4 c8 c4 cc c4 1c c4 07 cb 80 48 a0 4a 2e 00 ea 17 11 74 f2 42 35 95 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: :create2023-03-29T20:26:04+00:00:%tEXtdate:modify2023-03-29T20:26:04+00:00BtEXtSoftwarewww.inkscape.org<WzTXtRaw profile type iptcxqV((OIR#.c#K D4d#T HJ.tB5IENDB`

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:10 UTC	529	OUT	GET /metrika/tag.js HTTP/1.1 Host: mc.yandex.ru Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://cint.securiguard.cc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-06 14:33:11 UTC	1327	IN	HTTP/1.1 200 OK Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA Accept-Ranges: bytes Access-Control-Allow-Origin: * Cache-Control: max-age=3600 Connection: Close Content-Length: 227261 Content-Type: application/javascript Date: Mon, 06 Jan 2025 14:33:11 GMT ETag: "67655eba-377bd" Expires: Mon, 06 Jan 2025 15:33:11 GMT Last-Modified: Fri, 20 Dec 2024 12:10:34 GMT Set-Cookie: _yasc=BcLonBZFptSH0mm/b0rIcJxguXJXaQ0ti4Jp87gzhj4z7LKQlw8+XGa7ElL1P2E/t6k=; domain=.yandex.ru; path=/; expires=Thu, 04 Jan 2035 14:33:11 GMT; secure Set-Cookie: i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; Expires=Wed, 06-Jan-2027 14:33:11 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None Set-Cookie: yandexuid=1811137491736173991; Expires=Wed, 06-Jan-2027 14:33:11 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None Set-Cookie: yashr=875786891736173991; Path=/; Domain=.yandex.ru; Expires=Tue, 06 Jan 2026 14:33:11 GMT; SameSite=None; Secure; HttpOnly Strict-Transport-Security: max-age=31536000 Timing-Allow-Origin: *
2025-01-06 14:33:11 UTC	7438	IN	Data Raw: ef bb bf 28 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 4c 61 28 62 61 29 7b 76 61 72 20 74 61 3d 30 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 61 3c 62 61 2e 6c 65 6e 67 74 68 3f 7b 64 6f 6e 65 3a 21 31 2c 76 61 6c 75 65 3a 62 61 5b 74 61 2b 2b 5d 7d 3a 7b 64 6f 6e 65 3a 21 30 7d 7d 7d 66 75 6e 63 74 69 6f 6e 20 75 28 62 61 29 7b 76 61 72 20 74 61 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 26 26 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 26 26 62 61 5b 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 5d 3b 69 66 28 74 61 29 72 65 74 75 72 6e 20 74 61 2e 63 61 6c 6c 28 62 61 29 3b 69 66 28 22 6e 75 6d 62 65 72 22 3d 3d 74 79 70 65 6f 66 20 62 61 2e 6c 65 6e 67 74 68 Data Ascii: (function(){function La(ba){var ta=0;return function(){return ta<ba.length?{done:!1,value:ba[ta++]}:{done:!0}}}function u(ba){var ta="undefined"!=typeof Symbol&&Symbol.iterator&&ba[Symbol.iterator];if(ta)return ta.call(ba);if("number"==typeof ba.length
2025-01-06 14:33:11 UTC	8168	IN	Data Raw: 6f 6e 20 57 68 28 61 29 7b 72 65 74 75 72 6e 20 47 28 61 29 26 26 28 31 38 3d 3d 3d 61 5b 30 5d 7c 7c 31 39 3d 3d 3d 61 5b 30 5d 29 7d 66 75 6e 63 74 69 6f 6e 20 71 61 28 61 2c 62 29 7b 69 66 28 4e 28 62 29 7c 7c 22 5b 6f 62 6a 65 63 74 20 4e 75 6d 62 65 72 5d 22 3d 3d 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 74 6f 53 74 72 69 6e 67 2e 63 61 6c 6c 28 62 29 7c 7c 21 21 62 3d 3d 3d 62 7c 7c 59 68 28 62 29 29 72 65 74 75 72 6e 20 59 68 28 62 29 3f 6e 75 6c 6c 3a 62 3b 69 66 28 5a 68 28 62 29 29 7b 76 61 72 20 63 3d 75 28 62 29 3b 63 2e 6e 65 78 74 28 29 3b 63 3d 63 2e 6e 65 78 74 28 29 2e 76 61 6c 75 65 3b 63 3d 24 68 28 61 2c 63 29 3b 69 66 28 21 63 29 74 68 72 6f 77 20 5a 28 22 76 6e 64 22 29 3b 72 65 74 75 72 6e 20 63 2e 76 61 6c 75 65 7d 69 Data Ascii: on Wh(a){return G(a)&&(18===a[0]\|\|19===a[0])}function qa(a,b){if(N(b)\|\|"[object Number]"===Object.prototype.toString.call(b)\|\|!!b===b\|\|Yh(b))return Yh(b)?null:b;if(Zh(b)){var c=u(b);c.next();c=c.next().value;c=$h(a,c);if(!c)throw Z("vnd");return c.value}i
2025-01-06 14:33:11 UTC	8168	IN	Data Raw: 22 29 7c 7c 63 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 61 63 74 69 6f 6e 22 29 7c 7c 63 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 68 72 65 66 22 29 7c 7c 63 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 73 72 63 22 29 7c 7c 63 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 63 6f 64 65 22 29 7c 7c 63 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 63 6f 64 65 62 61 73 65 22 29 7c 7c 22 22 3b 63 3d 7b 65 6c 65 6d 65 6e 74 3a 63 2c 65 6c 65 6d 65 6e 74 43 6c 61 73 73 65 73 3a 61 2c 65 6c 65 6d 65 6e 74 54 65 78 74 3a 64 2c 65 6c 65 6d 65 6e 74 49 64 3a 65 2c 65 6c 65 6d 65 6e 74 55 72 6c 3a 66 2c 72 6a 3a 63 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 66 6f 72 6d 54 61 72 67 65 74 22 29 7c 7c 63 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 74 61 72 67 65 Data Ascii: ")\|\|c.getAttribute("action")\|\|c.getAttribute("href")\|\|c.getAttribute("src")\|\|c.getAttribute("code")\|\|c.getAttribute("codebase")\|\|"";c={element:c,elementClasses:a,elementText:d,elementId:e,elementUrl:f,rj:c.getAttribute("formTarget")\|\|c.getAttribute("targe
2025-01-06 14:33:11 UTC	8168	IN	Data Raw: 62 74 72 65 65 3a 21 30 7d 29 3b 6b 3d 49 28 6c 2e 64 69 73 63 6f 6e 6e 65 63 74 2c 6c 29 7d 7d 29 29 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 6b 26 26 6b 28 29 3b 7a 28 7a 61 2c 67 29 3b 4d 63 28 67 29 3b 4d 63 28 66 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 71 6f 28 61 2c 62 2c 63 2c 64 29 7b 62 3d 64 2e 43 28 22 63 63 22 29 3b 64 3d 46 28 5b 22 63 63 22 2c 22 22 5d 2c 64 2e 44 29 3b 69 66 28 62 29 7b 76 61 72 20 65 3d 75 28 62 2e 73 70 6c 69 74 28 22 26 22 29 29 3b 62 3d 65 2e 6e 65 78 74 28 29 2e 76 61 6c 75 65 3b 28 65 3d 28 65 3d 65 2e 6e 65 78 74 28 29 2e 76 61 6c 75 65 29 26 26 4d 61 28 65 29 29 26 26 31 34 34 30 3c 6e 61 28 61 29 28 74 62 29 2d 65 3f 64 28 29 3a 63 2e 44 28 22 63 63 22 2c 62 29 7d 65 6c 73 65 20 47 61 28 30 29 28 62 29 Data Ascii: btree:!0});k=I(l.disconnect,l)}}));return function(){k&&k();z(za,g);Mc(g);Mc(f)}}function qo(a,b,c,d){b=d.C("cc");d=F(["cc",""],d.D);if(b){var e=u(b.split("&"));b=e.next().value;(e=(e=e.next().value)&&Ma(e))&&1440<na(a)(tb)-e?d():c.D("cc",b)}else Ga(0)(b)
2025-01-06 14:33:11 UTC	8168	IN	Data Raw: 3a 63 2e 53 62 28 65 29 3a 63 2e 70 64 3d 63 2e 70 64 2e 63 6f 6e 63 61 74 28 65 29 7d 3b 74 68 69 73 2e 6c 3d 61 3b 76 61 72 20 64 3d 6d 67 28 61 2c 74 68 69 73 2c 22 52 22 29 3b 74 68 69 73 2e 79 65 3d 64 2e 4a 28 74 68 69 73 2e 79 65 2c 22 73 22 29 3b 74 68 69 73 2e 62 61 3d 64 2e 4a 28 74 68 69 73 2e 62 61 2c 22 73 64 22 29 3b 64 3d 4b 28 61 29 3b 64 2e 43 28 22 77 76 32 65 22 29 26 26 78 65 28 29 3b 64 2e 44 28 22 77 76 32 65 22 2c 21 30 29 3b 74 68 69 73 2e 6f 70 74 69 6f 6e 73 3d 62 3b 74 68 69 73 2e 52 61 3d 6f 61 28 61 29 3b 74 68 69 73 2e 4e 64 3d 6e 65 77 20 76 62 28 74 68 69 73 2e 6c 2c 62 29 3b 74 68 69 73 2e 4d 67 3d 50 6f 28 61 29 3b 74 68 69 73 2e 54 65 3d 45 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 66 3d 75 28 65 29 3b 65 3d 66 Data Ascii: :c.Sb(e):c.pd=c.pd.concat(e)};this.l=a;var d=mg(a,this,"R");this.ye=d.J(this.ye,"s");this.ba=d.J(this.ba,"sd");d=K(a);d.C("wv2e")&&xe();d.D("wv2e",!0);this.options=b;this.Ra=oa(a);this.Nd=new vb(this.l,b);this.Mg=Po(a);this.Te=E(function(e){var f=u(e);e=f
2025-01-06 14:33:11 UTC	8168	IN	Data Raw: 6e 67 74 68 3b 66 6f 72 28 76 61 72 20 74 3d 30 2c 76 3d 32 35 35 2c 4a 3d 32 35 35 2c 50 2c 61 61 2c 57 62 3b 72 3b 29 7b 50 3d 32 31 3c 72 3f 32 31 3a 72 3b 72 2d 3d 50 3b 64 6f 20 61 61 3d 22 73 74 72 69 6e 67 22 3d 3d 3d 74 79 70 65 6f 66 20 6d 3f 6d 2e 63 68 61 72 43 6f 64 65 41 74 28 74 29 3a 6d 5b 74 5d 2c 74 2b 3d 31 2c 32 35 35 3c 61 61 26 26 28 57 62 3d 61 61 3e 3e 38 2c 61 61 26 3d 32 35 35 2c 61 61 5e 3d 57 62 29 2c 76 2b 3d 61 61 2c 4a 2b 3d 76 3b 77 68 69 6c 65 28 2d 2d 50 29 3b 76 3d 28 76 26 32 35 35 29 2b 28 76 3e 3e 38 29 3b 4a 3d 28 4a 26 32 35 35 29 2b 28 4a 3e 3e 38 29 7d 6d 3d 28 76 26 32 35 35 29 2b 28 76 3e 3e 38 29 3c 3c 38 7c 28 4a 26 32 35 35 29 2b 28 4a 3e 3e 38 29 3b 72 65 74 75 72 6e 20 67 28 41 28 7b 7d 2c 68 2c 7b 4e 3a 7b Data Ascii: ngth;for(var t=0,v=255,J=255,P,aa,Wb;r;){P=21<r?21:r;r-=P;do aa="string"===typeof m?m.charCodeAt(t):m[t],t+=1,255<aa&&(Wb=aa>>8,aa&=255,aa^=Wb),v+=aa,J+=v;while(--P);v=(v&255)+(v>>8);J=(J&255)+(J>>8)}m=(v&255)+(v>>8)<<8\|(J&255)+(J>>8);return g(A({},h,{N:{
2025-01-06 14:33:11 UTC	8168	IN	Data Raw: 3d 21 31 3b 74 68 69 73 2e 47 62 3d 7b 7d 3b 74 68 69 73 2e 74 62 3d 7b 22 73 63 68 65 6d 61 2e 6f 72 67 22 3a 22 41 72 74 69 63 6c 65 20 4e 65 77 73 41 72 74 69 63 6c 65 20 4d 6f 76 69 65 20 42 6c 6f 67 50 6f 73 74 69 6e 67 20 52 65 76 69 65 77 20 52 65 63 69 70 65 20 41 6e 73 77 65 72 22 2e 73 70 6c 69 74 28 22 20 22 29 2c 48 66 3a 5b 22 61 72 74 69 63 6c 65 22 5d 7d 3b 76 61 72 20 64 3d 7b 7d 3b 74 68 69 73 2e 47 65 3d 28 64 2e 41 6e 73 77 65 72 3d 33 2c 64 2e 52 65 76 69 65 77 3d 32 2c 64 29 3b 74 68 69 73 2e 61 66 3d 77 28 66 75 6e 63 74 69 6f 6e 28 65 2c 66 2c 67 29 7b 76 61 72 20 68 3d 7b 7d 3b 50 62 28 63 2e 6c 2c 63 2e 77 61 2c 22 70 66 69 22 2c 28 68 2e 66 69 65 6c 64 3d 65 2c 68 2e 69 74 65 6d 46 69 65 6c 64 3d 66 2c 68 2e 76 61 6c 75 65 3d 67 Data Ascii: =!1;this.Gb={};this.tb={"schema.org":"Article NewsArticle Movie BlogPosting Review Recipe Answer".split(" "),Hf:["article"]};var d={};this.Ge=(d.Answer=3,d.Review=2,d);this.af=w(function(e,f,g){var h={};Pb(c.l,c.wa,"pfi",(h.field=e,h.itemField=f,h.value=g
2025-01-06 14:33:11 UTC	8168	IN	Data Raw: 32 3b 63 6f 6e 74 69 6e 75 65 7d 64 5b 65 2b 2b 5d 3d 62 3e 3e 36 7c 31 39 32 7d 65 6c 73 65 7b 69 66 28 35 35 32 39 36 3d 3d 3d 28 62 26 36 34 35 31 32 29 26 26 35 36 33 32 30 3d 3d 3d 28 28 66 3d 63 2e 63 68 61 72 43 6f 64 65 41 74 28 68 2b 31 29 29 26 36 34 35 31 32 29 29 7b 69 66 28 61 29 7b 67 2b 3d 34 3b 63 6f 6e 74 69 6e 75 65 7d 62 3d 36 35 35 33 36 2b 28 28 62 26 31 30 32 33 29 3c 3c 31 30 29 2b 28 66 26 31 30 32 33 29 3b 2b 2b 68 3b 64 5b 65 2b 2b 5d 3d 62 3e 3e 31 38 7c 32 34 30 3b 64 5b 65 2b 2b 5d 3d 62 3e 3e 31 32 26 36 33 7c 31 32 38 7d 65 6c 73 65 7b 69 66 28 61 29 7b 67 2b 3d 33 3b 63 6f 6e 74 69 6e 75 65 7d 64 5b 65 2b 2b 5d 3d 62 3e 3e 31 32 7c 0a 32 32 34 7d 64 5b 65 2b 2b 5d 3d 62 3e 3e 36 26 36 33 7c 31 32 38 7d 64 5b 65 2b 2b 5d 3d Data Ascii: 2;continue}d[e++]=b>>6\|192}else{if(55296===(b&64512)&&56320===((f=c.charCodeAt(h+1))&64512)){if(a){g+=4;continue}b=65536+((b&1023)<<10)+(f&1023);++h;d[e++]=b>>18\|240;d[e++]=b>>12&63\|128}else{if(a){g+=3;continue}d[e++]=b>>12\|224}d[e++]=b>>6&63\|128}d[e++]=
2025-01-06 14:33:11 UTC	8168	IN	Data Raw: 69 64 29 3f 64 3d 21 30 3a 65 3d 22 65 63 6f 6d 70 69 22 7d 50 62 28 63 2c 22 22 2c 65 29 3b 72 65 74 75 72 6e 20 64 7d 66 75 6e 63 74 69 6f 6e 20 5a 64 28 61 2c 62 29 7b 72 65 74 75 72 6e 7b 52 3a 66 75 6e 63 74 69 6f 6e 28 63 2c 64 29 7b 47 67 28 63 29 3f 64 28 29 3a 73 61 28 62 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 65 3d 6e 28 65 2c 22 73 65 74 74 69 6e 67 73 2e 68 69 74 74 6f 6b 65 6e 22 29 29 7b 76 61 72 20 66 3d 7b 7d 3b 65 3d 28 66 2e 68 69 74 74 6f 6b 65 6e 3d 65 2c 66 29 3b 63 2e 48 3d 41 28 63 2e 48 7c 7c 7b 7d 2c 65 29 7d 64 28 29 7d 29 7d 7d 7d 66 75 6e 63 74 69 6f 6e 20 47 6a 28 61 2c 62 2c 0a 63 2c 64 29 7b 69 66 28 62 29 7b 76 61 72 20 65 3d 5b 5d 3b 62 26 26 28 61 2e 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d Data Ascii: id)?d=!0:e="ecompi"}Pb(c,"",e);return d}function Zd(a,b){return{R:function(c,d){Gg(c)?d():sa(b,function(e){if(e=n(e,"settings.hittoken")){var f={};e=(f.hittoken=e,f);c.H=A(c.H\|\|{},e)}d()})}}}function Gj(a,b,c,d){if(b){var e=[];b&&(a.document.documentElem
2025-01-06 14:33:11 UTC	8168	IN	Data Raw: 73 6c 69 63 65 28 2d 32 29 5b 30 5d 3b 53 28 66 29 26 26 28 62 3d 66 2c 63 3d 65 2c 64 3d 61 2e 6c 65 6e 67 74 68 2b 2d 32 29 3b 64 3d 61 2e 73 6c 69 63 65 28 30 2c 64 29 3b 72 65 74 75 72 6e 7b 24 67 3a 63 2c 5a 62 3a 62 2c 4f 3a 31 3d 3d 3d 64 2e 6c 65 6e 67 74 68 3f 61 5b 30 5d 3a 55 65 28 64 29 7d 7d 7d 66 75 6e 63 74 69 6f 6e 20 70 64 28 61 2c 62 2c 63 2c 64 2c 65 29 7b 76 61 72 20 66 3d 46 28 5b 61 2c 64 2c 65 5d 2c 4c 67 29 3b 72 65 74 75 72 6e 20 63 2e 74 68 65 6e 28 66 2c 0a 66 75 6e 63 74 69 6f 6e 28 67 29 7b 66 28 29 3b 67 64 28 61 2c 62 2c 67 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 4d 67 28 61 2c 62 29 7b 72 65 74 75 72 6e 7b 52 3a 66 75 6e 63 74 69 6f 6e 28 63 2c 64 29 7b 76 61 72 20 65 3d 28 63 2e 4d 7c 7c 7b 7d 29 2e 4f 2c 66 3d 76 6f 69 64 Data Ascii: slice(-2)[0];S(f)&&(b=f,c=e,d=a.length+-2);d=a.slice(0,d);return{$g:c,Zb:b,O:1===d.length?a[0]:Ue(d)}}}function pd(a,b,c,d,e){var f=F([a,d,e],Lg);return c.then(f,function(g){f();gd(a,b,g)})}function Mg(a,b){return{R:function(c,d){var e=(c.M\|\|{}).O,f=void

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://gleapis.com/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 100

Chrome Cache Entry: 101

Chrome Cache Entry: 102

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 115

Chrome Cache Entry: 116

Chrome Cache Entry: 117

Chrome Cache Entry: 118

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 121

Windows Analysis Report
http://gleapis.com/

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:11 UTC	611	OUT	GET /app/fr?type=l1&dp1=90942988204&score=9 HTTP/1.1 Host: 7proof.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://cint.securiguard.cc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-06 14:33:11 UTC	296	IN	HTTP/1.1 200 Server: nginx Date: Mon, 06 Jan 2025 14:33:11 GMT Content-Type: application/javascript;charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Pragma: no-cache Cache-Control: no-cache,no-transform Expires: Thu, 01 Jan 1970 00:00:00 GMT
2025-01-06 14:33:11 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:11 UTC	852	OUT	POST /lp/signal/ HTTP/1.1 Host: cint.securiguard.cc Connection: keep-alive Content-Length: 858 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: multipart/form-data; boundary=----WebKitFormBoundary5A91TfeFYLqjIH1b Accept: / Origin: https://cint.securiguard.cc Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty Referer: https://cint.securiguard.cc/?subid=90942988204&cid=9948&tag=dm&dkw=gleapis.com&pid=401776&rhi=aba45205-3ba6-48b5-998c-31ac7f98340e Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24; otid=9948_2025-01-06
2025-01-06 14:33:11 UTC	858	OUT	Data Raw: 2d 2d 2d 2d 2d 2d 57 65 62 4b 69 74 46 6f 72 6d 42 6f 75 6e 64 61 72 79 35 41 39 31 54 66 65 46 59 4c 71 6a 49 48 31 62 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 73 69 67 6e 61 6c 73 22 0d 0a 0d 0a 5b 7b 22 73 6f 75 72 63 65 22 3a 22 62 72 69 64 67 65 5f 70 61 67 65 22 2c 22 6b 65 79 77 6f 72 64 22 3a 22 6c 61 6e 64 69 6e 67 5f 70 61 67 65 22 2c 22 73 69 67 6e 61 6c 5f 74 79 70 65 22 3a 22 62 72 69 64 67 65 5f 6b 65 79 77 6f 72 64 5f 6c 6f 61 64 22 2c 22 76 61 6c 22 3a 22 7b 5c 22 64 65 73 69 67 6e 5f 74 65 73 74 5f 67 72 6f 75 70 5c 22 3a 6e 75 6c 6c 2c 5c 22 64 65 73 69 67 6e 5f 74 65 73 74 5f 69 64 5c 22 3a 6e 75 6c 6c 2c 5c 22 74 65 73 74 5f 67 72 6f 75 70 5c 22 3a 5c 22 41 Data Ascii: ------WebKitFormBoundary5A91TfeFYLqjIH1bContent-Disposition: form-data; name="signals"[{"source":"bridge_page","keyword":"landing_page","signal_type":"bridge_keyword_load","val":"{\"design_test_group\":null,\"design_test_id\":null,\"test_group\":\"A
2025-01-06 14:33:11 UTC	279	IN	HTTP/1.1 200 OK Server: nginx Date: Mon, 06 Jan 2025 14:33:11 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding X-Powered-By: PHP/8.0.30 Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: *
2025-01-06 14:33:11 UTC	12	IN	Data Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a Data Ascii: 2ok0

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:11 UTC	372	OUT	GET /app/fr?type=l1&dp1=90942988204&score=9 HTTP/1.1 Host: 7proof.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-06 14:33:12 UTC	296	IN	HTTP/1.1 200 Server: nginx Date: Mon, 06 Jan 2025 14:33:11 GMT Content-Type: application/javascript;charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Pragma: no-cache Cache-Control: no-cache,no-transform Expires: Thu, 01 Jan 1970 00:00:00 GMT
2025-01-06 14:33:12 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:12 UTC	954	OUT	GET /recaptcha/api2/anchor?ar=1&k=6Ld51YUqAAAAAF57R6gVpjrDh5VVE3j4NqiQyG19&co=aHR0cHM6Ly9jaW50LnNlY3VyaWd1YXJkLmNjOjQ0Mw..&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=skv68msclsz7 HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 X-Client-Data: CIu2yQEIo7bJAQipncoBCNT9ygEIk6HLAQiFoM0BCLnKzQEIidPNAQip1c0BGOmYzQEY642lFw== Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe Referer: https://cint.securiguard.cc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-06 14:33:12 UTC	1161	IN	HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Embedder-Policy: require-corp Report-To: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} Report-To: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Mon, 06 Jan 2025 14:33:12 GMT Content-Security-Policy: script-src 'report-sample' 'nonce-y0UT0ue5huFPkh1q4E4iSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" Server: ESF X-XSS-Protection: 0 X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2025-01-06 14:33:12 UTC	229	IN	Data Raw: 35 37 39 65 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 64 69 72 3d 22 6c 74 72 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 3c 74 69 74 6c 65 3e 72 65 43 41 50 54 43 48 41 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 2f 2a 20 63 79 Data Ascii: 579e<!DOCTYPE HTML><html dir="ltr" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><title>reCAPTCHA</title><style type="text/css">/* cy
2025-01-06 14:33:12 UTC	1390	IN	Data Raw: 72 69 6c 6c 69 63 2d 65 78 74 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 6f 62 6f 74 6f 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 6f 62 6f 74 6f 2f 76 31 38 2f 4b 46 4f 6d 43 6e 71 45 75 39 32 46 72 31 4d 75 37 32 78 4b 4f 7a 59 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 34 36 30 2d 30 35 32 46 2c 20 55 2b 31 43 38 30 2d 31 43 38 41 2c 20 55 2b 32 30 42 34 2c 20 55 2b 32 44 45 30 2d 32 44 46 46 2c 20 55 2b 41 36 34 Data Ascii: rillic-ext */@font-face { font-family: 'Roboto'; font-style: normal; font-weight: 400; src: url(//fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu72xKOzY.woff2) format('woff2'); unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A64
2025-01-06 14:33:12 UTC	1390	IN	Data Raw: 30 41 42 3b 0a 7d 0a 2f 2a 20 6c 61 74 69 6e 2d 65 78 74 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 6f 62 6f 74 6f 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 6f 62 6f 74 6f 2f 76 31 38 2f 4b 46 4f 6d 43 6e 71 45 75 39 32 46 72 31 4d 75 37 47 78 4b 4f 7a 59 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 31 30 30 2d 30 32 42 41 2c 20 55 2b 30 32 42 44 2d 30 32 43 35 2c 20 55 2b 30 32 43 37 2d 30 32 43 43 2c 20 55 2b 30 32 Data Ascii: 0AB;}/* latin-ext */@font-face { font-family: 'Roboto'; font-style: normal; font-weight: 400; src: url(//fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2) format('woff2'); unicode-range: U+0100-02BA, U+02BD-02C5, U+02C7-02CC, U+02
2025-01-06 14:33:12 UTC	1390	IN	Data Raw: 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 35 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 6f 62 6f 74 6f 2f 76 31 38 2f 4b 46 4f 6c 43 6e 71 45 75 39 32 46 72 31 4d 6d 45 55 39 66 43 42 63 34 45 73 41 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 31 46 30 30 2d 31 46 46 46 3b 0a 7d 0a 2f 2a 20 67 72 65 65 6b 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 6f 62 6f 74 6f 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 Data Ascii: font-style: normal; font-weight: 500; src: url(//fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2) format('woff2'); unicode-range: U+1F00-1FFF;}/* greek */@font-face { font-family: 'Roboto'; font-style: normal; font-weight:
2025-01-06 14:33:12 UTC	1390	IN	Data Raw: 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 30 30 30 2d 30 30 46 46 2c 20 55 2b 30 31 33 31 2c 20 55 2b 30 31 35 32 2d 30 31 35 33 2c 20 55 2b 30 32 42 42 2d 30 32 42 43 2c 20 55 2b 30 32 43 36 2c 20 55 2b 30 32 44 41 2c 20 55 2b 30 32 44 43 2c 20 55 2b 30 33 30 34 2c 20 55 2b 30 33 30 38 2c 20 55 2b 30 33 32 39 2c 20 55 2b 32 30 30 30 2d 32 30 36 46 2c 20 55 2b 32 30 41 43 2c 20 55 2b 32 31 32 32 2c 20 55 2b 32 31 39 31 2c 20 55 2b 32 31 39 33 2c 20 55 2b 32 32 31 32 2c 20 55 2b 32 32 31 35 2c 20 55 2b 46 45 46 46 2c 20 55 2b 46 46 46 44 3b 0a 7d 0a 2f 2a 20 63 79 72 69 6c 6c 69 63 2d 65 78 74 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 Data Ascii: ormat('woff2'); unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+0304, U+0308, U+0329, U+2000-206F, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;}/* cyrillic-ext */@font-face { font-family: '
2025-01-06 14:33:12 UTC	1390	IN	Data Raw: 2f 73 2f 72 6f 62 6f 74 6f 2f 76 31 38 2f 4b 46 4f 6c 43 6e 71 45 75 39 32 46 72 31 4d 6d 59 55 74 66 43 78 63 34 45 73 41 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 31 30 32 2d 30 31 30 33 2c 20 55 2b 30 31 31 30 2d 30 31 31 31 2c 20 55 2b 30 31 32 38 2d 30 31 32 39 2c 20 55 2b 30 31 36 38 2d 30 31 36 39 2c 20 55 2b 30 31 41 30 2d 30 31 41 31 2c 20 55 2b 30 31 41 46 2d 30 31 42 30 2c 20 55 2b 30 33 30 30 2d 30 33 30 31 2c 20 55 2b 30 33 30 33 2d 30 33 30 34 2c 20 55 2b 30 33 30 38 2d 30 33 30 39 2c 20 55 2b 30 33 32 33 2c 20 55 2b 30 33 32 39 2c 20 55 2b 31 45 41 30 2d 31 45 46 39 2c 20 55 2b 32 30 41 42 3b 0a 7d 0a 2f 2a 20 6c 61 74 69 6e 2d 65 78 74 20 2a 2f 0a Data Ascii: /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfCxc4EsA.woff2) format('woff2'); unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;}/* latin-ext */
2025-01-06 14:33:12 UTC	1390	IN	Data Raw: 33 75 6a 35 56 70 6b 6e 76 74 5f 4c 6e 66 4e 62 46 2f 72 65 63 61 70 74 63 68 61 5f 5f 65 6e 2e 6a 73 22 20 6e 6f 6e 63 65 3d 22 79 30 55 54 30 75 65 35 68 75 46 50 6b 68 31 71 34 45 34 69 53 41 22 3e 0a 20 20 20 20 20 20 0a 20 20 20 20 3c 2f 73 63 72 69 70 74 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 3c 64 69 76 20 69 64 3d 22 72 63 2d 61 6e 63 68 6f 72 2d 61 6c 65 72 74 22 20 63 6c 61 73 73 3d 22 72 63 2d 61 6e 63 68 6f 72 2d 61 6c 65 72 74 22 3e 3c 2f 64 69 76 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 72 65 63 61 70 74 63 68 61 2d 74 6f 6b 65 6e 22 20 76 61 6c 75 65 3d 22 30 33 41 46 63 57 65 41 36 52 59 75 52 38 48 69 6d 32 43 31 59 33 59 32 43 7a 75 53 66 56 65 48 78 78 6d 6e 36 37 6c 66 57 55 50 48 65 38 68 Data Ascii: 3uj5Vpknvt_LnfNbF/recaptcha__en.js" nonce="y0UT0ue5huFPkh1q4E4iSA"> </script></head><body><div id="rc-anchor-alert" class="rc-anchor-alert"></div><input type="hidden" id="recaptcha-token" value="03AFcWeA6RYuR8Him2C1Y3Y2CzuSfVeHxxmn67lfWUPHe8h
2025-01-06 14:33:12 UTC	1390	IN	Data Raw: 74 5a 64 68 49 56 69 69 4c 6f 6d 68 53 78 55 55 36 77 52 65 32 39 39 77 43 52 5f 4e 32 2d 75 67 57 2d 32 62 56 58 66 6d 42 70 42 42 35 34 33 73 61 6b 37 55 66 35 75 76 6a 45 55 77 58 75 61 39 6b 62 48 64 51 7a 44 6f 64 62 31 53 73 35 50 53 67 34 64 6e 74 61 4a 37 36 46 32 79 63 6c 72 39 32 46 2d 58 45 2d 56 39 79 4c 39 74 4e 45 64 62 54 59 75 37 6a 5a 57 74 76 48 75 35 52 46 5f 78 35 31 68 51 7a 71 6d 67 55 5f 52 79 4b 6c 6b 57 44 66 57 69 31 6b 57 55 31 32 70 4d 38 70 78 51 62 6d 4c 2d 4b 65 6f 56 58 58 61 7a 43 6e 7a 2d 77 48 47 78 77 73 6d 77 37 42 6e 56 5a 47 37 48 6a 6f 38 53 39 4f 37 76 6a 49 74 70 79 38 45 6c 46 36 4f 65 46 54 4a 42 66 36 6d 58 45 6a 58 51 56 7a 77 71 37 4f 70 49 52 44 6a 67 45 58 76 73 4f 57 67 4c 64 6c 38 6c 33 77 31 6c 71 45 62 Data Ascii: tZdhIViiLomhSxUU6wRe299wCR_N2-ugW-2bVXfmBpBB543sak7Uf5uvjEUwXua9kbHdQzDodb1Ss5PSg4dntaJ76F2yclr92F-XE-V9yL9tNEdbTYu7jZWtvHu5RF_x51hQzqmgU_RyKlkWDfWi1kWU12pM8pxQbmL-KeoVXXazCnz-wHGxwsmw7BnVZG7Hjo8S9O7vjItpy8ElF6OeFTJBf6mXEjXQVzwq7OpIRDjgEXvsOWgLdl8l3w1lqEb
2025-01-06 14:33:12 UTC	1390	IN	Data Raw: 5a 6c 56 4b 52 32 64 32 51 54 5a 74 4d 6b 55 30 5a 31 4a 55 57 46 52 4a 56 46 64 36 56 48 68 48 59 54 4e 35 61 58 64 71 55 33 59 32 59 6c 42 69 53 45 56 59 52 30 30 35 63 30 6c 61 54 6d 4a 6e 4c 30 64 69 4d 48 42 48 52 6d 73 76 55 6e 49 78 54 48 68 4f 56 47 4e 74 59 6e 63 34 4e 31 5a 43 61 6a 4e 77 54 6b 5a 51 62 55 70 4a 4d 6b 74 31 63 45 51 33 57 44 6c 31 64 30 4a 5a 62 32 64 6a 53 56 5a 4d 4e 44 5a 79 53 57 30 31 62 58 70 45 4f 45 74 71 55 30 70 76 62 6d 4a 6a 5a 55 5a 5a 62 45 64 4f 4e 6b 6f 32 4b 30 78 57 57 56 64 33 56 32 49 72 4c 33 5a 75 63 47 4a 75 4d 47 45 7a 61 30 31 58 56 6b 52 6d 52 44 4e 34 63 32 73 30 51 54 4d 77 4e 47 39 5a 52 33 4d 33 53 31 4a 56 57 55 51 32 5a 46 4e 43 55 44 6b 30 59 58 41 77 4e 43 38 34 63 6b 6c 4b 55 46 6b 32 54 55 4e Data Ascii: ZlVKR2d2QTZtMkU0Z1JUWFRJVFd6VHhHYTN5aXdqU3Y2YlBiSEVYR005c0laTmJnL0diMHBHRmsvUnIxTHhOVGNtYnc4N1ZCajNwTkZQbUpJMkt1cEQ3WDl1d0JZb2djSVZMNDZySW01bXpEOEtqU0pvbmJjZUZZbEdONko2K0xWWVd3V2IrL3ZucGJuMGEza01XVkRmRDN4c2s0QTMwNG9ZR3M3S1JVWUQ2ZFNCUDk0YXAwNC84cklKUFk2TUN
2025-01-06 14:33:12 UTC	1390	IN	Data Raw: 6f 78 61 57 39 48 5a 7a 46 36 64 45 68 50 55 6a 52 35 5a 6d 52 4e 63 47 55 7a 54 6e 56 77 61 6a 63 78 4e 44 64 58 65 47 39 59 64 33 4e 51 59 6b 78 4a 52 45 4e 56 5a 45 35 6d 52 45 5a 4a 55 55 64 46 55 57 77 78 63 6c 6c 6a 4d 6d 46 44 57 44 64 47 4b 31 6c 4c 64 33 56 4e 52 30 31 78 55 57 64 36 56 58 6f 35 65 6d 78 57 65 6e 55 34 57 6e 4e 55 61 48 51 32 4d 48 6f 32 5a 46 67 31 54 6d 78 6c 59 56 4a 6b 52 47 31 31 4d 48 52 34 64 56 4e 46 65 6d 68 49 61 31 70 54 64 30 4a 61 52 33 67 77 4d 43 39 53 4d 57 34 34 63 48 5a 57 53 6d 52 75 4d 57 5a 78 56 33 6c 4c 62 46 51 33 61 57 4a 50 51 55 74 58 5a 46 70 36 54 43 74 48 56 33 52 4c 55 30 4d 34 63 46 56 46 59 32 74 4f 64 44 52 53 62 33 64 50 55 55 4e 77 63 56 4a 6d 61 33 55 72 5a 56 56 4a 56 7a 55 76 54 46 64 79 65 Data Ascii: oxaW9HZzF6dEhPUjR5ZmRNcGUzTnVwajcxNDdXeG9Yd3NQYkxJRENVZE5mREZJUUdFUWwxclljMmFDWDdGK1lLd3VNR01xUWd6VXo5emxWenU4WnNUaHQ2MHo2ZFg1TmxlYVJkRG11MHR4dVNFemhIa1pTd0JaR3gwMC9SMW44cHZWSmRuMWZxV3lLbFQ3aWJPQUtXZFp6TCtHV3RLU0M4cFVFY2tOdDRSb3dPUUNwcVJma3UrZVVJVzUvTFdye

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:12 UTC	996	OUT	GET /lp/signal/ HTTP/1.1 Host: cint.securiguard.cc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: tst=%7B%2224%22%3A%22A%22%7D; ggr=A; gid=24; otid=9948_2025-01-06; mp_9d1f06337c788fcd584725b02fc2e601_mixpanel=%7B%22distinct_id%22%3A%20%2290942988204%22%2C%22%24device_id%22%3A%20%221943c08b1e71991-0b6d4fd70c7531-26031e51-140000-1943c08b1e71991%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22%24user_id%22%3A%20%2290942988204%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _ym_uid=1736173991612706596; _ym_d=1736173991
2025-01-06 14:33:12 UTC	279	IN	HTTP/1.1 200 OK Server: nginx Date: Mon, 06 Jan 2025 14:33:12 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding X-Powered-By: PHP/8.0.30 Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: *
2025-01-06 14:33:12 UTC	12	IN	Data Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a Data Ascii: 2ok0

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:12 UTC	599	OUT	GET /sync_cookie_image_check HTTP/1.1 Host: mc.yandex.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://cint.securiguard.cc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-06 14:33:13 UTC	527	IN	HTTP/1.1 302 Moved temporarily Connection: Close Date: Mon, 06 Jan 2025 14:33:12 GMT Location: https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10611.kduEsEgOxVk7FXNfiVAPnMAlQcxsiP4dniQbI--eavRVwkUryTVcGYgqCuZP8W7l.TTRPRzfw0j6eZnmSb1WuVNeY7h0%2C Set-Cookie: sync_cookie_csrf=777161843fake; Expires=Mon, 06-Jan-2025 14:43:12 GMT; Domain=.mc.yandex.com; Path=/; SameSite=None; Secure Strict-Transport-Security: max-age=31536000 Transfer-Encoding: chunked X-XSS-Protection: 1; mode=block
2025-01-06 14:33:13 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:12 UTC	594	OUT	GET /metrika/advert.gif HTTP/1.1 Host: mc.yandex.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://cint.securiguard.cc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-06 14:33:13 UTC	1312	IN	HTTP/1.1 200 OK Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA Accept-Ranges: bytes Access-Control-Allow-Origin: * Cache-Control: max-age=3600 Connection: Close Content-Length: 43 Content-Type: image/gif Date: Mon, 06 Jan 2025 14:33:13 GMT ETag: "67655eba-2b" Expires: Mon, 06 Jan 2025 15:33:13 GMT Last-Modified: Fri, 20 Dec 2024 12:10:34 GMT Set-Cookie: _yasc=JORzNOO3HO83uZyHQ1VwfvxcjUoFsn8Z6UAn6NcTmVvjlUoLWGVHxNP/PuzqtVZasx//; domain=.yandex.com; path=/; expires=Thu, 04 Jan 2035 14:33:13 GMT; secure Set-Cookie: i=Ve9WU4vaGSpyKpwcrtzJyKuQj/tAzNawbcSbv8K9HeYfBZVvtypM3tWSb+m8Xp/Gnjj85ebGg7Ul9HK8KTe2E/H9IQY=; Expires=Wed, 06-Jan-2027 14:33:13 GMT; Domain=.yandex.com; Path=/; Secure; HttpOnly; SameSite=None Set-Cookie: yandexuid=7083279531736173993; Expires=Wed, 06-Jan-2027 14:33:13 GMT; Domain=.yandex.com; Path=/; Secure; SameSite=None Set-Cookie: yashr=7427236031736173993; Path=/; Domain=.yandex.com; Expires=Tue, 06 Jan 2026 14:33:13 GMT; SameSite=None; Secure; HttpOnly Strict-Transport-Security: max-age=31536000 Timing-Allow-Origin: *
2025-01-06 14:33:13 UTC	43	IN	Data Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b Data Ascii: GIF89a!,D;

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:13 UTC	705	OUT	GET /metrika/metrika_match.html HTTP/1.1 Host: mc.yandex.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe Referer: https://cint.securiguard.cc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-06 14:33:13 UTC	1316	IN	HTTP/1.1 200 OK Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA Accept-Ranges: bytes Access-Control-Allow-Origin: * Cache-Control: max-age=3600 Connection: Close Content-Length: 5498 Content-Type: text/html Date: Mon, 06 Jan 2025 14:33:13 GMT ETag: "67655eba-157a" Expires: Mon, 06 Jan 2025 15:33:13 GMT Last-Modified: Fri, 20 Dec 2024 12:10:34 GMT Set-Cookie: _yasc=QK2Zq+STw/ivgr2mLWtFLI2DtiMr0BYabsxLyNj5yiFHXAj1FOUhayLuOgK+sxTO53k=; domain=.yandex.com; path=/; expires=Thu, 04 Jan 2035 14:33:13 GMT; secure Set-Cookie: i=3RB/BiK/UXbC3SNBFpDLGrqNdK6swQVliZZRJ7XRLn/n/Qp0Bg+HsB+NEK9BL5B5/LkYZlri8g+e33/yAfEg74ozDHA=; Expires=Wed, 06-Jan-2027 14:33:13 GMT; Domain=.yandex.com; Path=/; Secure; HttpOnly; SameSite=None Set-Cookie: yandexuid=6872833291736173993; Expires=Wed, 06-Jan-2027 14:33:13 GMT; Domain=.yandex.com; Path=/; Secure; SameSite=None Set-Cookie: yashr=3331676721736173993; Path=/; Domain=.yandex.com; Expires=Tue, 06 Jan 2026 14:33:13 GMT; SameSite=None; Secure; HttpOnly Strict-Transport-Security: max-age=31536000 Timing-Allow-Origin: *
2025-01-06 14:33:13 UTC	4567	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta http-equiv="Content-Type" content="text/html;charset=UTF-8"> <meta name="viewp
2025-01-06 14:33:13 UTC	931	IN	Data Raw: 61 6e 64 65 78 5c 2e 28 3f 3a 72 75 7c 62 79 7c 6b 7a 7c 61 7a 7c 6b 67 7c 6c 76 7c 6d 64 7c 74 6a 7c 74 6d 7c 75 7a 7c 65 65 7c 66 72 7c 63 6f 5c 2e 69 6c 7c 63 6f 6d 5c 2e 67 65 7c 63 6f 6d 5c 2e 61 6d 7c 63 6f 6d 5c 2e 74 72 7c 63 6f 6d 29 5c 2f 73 79 6e 63 5f 63 6f 6f 6b 69 65 5f 69 6d 61 67 65 5f 63 68 65 63 6b 24 2f 2c 52 65 67 45 78 70 28 22 5e 68 74 74 70 73 3a 5c 5c 2f 5c 5c 2f 6d 63 5c 5c 2e 79 61 6e 64 65 78 5c 5c 2e 72 75 5c 5c 2f 77 61 74 63 68 5c 5c 2f 32 36 33 30 32 35 36 36 5c 5c 3f 22 29 2c 2f 5e 68 74 74 70 73 3a 5c 2f 5c 2f 61 64 73 74 61 74 2e 79 61 6e 64 65 78 2e 72 75 5c 2f 74 72 61 63 6b 5c 3f 73 65 72 76 69 63 65 3d 6d 65 74 72 69 6b 61 26 69 64 3d 5c 64 2b 2f 2c 2f 5e 68 74 74 70 73 3a 5c 2f 5c 2f 5b 5e 5c 2e 5c 2f 5d 2b 5c 2e 6d Data Ascii: andex\.(?:ru\|by\|kz\|az\|kg\|lv\|md\|tj\|tm\|uz\|ee\|fr\|co\.il\|com\.ge\|com\.am\|com\.tr\|com)\/sync_cookie_image_check$/,RegExp("^https:\\/\\/mc\\.yandex\\.ru\\/watch\\/26302566\\?"),/^https:\/\/adstat.yandex.ru\/track\?service=metrika&id=\d+/,/^https:\/\/[^\.\/]+\.m

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:13 UTC	897	OUT	GET /sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10611.kduEsEgOxVk7FXNfiVAPnMAlQcxsiP4dniQbI--eavRVwkUryTVcGYgqCuZP8W7l.TTRPRzfw0j6eZnmSb1WuVNeY7h0%2C HTTP/1.1 Host: mc.yandex.ru Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://cint.securiguard.cc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: i=EKTiPaCU1QoNdToFZwbuGeUGHRxxH1pvWIdmZGmYUsFWG3lf+kJIE4w8qelOd4+kxuR4hsT9erEqv3vZcmS2UbsIm8M=; yandexuid=1811137491736173991; yashr=875786891736173991
2025-01-06 14:33:14 UTC	673	IN	HTTP/1.1 302 Moved temporarily Connection: Close Date: Mon, 06 Jan 2025 14:33:14 GMT Location: https://mc.yandex.com/sync_cookie_image_decide?token=10611.Av94cAKee37rKHJtGXSiNeXsw2Yp-47kitFqRLiTCnCTCzxhh81B6VSAcYU4beRhDUn2-cgAlw6L3ROf7adLefYnlDBPbpTnk-Pd3OiWlU4JxBaxHrbK7NUEJsMcc8LbGHJZnYU3IZRi_nOIQ1QFDYFsAQ9UHBZKBwzxzOcl3r2NTVSQ6Ql1dCfvwoCiqomUGU3FkP6jmtYaIMLzVw8xrcGH2-8WNH9dlH82Zk2rGvs%2C.bPrCNYRtHf960s2hz1vbjA8ojI8%2C Set-Cookie: sync_cookie_csrf=3547636303fake; Expires=Mon, 06-Jan-2025 14:43:14 GMT; Domain=.mc.yandex.ru; Path=/; SameSite=None; Secure Strict-Transport-Security: max-age=31536000 Transfer-Encoding: chunked X-XSS-Protection: 1; mode=block
2025-01-06 14:33:14 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-06 14:33:14 UTC	1872	OUT	GET /watch/96921485?wmode=7&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22117%22%2C%22Not%3BA%3DBrand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22117%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A117.0.5938.134%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22117.0.5938.134%22%2C%22Not%3BA%3DBrand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22117.0.5938.134%22%0Achm%0A%3F0%0Achp%0AWindows%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1454783664516%3Ahid%3A189034180%3Az%3A-300%3Ai%3A20250106093311%3Aet%3A1736173991%3Ac%3A1%3Arn%3A986580744%3Arqn%3A1%3Au%3A1736173991612706596%3Aw%3A1280x907%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A5850%3Awv%3A2%3Ads%3A17%2C461%2C186%2C52%2C2506%2C0%2C%2C2621%2C18%2C%2C%2C%2C5845%3Aco%3A0%3Acpf%3A1%3Ans%3A1736173983830%3Aadb%3A2%3Ar [TRUNCATED] Host: mc.yandex.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://cint.securiguard.cc Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://cint.securiguard.cc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: sync_cookie_csrf=777161843fake; i=3RB/BiK/UXbC3SNBFpDLGrqNdK6swQVliZZRJ7XRLn/n/Qp0Bg+HsB+NEK9BL5B5/LkYZlri8g+e33/yAfEg74ozDHA=; yandexuid=6872833291736173993; yashr=3331676721736173993
2025-01-06 14:33:14 UTC	2953	IN	HTTP/1.1 302 Moved temporarily Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: https://cint.securiguard.cc Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0 Connection: Close Date: Mon, 06 Jan 2025 14:33:14 GMT Expires: Mon, 06-Jan-2025 14:33:14 GMT Last-Modified: Mon, 06-Jan-2025 14:33:14 GMT Location: /watch/96921485/1?wmode=7&page-url=https%3A%2F%2Fcint.securiguard.cc%2F%3Fsubid%3D90942988204%26cid%3D9948%26tag%3Ddm%26dkw%3Dgleapis.com%26pid%3D401776%26rhi%3Daba45205-3ba6-48b5-998c-31ac7f98340e&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22117%22%2C%22Not%3BA%3DBrand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22117%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A117.0.5938.134%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22117.0.5938.134%22%2C%22Not%3BA%3DBrand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22117.0.5938.134%22%0Achm%0A%3F0%0Achp%0AWindows%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1454783664516%3Ahid%3A189034180%3Az%3A-300%3Ai%3A20250106093311%3Aet%3A1736173991%3Ac%3A1%3Arn%3A986580744%3Arqn%3A1%3Au%3A1736173991612706596%3Aw%3A1280x907%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A5850%3Awv%3A2%3Ads%3A17%2C461%2C186%2C52%2C2506%2C0%2C%2C2621%2C18%2C%2C%2C%2C5845%3Aco%3A0%3Acpf%3A1%3Ans%3A1736173983830%3Aadb [TRUNCATED] Pragma: no-cache Set-Cookie: yabs-sid=2303175631736173994; Path=/; SameSite=None; Secure Set-Cookie: yandexuid=6872833291736173993; Expires=Tue, 06-Jan-2026 14:33:14 GMT; Domain=.yandex.com; Path=/; SameSite=None; Secure Set-Cookie: yuidss=6872833291736173993; Expires=Tue, 06-Jan-2026 14:33:14 GMT; Domain=.yandex.com; Path=/; SameSite=None; Secure Set-Cookie: ymex=1767709994.yrts.1736173994; Expires=Tue, 06-Jan-2026 14:33:14 GMT; Domain=.yandex.com; Path=/; SameSite=None; Secure Set-Cookie: receive-cookie-deprecation=1; Expires=Tue, 06-Jan-2026 14:33:14 GMT; Domain=.yandex.com; Path=/; SameSite=None; Secure; HttpOnly; Partitioned Set-Cookie: bh=Ej4iR29vZ2xlIENocm9tZSI7dj0iMTE3IiwiTm90O0E9QnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTE3IhoFIng4NiIiECIxMTcuMC41OTM4LjEzNCIqAj8wOgkiV2luZG93cyJCCCIxMC4wLjAiSgQiNjQiUlsiR29vZ2xlIENocm9tZSI7dj0iMTE3LjAuNTkzOC4xMzQiLCJOb3Q7QT1CcmFuZCI7dj0iOC4wLjAuMCIsIkNocm9taXVtIjt2PSIxMTcuMC41OTM4LjEzNCIi; Expires=Tue, 06-Jan-2026 14:33:14 GMT; Domain=.yandex.com; Path=/; SameSite=None; Secure Strict-Transport-Security: max-age=31536000 Transfer-Encoding: chunked X-XSS-Protection: 1; mode=block
2025-01-06 14:33:14 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0