Edit tour

Windows Analysis Report
http://www.oneroguereporter.com/gks

Overview

General Information

Sample URL:	http://www.oneroguereporter.com/gks
Analysis ID:	1587042
Infos:

Detection

Score:	52
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected landing page (webpage, office document or email)

AI detected suspicious Javascript

HTML page contains hidden URLs

Detected suspicious crossdomain redirect

HTML body contains low number of good links

HTML body with high number of embedded SVGs detected

HTML page contains hidden javascript code

HTML title does not match URL

No HTML title found

Stores files to the Windows start menu directory

Suricata IDS alerts with low severity for network traffic

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 6856 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 7044 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1924,i,7523114714375834015,5707204102508674468,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 6436 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4104 --field-trial-handle=1924,i,7523114714375834015,5707204102508674468,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 6292 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5508 --field-trial-handle=1924,i,7523114714375834015,5707204102508674468,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 6604 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.oneroguereporter.com/gks" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

cleanup

Suricata Signatures

ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2025-01-09T21:56:23.053562+0100	2022112	1	Exploit Kit Activity Detected	192.168.2.17	50066	172.66.40.143	443	TCP
2025-01-09T21:56:25.544380+0100	2022112	1	Exploit Kit Activity Detected	192.168.2.17	50155	142.250.74.194	443	TCP
2025-01-09T21:56:25.596490+0100	2022112	1	Exploit Kit Activity Detected	192.168.2.17	50156	172.217.16.194	443	TCP
2025-01-09T21:56:25.596805+0100	2022112	1	Exploit Kit Activity Detected	192.168.2.17	50159	172.217.16.194	443	TCP
2025-01-09T21:56:25.700043+0100	2022112	1	Exploit Kit Activity Detected	192.168.2.17	50162	172.217.16.194	443	TCP
2025-01-09T21:56:25.700834+0100	2022112	1	Exploit Kit Activity Detected	192.168.2.17	50163	172.217.16.194	443	TCP
2025-01-09T21:56:25.842552+0100	2022112	1	Exploit Kit Activity Detected	192.168.2.17	50164	172.217.16.194	443	TCP
2025-01-09T21:56:25.989651+0100	2022112	1	Exploit Kit Activity Detected	192.168.2.17	50169	172.217.16.194	443	TCP
2025-01-09T21:56:26.077183+0100	2022112	1	Exploit Kit Activity Detected	192.168.2.17	50178	151.101.195.1	443	TCP
2025-01-09T21:56:26.379583+0100	2022112	1	Exploit Kit Activity Detected	192.168.2.17	50189	142.250.74.194	443	TCP
2025-01-09T21:56:26.381562+0100	2022112	1	Exploit Kit Activity Detected	192.168.2.17	50191	142.250.74.194	443	TCP
2025-01-09T21:56:26.455455+0100	2022112	1	Exploit Kit Activity Detected	192.168.2.17	50197	172.217.16.194	443	TCP
2025-01-09T21:56:26.473068+0100	2022112	1	Exploit Kit Activity Detected	192.168.2.17	50196	172.217.16.194	443	TCP
2025-01-09T21:56:26.573586+0100	2022112	1	Exploit Kit Activity Detected	192.168.2.17	50203	172.217.16.194	443	TCP

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

AI detected landing page (webpage, office document or email)

Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802

Joe Sandbox AI: Page contains button: 'CLICK TO PLAY SOUND' Source: '1.8.pages.csv'

AI detected suspicious Javascript

Source: 0.82.id.script.csv

Joe Sandbox AI: Detected suspicious JavaScript with source url: https://pay.buygoods.com/vault/v1/formframe-checko... This script demonstrates several high-risk behaviors, including dynamic code execution, data exfiltration, and redirects to potentially malicious domains. The use of an iframe to load additional scripts and the obfuscated nature of the code further increase the risk. While the script may have a legitimate purpose, such as implementing a security challenge, the overall behavior is highly suspicious and indicative of a potential attack vector.

HTML page contains hidden URLs

Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5

HTTP Parser: https://visi-sharp.net/upgrade-1

Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: Number of links: 0
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: Number of links: 0

Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802

HTTP Parser: Total embedded SVG size: 158377

HTTP Parser: Base64 decoded: 1736456178.000000

Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802

HTTP Parser: Title: Eyesight Breakthrough does not match URL

HTTP Parser: HTML title missing

Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-53H4JQQ
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: Iframe src: https://visi-sharp.net/pixels/e71ec514527769916ab2b5748eef670b?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802&key=66taBl5rn79UTO5JGFaAqZivQP7PL3UU
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-53H4JQQ
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: Iframe src: https://www.youtube.com/embed/i8Q-3qdT6jk?mute=1&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fvisi-sharp.net&widgetid=1
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: Iframe src: https://visi-sharp.net/pixels/e71ec514527769916ab2b5748eef670b?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802&key=66taBl5rn79UTO5JGFaAqZivQP7PL3UU
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-53H4JQQ
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: Iframe src: https://www.youtube.com/embed/i8Q-3qdT6jk?mute=1&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fvisi-sharp.net&widgetid=1
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: Iframe src: https://visi-sharp.net/pixels/e71ec514527769916ab2b5748eef670b?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802&key=66taBl5rn79UTO5JGFaAqZivQP7PL3UU
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-53H4JQQ
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: Iframe src: https://www.youtube.com/embed/i8Q-3qdT6jk?mute=1&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fvisi-sharp.net&widgetid=1
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: Iframe src: https://visi-sharp.net/pixels/e71ec514527769916ab2b5748eef670b?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802&key=66taBl5rn79UTO5JGFaAqZivQP7PL3UU
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-53H4JQQ
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: Iframe src: https://www.youtube.com/embed/i8Q-3qdT6jk?mute=1&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fvisi-sharp.net&widgetid=1
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: Iframe src: https://visi-sharp.net/pixels/e71ec514527769916ab2b5748eef670b?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802&key=66taBl5rn79UTO5JGFaAqZivQP7PL3UU
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-53H4JQQ
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: Iframe src: https://www.youtube.com/embed/i8Q-3qdT6jk?mute=1&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fvisi-sharp.net&widgetid=1
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: Iframe src: https://visi-sharp.net/pixels/e71ec514527769916ab2b5748eef670b?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802&key=66taBl5rn79UTO5JGFaAqZivQP7PL3UU
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: Iframe src: https://pay.buygoods.com/vault/v1/formframe-checkout?a=6797&s=sessid2025010920547110&lang=en&t=1736456180055
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: Iframe src: https://buygoods.com/affiliates/go/conversion/iframe/bg?a=6797&t=7febff6eb4188829241aea58b12110cf&checkout=1&s=sessid2025010920547110
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: Iframe src: https://buygoods.com/secure/k/logo.php?m=153600&s=sessid2025010920547110
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: Iframe src: https://buygoods.com/secure/checkout/iframe?a=6797&s=sessid2025010920547110
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: Iframe src: https://go.maxweb.com/conversion/iframe?a=6812&token=4df97f99b03e60bc03420f175bd3f509&checkout=1&sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: Iframe src: https://assets.braintreegateway.com/data/logo.htm?m=null&s=9e5a8d4c3b5fdad7146d23b99f3c2d46
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: Iframe src: https://checkout.paypal.com/web/3.97.2/html/dispatch-frame.min.html
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: Iframe src: https://pay.buygoods.com/vault/v1/formframe-checkout?a=6797&s=sessid2025010920547110&lang=en&t=1736456180055
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: Iframe src: https://buygoods.com/affiliates/go/conversion/iframe/bg?a=6797&t=7febff6eb4188829241aea58b12110cf&checkout=1&s=sessid2025010920547110
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: Iframe src: https://buygoods.com/secure/k/logo.php?m=153600&s=sessid2025010920547110
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: Iframe src: https://buygoods.com/secure/checkout/iframe?a=6797&s=sessid2025010920547110
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: Iframe src: https://go.maxweb.com/conversion/iframe?a=6812&token=4df97f99b03e60bc03420f175bd3f509&checkout=1&sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: Iframe src: https://assets.braintreegateway.com/data/logo.htm?m=null&s=9e5a8d4c3b5fdad7146d23b99f3c2d46
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: Iframe src: https://checkout.paypal.com/web/3.97.2/html/dispatch-frame.min.html
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: Iframe src: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: Iframe src: https://www.paypalobjects.com/muse/analytics/index.html#frameId=553c6bb9-a871-4b01-84eb-8a36ef266549&propertyId=8T2VCMX6GD4SG-1&flow=visitor-info&variant=analytics&mrid=8T2VCMX6GD4SG&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info&disableSetCookie=true

Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: No favicon
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: No favicon
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: No favicon
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: No favicon
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: No favicon
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: No favicon
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: No favicon
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: No favicon
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: No favicon
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: No favicon
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: No favicon
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: No favicon

Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: No <meta name="author".. found
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: No <meta name="author".. found
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: No <meta name="author".. found
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: No <meta name="author".. found
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: No <meta name="author".. found
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: No <meta name="author".. found
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: No <meta name="author".. found
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: No <meta name="author".. found
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: No <meta name="author".. found

Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: No <meta name="copyright".. found
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: No <meta name="copyright".. found
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: No <meta name="copyright".. found
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: No <meta name="copyright".. found
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: No <meta name="copyright".. found
Source: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802	HTTP Parser: No <meta name="copyright".. found
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: No <meta name="copyright".. found
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: No <meta name="copyright".. found
Source: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	HTTP traffic: Redirect from: mwebexplorerpro.com to https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid2025010920545836&subid=8802
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	HTTP traffic: Redirect from: mwebexplorerpro.com to https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802

Source: Network traffic	Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.17:50066 -> 172.66.40.143:443
Source: Network traffic	Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.17:50155 -> 142.250.74.194:443
Source: Network traffic	Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.17:50159 -> 172.217.16.194:443
Source: Network traffic	Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.17:50156 -> 172.217.16.194:443
Source: Network traffic	Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.17:50162 -> 172.217.16.194:443
Source: Network traffic	Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.17:50163 -> 172.217.16.194:443
Source: Network traffic	Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.17:50164 -> 172.217.16.194:443
Source: Network traffic	Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.17:50169 -> 172.217.16.194:443
Source: Network traffic	Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.17:50178 -> 151.101.195.1:443
Source: Network traffic	Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.17:50189 -> 142.250.74.194:443
Source: Network traffic	Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.17:50196 -> 172.217.16.194:443
Source: Network traffic	Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.17:50203 -> 172.217.16.194:443
Source: Network traffic	Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.17:50191 -> 142.250.74.194:443
Source: Network traffic	Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.17:50197 -> 172.217.16.194:443

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /gks HTTP/1.1Host: www.oneroguereporter.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6812/8802/2/? HTTP/1.1Host: mwebexplorerpro.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /gks HTTP/1.1Host: www.oneroguereporter.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6812/8802/2/? HTTP/1.1Host: mwebexplorerpro.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuDvnJbjKdBkxKLVBqBrQP8wYzWkbVKEE9vgjXsHRe
Source: global traffic	HTTP traffic detected: GET /report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/app-19.css?id=9cf94c61215466bf367f HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6IlBvcUcvZ0Y3OHBmck00VGhiRnFLQmc9PSIsInZhbHVlIjoidHZwc1FkTC9JVm1McVdtSUhmNklHeUdmU0JDbXNmNkFtQ0JCZythR1RpcUJFNmFWMUtScW5na25QS2R5MWhsb1MycFBVR1pSbUYzZUNGcHZtenRlOGFUdDkvUGRIV3EvazkrSzhmTXZZTS9PREdDaEdIcWdzUENDSlFCNlNWOE5kNU03Q1JIVmM2RlZ5WDNzaThCWTlLZHk5b2dDOFpmaGhKR3JiUzExQSt2VDlsWjFFcXN6UytIV29hODkrOHJ5IiwibWFjIjoiYTBiOTQ4OTg4MjEyZWFmMjlhMWIyZTBjMTI4YjYxOWI1ZDZhMmU1M2E5ZmYxOWU4NTViYjRhOWQ1Y2EzNmI4YiJ9
Source: global traffic	HTTP traffic detected: GET /images/V3.png HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6IlBvcUcvZ0Y3OHBmck00VGhiRnFLQmc9PSIsInZhbHVlIjoidHZwc1FkTC9JVm1McVdtSUhmNklHeUdmU0JDbXNmNkFtQ0JCZythR1RpcUJFNmFWMUtScW5na25QS2R5MWhsb1MycFBVR1pSbUYzZUNGcHZtenRlOGFUdDkvUGRIV3EvazkrSzhmTXZZTS9PREdDaEdIcWdzUENDSlFCNlNWOE5kNU03Q1JIVmM2RlZ5WDNzaThCWTlLZHk5b2dDOFpmaGhKR3JiUzExQSt2VDlsWjFFcXN6UytIV29hODkrOHJ5IiwibWFjIjoiYTBiOTQ4OTg4MjEyZWFmMjlhMWIyZTBjMTI4YjYxOWI1ZDZhMmU1M2E5ZmYxOWU4NTViYjRhOWQ1Y2EzNmI4YiJ9
Source: global traffic	HTTP traffic detected: GET /images/V3.png HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6IlBvcUcvZ0Y3OHBmck00VGhiRnFLQmc9PSIsInZhbHVlIjoidHZwc1FkTC9JVm1McVdtSUhmNklHeUdmU0JDbXNmNkFtQ0JCZythR1RpcUJFNmFWMUtScW5na25QS2R5MWhsb1MycFBVR1pSbUYzZUNGcHZtenRlOGFUdDkvUGRIV3EvazkrSzhmTXZZTS9PREdDaEdIcWdzUENDSlFCNlNWOE5kNU03Q1JIVmM2RlZ5WDNzaThCWTlLZHk5b2dDOFpmaGhKR3JiUzExQSt2VDlsWjFFcXN6UytIV29hODkrOHJ5IiwibWFjIjoiYTBiOTQ4OTg4MjEyZWFmMjlhMWIyZTBjMTI4YjYxOWI1ZDZhMmU1M2E5ZmYxOWU4NTViYjRhOWQ1Y2EzNmI4YiJ9
Source: global traffic	HTTP traffic detected: GET /images/best_value_v2.png HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6IlBvcUcvZ0Y3OHBmck00VGhiRnFLQmc9PSIsInZhbHVlIjoidHZwc1FkTC9JVm1McVdtSUhmNklHeUdmU0JDbXNmNkFtQ0JCZythR1RpcUJFNmFWMUtScW5na25QS2R5MWhsb1MycFBVR1pSbUYzZUNGcHZtenRlOGFUdDkvUGRIV3EvazkrSzhmTXZZTS9PREdDaEdIcWdzUENDSlFCNlNWOE5kNU03Q1JIVmM2RlZ5WDNzaThCWTlLZHk5b2dDOFpmaGhKR3JiUzExQSt2VDlsWjFFcXN6UytIV29hODkrOHJ5IiwibWFjIjoiYTBiOTQ4OTg4MjEyZWFmMjlhMWIyZTBjMTI4YjYxOWI1ZDZhMmU1M2E5ZmYxOWU4NTViYjRhOWQ1Y2EzNmI4YiJ9
Source: global traffic	HTTP traffic detected: GET /j.php?a=791563&u=https%3A%2F%2Fvisi-sharp.net%2Freport%3Faff_id%3D326%26subid2%3D6812_sessid20250109205426977%26subid%3D8802&vn=2.1&x=true HTTP/1.1Host: dev.visualwebsiteoptimizer.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://visi-sharp.netSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://visi-sharp.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6IlBvcUcvZ0Y3OHBmck00VGhiRnFLQmc9PSIsInZhbHVlIjoidHZwc1FkTC9JVm1McVdtSUhmNklHeUdmU0JDbXNmNkFtQ0JCZythR1RpcUJFNmFWMUtScW5na25QS2R5MWhsb1MycFBVR1pSbUYzZUNGcHZtenRlOGFUdDkvUGRIV3EvazkrSzhmTXZZTS9PREdDaEdIcWdzUENDSlFCNlNWOE5kNU03Q1JIVmM2RlZ5WDNzaThCWTlLZHk5b2dDOFpmaGhKR3JiUzExQSt2VDlsWjFFcXN6UytIV29hODkrOHJ5IiwibWFjIjoiYTBiOTQ4OTg4MjEyZWFmMjlhMWIyZTBjMTI4YjYxOWI1ZDZhMmU1M2E5ZmYxOWU4NTViYjRhOWQ1Y2EzNmI4YiJ9
Source: global traffic	HTTP traffic detected: GET /j.php?a=791563&u=https%3A%2F%2Fvisi-sharp.net%2Freport%3Faff_id%3D326%26subid2%3D6812_sessid20250109205426977%26subid%3D8802&vn=2.1&x=true HTTP/1.1Host: dev.visualwebsiteoptimizer.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pixels/e71ec514527769916ab2b5748eef670b?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802&key=66taBl5rn79UTO5JGFaAqZivQP7PL3UU HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6IlBvcUcvZ0Y3OHBmck00VGhiRnFLQmc9PSIsInZhbHVlIjoidHZwc1FkTC9JVm1McVdtSUhmNklHeUdmU0JDbXNmNkFtQ0JCZythR1RpcUJFNmFWMUtScW5na25QS2R5MWhsb1MycFBVR1pSbUYzZUNGcHZtenRlOGFUdDkvUGRIV3EvazkrSzhmTXZZTS9PREdDaEdIcWdzUENDSlFCNlNWOE5kNU03Q1JIVmM2RlZ5WDNzaThCWTlLZHk5b2dDOFpmaGhKR3JiUzExQSt2VDlsWjFFcXN6UytIV29hODkrOHJ5IiwibWFjIjoiYTBiOTQ4OTg4MjEyZWFmMjlhMWIyZTBjMTI4YjYxOWI1ZDZhMmU1M2E5ZmYxOWU4NTViYjRhOWQ1Y2EzNmI4YiJ9
Source: global traffic	HTTP traffic detected: GET /js/app.js?id=11d7149dd52495db050a HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6IlBvcUcvZ0Y3OHBmck00VGhiRnFLQmc9PSIsInZhbHVlIjoidHZwc1FkTC9JVm1McVdtSUhmNklHeUdmU0JDbXNmNkFtQ0JCZythR1RpcUJFNmFWMUtScW5na25QS2R5MWhsb1MycFBVR1pSbUYzZUNGcHZtenRlOGFUdDkvUGRIV3EvazkrSzhmTXZZTS9PREdDaEdIcWdzUENDSlFCNlNWOE5kNU03Q1JIVmM2RlZ5WDNzaThCWTlLZHk5b2dDOFpmaGhKR3JiUzExQSt2VDlsWjFFcXN6UytIV29hODkrOHJ5IiwibWFjIjoiYTBiOTQ4OTg4MjEyZWFmMjlhMWIyZTBjMTI4YjYxOWI1ZDZhMmU1M2E5ZmYxOWU4NTViYjRhOWQ1Y2EzNmI4YiJ9
Source: global traffic	HTTP traffic detected: GET /conversions.js?siteId=567 HTTP/1.1Host: dashboard.heatmap.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://visi-sharp.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/best_value_v2.png HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6IlBvcUcvZ0Y3OHBmck00VGhiRnFLQmc9PSIsInZhbHVlIjoidHZwc1FkTC9JVm1McVdtSUhmNklHeUdmU0JDbXNmNkFtQ0JCZythR1RpcUJFNmFWMUtScW5na25QS2R5MWhsb1MycFBVR1pSbUYzZUNGcHZtenRlOGFUdDkvUGRIV3EvazkrSzhmTXZZTS9PREdDaEdIcWdzUENDSlFCNlNWOE5kNU03Q1JIVmM2RlZ5WDNzaThCWTlLZHk5b2dDOFpmaGhKR3JiUzExQSt2VDlsWjFFcXN6UytIV29hODkrOHJ5IiwibWFjIjoiYTBiOTQ4OTg4MjEyZWFmMjlhMWIyZTBjMTI4YjYxOWI1ZDZhMmU1M2E5ZmYxOWU4NTViYjRhOWQ1Y2EzNmI4YiJ9
Source: global traffic	HTTP traffic detected: GET /images/Delaware.png HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6IlBvcUcvZ0Y3OHBmck00VGhiRnFLQmc9PSIsInZhbHVlIjoidHZwc1FkTC9JVm1McVdtSUhmNklHeUdmU0JDbXNmNkFtQ0JCZythR1RpcUJFNmFWMUtScW5na25QS2R5MWhsb1MycFBVR1pSbUYzZUNGcHZtenRlOGFUdDkvUGRIV3EvazkrSzhmTXZZTS9PREdDaEdIcWdzUENDSlFCNlNWOE5kNU03Q1JIVmM2RlZ5WDNzaThCWTlLZHk5b2dDOFpmaGhKR3JiUzExQSt2VDlsWjFFcXN6UytIV29hODkrOHJ5IiwibWFjIjoiYTBiOTQ4OTg4MjEyZWFmMjlhMWIyZTBjMTI4YjYxOWI1ZDZhMmU1M2E5ZmYxOWU4NTViYjRhOWQ1Y2EzNmI4YiJ9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6IlBvcUcvZ0Y3OHBmck00VGhiRnFLQmc9PSIsInZhbHVlIjoidHZwc1FkTC9JVm1McVdtSUhmNklHeUdmU0JDbXNmNkFtQ0JCZythR1RpcUJFNmFWMUtScW5na25QS2R5MWhsb1MycFBVR1pSbUYzZUNGcHZtenRlOGFUdDkvUGRIV3EvazkrSzhmTXZZTS9PREdDaEdIcWdzUENDSlFCNlNWOE5kNU03Q1JIVmM2RlZ5WDNzaThCWTlLZHk5b2dDOFpmaGhKR3JiUzExQSt2VDlsWjFFcXN6UytIV29hODkrOHJ5IiwibWFjIjoiYTBiOTQ4OTg4MjEyZWFmMjlhMWIyZTBjMTI4YjYxOWI1ZDZhMmU1M2E5ZmYxOWU4NTViYjRhOWQ1Y2EzNmI4YiJ9
Source: global traffic	HTTP traffic detected: GET /images/most_popular_v2.png HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6IlBvcUcvZ0Y3OHBmck00VGhiRnFLQmc9PSIsInZhbHVlIjoidHZwc1FkTC9JVm1McVdtSUhmNklHeUdmU0JDbXNmNkFtQ0JCZythR1RpcUJFNmFWMUtScW5na25QS2R5MWhsb1MycFBVR1pSbUYzZUNGcHZtenRlOGFUdDkvUGRIV3EvazkrSzhmTXZZTS9PREdDaEdIcWdzUENDSlFCNlNWOE5kNU03Q1JIVmM2RlZ5WDNzaThCWTlLZHk5b2dDOFpmaGhKR3JiUzExQSt2VDlsWjFFcXN6UytIV29hODkrOHJ5IiwibWFjIjoiYTBiOTQ4OTg4MjEyZWFmMjlhMWIyZTBjMTI4YjYxOWI1ZDZhMmU1M2E5ZmYxOWU4NTViYjRhOWQ1Y2EzNmI4YiJ9
Source: global traffic	HTTP traffic detected: GET /images/app/buygoods.png HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6IlBvcUcvZ0Y3OHBmck00VGhiRnFLQmc9PSIsInZhbHVlIjoidHZwc1FkTC9JVm1McVdtSUhmNklHeUdmU0JDbXNmNkFtQ0JCZythR1RpcUJFNmFWMUtScW5na25QS2R5MWhsb1MycFBVR1pSbUYzZUNGcHZtenRlOGFUdDkvUGRIV3EvazkrSzhmTXZZTS9PREdDaEdIcWdzUENDSlFCNlNWOE5kNU03Q1JIVmM2RlZ5WDNzaThCWTlLZHk5b2dDOFpmaGhKR3JiUzExQSt2VDlsWjFFcXN6UytIV29hODkrOHJ5IiwibWFjIjoiYTBiOTQ4OTg4MjEyZWFmMjlhMWIyZTBjMTI4YjYxOWI1ZDZhMmU1M2E5ZmYxOWU4NTViYjRhOWQ1Y2EzNmI4YiJ9
Source: global traffic	HTTP traffic detected: GET /images/male/40-60/t-0.jpg HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6IlBvcUcvZ0Y3OHBmck00VGhiRnFLQmc9PSIsInZhbHVlIjoidHZwc1FkTC9JVm1McVdtSUhmNklHeUdmU0JDbXNmNkFtQ0JCZythR1RpcUJFNmFWMUtScW5na25QS2R5MWhsb1MycFBVR1pSbUYzZUNGcHZtenRlOGFUdDkvUGRIV3EvazkrSzhmTXZZTS9PREdDaEdIcWdzUENDSlFCNlNWOE5kNU03Q1JIVmM2RlZ5WDNzaThCWTlLZHk5b2dDOFpmaGhKR3JiUzExQSt2VDlsWjFFcXN6UytIV29hODkrOHJ5IiwibWFjIjoiYTBiOTQ4OTg4MjEyZWFmMjlhMWIyZTBjMTI4YjYxOWI1ZDZhMmU1M2E5ZmYxOWU4NTViYjRhOWQ1Y2EzNmI4YiJ9
Source: global traffic	HTTP traffic detected: GET /event/1YahHTWvLs8kmboN?page=https:%2F%2Fvisi-sharp.net%2Freport%3Faff_id%3D326%26subid2%3D6812_sessid20250109205426977%26subid%3D8802&event=page:load HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /X-XSRF-TOKEN: eyJpdiI6ImdMbDIvQUU0VTZSRzNWSmZjdWxlTUE9PSIsInZhbHVlIjoieHlvRzhmZW1sSlBXWW9TTkQvZC9uMzRDNHZXY0xzdzJyUVNVTGNzQTFtQ1ppQmoxMDVGalBETUROK1pqc1Z5aFU1aXVEVlBmWmp3cDVVeG9mczdDTFA0alA5L0hJVjVyckE1Vm5BMllyc28ySy9SM1ZZV1ltZzRaRFZVdWJlMmUiLCJtYWMiOiIxNzJiYmFlYTQ4ZmYzMzZiZDBlODUwY2QyN2IzZWI5YzNkMjhhODU0ZDc4NzVhMWNiNmRiMjE4NDZhMmM2Y2ZkIn0=sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6ImdMbDIvQUU0VTZSRzNWSmZjdWxlTUE9PSIsInZhbHVlIjoieHlvRzhmZW1sSlBXWW9TTkQvZC9uMzRDNHZXY0xzdzJyUVNVTGNzQTFtQ1ppQmoxMDVGalBETUROK1pqc1Z5aFU1aXVEVlBmWmp3cDVVeG9mczdDTFA0alA5L0hJVjVyckE1Vm5BMllyc28ySy9SM1ZZV1ltZzRaRFZVdWJlMmUiLCJtYWMiOiIxNzJiYmFlYTQ4ZmYzMzZiZDBlODUwY2QyN2IzZWI5YzNkMjhhODU0ZDc4NzVhMWNiNmRiMjE4NDZhMmM2Y2ZkIn0%3D; _=eyJpdiI6IjNHT1RhWG1LWjZwaTZpclJyYmZCb3c9PSIsInZhbHVlIjoiTkJOYmV2bmVoL2JwYWRMb1cyOTZQdDduU2UxaC8yVFNSemVwTGVtbmtFaHhBQTU0d3hJdC9pNzRRQnVRdWNRbnV4TXpuUFl5azY0STJxM2krZFBVUjVDcHhRc01Dckt4aGRaZG85djM4emFKQjB0RnhJdGJIbHptYTRtYng2ZGoiLCJtYWMiOiJmYzQyNzgzMmQyODUzOWUzY2U0OTBmODM5N2ZmN2Y1MTdkYjliYTU2OWQ4NWFmZDMwMmU2ZjAyMWVlNjczYTMwIn0%3D; referrer=eyJpdiI6IkNuSG15TEsxcnNqcVoxZEszdG1vZ0E9PSIsInZhbHVlIjoiUDZRQTIwWldPVUhoWkI3MjRscE9wY1d5OHJEVERUSjNWa0lmdTA1RnZUeVRxSzV4UElZVzRvNmYwc0ZWQkx0cmNCZ0tuS0g1VHhxQnBoM2IrZnc1d1E9PSIsIm1hYyI6IjYyOThmN2ExYjBkNWZlZjlhOGY2NThhOTIxZjY3OTE2ZDc0NTIwYzlmMjEzZGQ5ODNiMGI4MTE0NGUwNzdiOGIifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXh
Source: global traffic	HTTP traffic detected: GET /conversions.js?siteId=567 HTTP/1.1Host: dashboard.heatmap.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/Delaware.png HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6ImdMbDIvQUU0VTZSRzNWSmZjdWxlTUE9PSIsInZhbHVlIjoieHlvRzhmZW1sSlBXWW9TTkQvZC9uMzRDNHZXY0xzdzJyUVNVTGNzQTFtQ1ppQmoxMDVGalBETUROK1pqc1Z5aFU1aXVEVlBmWmp3cDVVeG9mczdDTFA0alA5L0hJVjVyckE1Vm5BMllyc28ySy9SM1ZZV1ltZzRaRFZVdWJlMmUiLCJtYWMiOiIxNzJiYmFlYTQ4ZmYzMzZiZDBlODUwY2QyN2IzZWI5YzNkMjhhODU0ZDc4NzVhMWNiNmRiMjE4NDZhMmM2Y2ZkIn0%3D; _=eyJpdiI6IjNHT1RhWG1LWjZwaTZpclJyYmZCb3c9PSIsInZhbHVlIjoiTkJOYmV2bmVoL2JwYWRMb1cyOTZQdDduU2UxaC8yVFNSemVwTGVtbmtFaHhBQTU0d3hJdC9pNzRRQnVRdWNRbnV4TXpuUFl5azY0STJxM2krZFBVUjVDcHhRc01Dckt4aGRaZG85djM4emFKQjB0RnhJdGJIbHptYTRtYng2ZGoiLCJtYWMiOiJmYzQyNzgzMmQyODUzOWUzY2U0OTBmODM5N2ZmN2Y1MTdkYjliYTU2OWQ4NWFmZDMwMmU2ZjAyMWVlNjczYTMwIn0%3D; referrer=eyJpdiI6IkNuSG15TEsxcnNqcVoxZEszdG1vZ0E9PSIsInZhbHVlIjoiUDZRQTIwWldPVUhoWkI3MjRscE9wY1d5OHJEVERUSjNWa0lmdTA1RnZUeVRxSzV4UElZVzRvNmYwc0ZWQkx0cmNCZ0tuS0g1VHhxQnBoM2IrZnc1d1E9PSIsIm1hYyI6IjYyOThmN2ExYjBkNWZlZjlhOGY2NThhOTIxZjY3OTE2ZDc0NTIwYzlmMjEzZGQ5ODNiMGI4MTE0NGUwNzdiOGIifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D
Source: global traffic	HTTP traffic detected: GET /images/app/buygoods.png HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6ImdMbDIvQUU0VTZSRzNWSmZjdWxlTUE9PSIsInZhbHVlIjoieHlvRzhmZW1sSlBXWW9TTkQvZC9uMzRDNHZXY0xzdzJyUVNVTGNzQTFtQ1ppQmoxMDVGalBETUROK1pqc1Z5aFU1aXVEVlBmWmp3cDVVeG9mczdDTFA0alA5L0hJVjVyckE1Vm5BMllyc28ySy9SM1ZZV1ltZzRaRFZVdWJlMmUiLCJtYWMiOiIxNzJiYmFlYTQ4ZmYzMzZiZDBlODUwY2QyN2IzZWI5YzNkMjhhODU0ZDc4NzVhMWNiNmRiMjE4NDZhMmM2Y2ZkIn0%3D; _=eyJpdiI6IjNHT1RhWG1LWjZwaTZpclJyYmZCb3c9PSIsInZhbHVlIjoiTkJOYmV2bmVoL2JwYWRMb1cyOTZQdDduU2UxaC8yVFNSemVwTGVtbmtFaHhBQTU0d3hJdC9pNzRRQnVRdWNRbnV4TXpuUFl5azY0STJxM2krZFBVUjVDcHhRc01Dckt4aGRaZG85djM4emFKQjB0RnhJdGJIbHptYTRtYng2ZGoiLCJtYWMiOiJmYzQyNzgzMmQyODUzOWUzY2U0OTBmODM5N2ZmN2Y1MTdkYjliYTU2OWQ4NWFmZDMwMmU2ZjAyMWVlNjczYTMwIn0%3D; referrer=eyJpdiI6IkNuSG15TEsxcnNqcVoxZEszdG1vZ0E9PSIsInZhbHVlIjoiUDZRQTIwWldPVUhoWkI3MjRscE9wY1d5OHJEVERUSjNWa0lmdTA1RnZUeVRxSzV4UElZVzRvNmYwc0ZWQkx0cmNCZ0tuS0g1VHhxQnBoM2IrZnc1d1E9PSIsIm1hYyI6IjYyOThmN2ExYjBkNWZlZjlhOGY2NThhOTIxZjY3OTE2ZDc0NTIwYzlmMjEzZGQ5ODNiMGI4MTE0NGUwNzdiOGIifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D
Source: global traffic	HTTP traffic detected: GET /images/female/40-60/t-1.jpg HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6IlBvcUcvZ0Y3OHBmck00VGhiRnFLQmc9PSIsInZhbHVlIjoidHZwc1FkTC9JVm1McVdtSUhmNklHeUdmU0JDbXNmNkFtQ0JCZythR1RpcUJFNmFWMUtScW5na25QS2R5MWhsb1MycFBVR1pSbUYzZUNGcHZtenRlOGFUdDkvUGRIV3EvazkrSzhmTXZZTS9PREdDaEdIcWdzUENDSlFCNlNWOE5kNU03Q1JIVmM2RlZ5WDNzaThCWTlLZHk5b2dDOFpmaGhKR3JiUzExQSt2VDlsWjFFcXN6UytIV29hODkrOHJ5IiwibWFjIjoiYTBiOTQ4OTg4MjEyZWFmMjlhMWIyZTBjMTI4YjYxOWI1ZDZhMmU1M2E5ZmYxOWU4NTViYjRhOWQ1Y2EzNmI4YiJ9
Source: global traffic	HTTP traffic detected: GET /images/male/30-40/t-2.jpg HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6ImdMbDIvQUU0VTZSRzNWSmZjdWxlTUE9PSIsInZhbHVlIjoieHlvRzhmZW1sSlBXWW9TTkQvZC9uMzRDNHZXY0xzdzJyUVNVTGNzQTFtQ1ppQmoxMDVGalBETUROK1pqc1Z5aFU1aXVEVlBmWmp3cDVVeG9mczdDTFA0alA5L0hJVjVyckE1Vm5BMllyc28ySy9SM1ZZV1ltZzRaRFZVdWJlMmUiLCJtYWMiOiIxNzJiYmFlYTQ4ZmYzMzZiZDBlODUwY2QyN2IzZWI5YzNkMjhhODU0ZDc4NzVhMWNiNmRiMjE4NDZhMmM2Y2ZkIn0%3D; _=eyJpdiI6IjNHT1RhWG1LWjZwaTZpclJyYmZCb3c9PSIsInZhbHVlIjoiTkJOYmV2bmVoL2JwYWRMb1cyOTZQdDduU2UxaC8yVFNSemVwTGVtbmtFaHhBQTU0d3hJdC9pNzRRQnVRdWNRbnV4TXpuUFl5azY0STJxM2krZFBVUjVDcHhRc01Dckt4aGRaZG85djM4emFKQjB0RnhJdGJIbHptYTRtYng2ZGoiLCJtYWMiOiJmYzQyNzgzMmQyODUzOWUzY2U0OTBmODM5N2ZmN2Y1MTdkYjliYTU2OWQ4NWFmZDMwMmU2ZjAyMWVlNjczYTMwIn0%3D; referrer=eyJpdiI6IkNuSG15TEsxcnNqcVoxZEszdG1vZ0E9PSIsInZhbHVlIjoiUDZRQTIwWldPVUhoWkI3MjRscE9wY1d5OHJEVERUSjNWa0lmdTA1RnZUeVRxSzV4UElZVzRvNmYwc0ZWQkx0cmNCZ0tuS0g1VHhxQnBoM2IrZnc1d1E9PSIsIm1hYyI6IjYyOThmN2ExYjBkNWZlZjlhOGY2NThhOTIxZjY3OTE2ZDc0NTIwYzlmMjEzZGQ5ODNiMGI4MTE0NGUwNzdiOGIifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D
Source: global traffic	HTTP traffic detected: GET /images/most_popular_v2.png HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6ImdMbDIvQUU0VTZSRzNWSmZjdWxlTUE9PSIsInZhbHVlIjoieHlvRzhmZW1sSlBXWW9TTkQvZC9uMzRDNHZXY0xzdzJyUVNVTGNzQTFtQ1ppQmoxMDVGalBETUROK1pqc1Z5aFU1aXVEVlBmWmp3cDVVeG9mczdDTFA0alA5L0hJVjVyckE1Vm5BMllyc28ySy9SM1ZZV1ltZzRaRFZVdWJlMmUiLCJtYWMiOiIxNzJiYmFlYTQ4ZmYzMzZiZDBlODUwY2QyN2IzZWI5YzNkMjhhODU0ZDc4NzVhMWNiNmRiMjE4NDZhMmM2Y2ZkIn0%3D; _=eyJpdiI6IjNHT1RhWG1LWjZwaTZpclJyYmZCb3c9PSIsInZhbHVlIjoiTkJOYmV2bmVoL2JwYWRMb1cyOTZQdDduU2UxaC8yVFNSemVwTGVtbmtFaHhBQTU0d3hJdC9pNzRRQnVRdWNRbnV4TXpuUFl5azY0STJxM2krZFBVUjVDcHhRc01Dckt4aGRaZG85djM4emFKQjB0RnhJdGJIbHptYTRtYng2ZGoiLCJtYWMiOiJmYzQyNzgzMmQyODUzOWUzY2U0OTBmODM5N2ZmN2Y1MTdkYjliYTU2OWQ4NWFmZDMwMmU2ZjAyMWVlNjczYTMwIn0%3D; referrer=eyJpdiI6IkNuSG15TEsxcnNqcVoxZEszdG1vZ0E9PSIsInZhbHVlIjoiUDZRQTIwWldPVUhoWkI3MjRscE9wY1d5OHJEVERUSjNWa0lmdTA1RnZUeVRxSzV4UElZVzRvNmYwc0ZWQkx0cmNCZ0tuS0g1VHhxQnBoM2IrZnc1d1E9PSIsIm1hYyI6IjYyOThmN2ExYjBkNWZlZjlhOGY2NThhOTIxZjY3OTE2ZDc0NTIwYzlmMjEzZGQ5ODNiMGI4MTE0NGUwNzdiOGIifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D
Source: global traffic	HTTP traffic detected: GET /images/female/30-40/t-3.jpg HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6ImdMbDIvQUU0VTZSRzNWSmZjdWxlTUE9PSIsInZhbHVlIjoieHlvRzhmZW1sSlBXWW9TTkQvZC9uMzRDNHZXY0xzdzJyUVNVTGNzQTFtQ1ppQmoxMDVGalBETUROK1pqc1Z5aFU1aXVEVlBmWmp3cDVVeG9mczdDTFA0alA5L0hJVjVyckE1Vm5BMllyc28ySy9SM1ZZV1ltZzRaRFZVdWJlMmUiLCJtYWMiOiIxNzJiYmFlYTQ4ZmYzMzZiZDBlODUwY2QyN2IzZWI5YzNkMjhhODU0ZDc4NzVhMWNiNmRiMjE4NDZhMmM2Y2ZkIn0%3D; _=eyJpdiI6IjNHT1RhWG1LWjZwaTZpclJyYmZCb3c9PSIsInZhbHVlIjoiTkJOYmV2bmVoL2JwYWRMb1cyOTZQdDduU2UxaC8yVFNSemVwTGVtbmtFaHhBQTU0d3hJdC9pNzRRQnVRdWNRbnV4TXpuUFl5azY0STJxM2krZFBVUjVDcHhRc01Dckt4aGRaZG85djM4emFKQjB0RnhJdGJIbHptYTRtYng2ZGoiLCJtYWMiOiJmYzQyNzgzMmQyODUzOWUzY2U0OTBmODM5N2ZmN2Y1MTdkYjliYTU2OWQ4NWFmZDMwMmU2ZjAyMWVlNjczYTMwIn0%3D; referrer=eyJpdiI6IkNuSG15TEsxcnNqcVoxZEszdG1vZ0E9PSIsInZhbHVlIjoiUDZRQTIwWldPVUhoWkI3MjRscE9wY1d5OHJEVERUSjNWa0lmdTA1RnZUeVRxSzV4UElZVzRvNmYwc0ZWQkx0cmNCZ0tuS0g1VHhxQnBoM2IrZnc1d1E9PSIsIm1hYyI6IjYyOThmN2ExYjBkNWZlZjlhOGY2NThhOTIxZjY3OTE2ZDc0NTIwYzlmMjEzZGQ5ODNiMGI4MTE0NGUwNzdiOGIifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D
Source: global traffic	HTTP traffic detected: GET /images/male/40-60/t-4.jpg HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6ImdMbDIvQUU0VTZSRzNWSmZjdWxlTUE9PSIsInZhbHVlIjoieHlvRzhmZW1sSlBXWW9TTkQvZC9uMzRDNHZXY0xzdzJyUVNVTGNzQTFtQ1ppQmoxMDVGalBETUROK1pqc1Z5aFU1aXVEVlBmWmp3cDVVeG9mczdDTFA0alA5L0hJVjVyckE1Vm5BMllyc28ySy9SM1ZZV1ltZzRaRFZVdWJlMmUiLCJtYWMiOiIxNzJiYmFlYTQ4ZmYzMzZiZDBlODUwY2QyN2IzZWI5YzNkMjhhODU0ZDc4NzVhMWNiNmRiMjE4NDZhMmM2Y2ZkIn0%3D; _=eyJpdiI6IjNHT1RhWG1LWjZwaTZpclJyYmZCb3c9PSIsInZhbHVlIjoiTkJOYmV2bmVoL2JwYWRMb1cyOTZQdDduU2UxaC8yVFNSemVwTGVtbmtFaHhBQTU0d3hJdC9pNzRRQnVRdWNRbnV4TXpuUFl5azY0STJxM2krZFBVUjVDcHhRc01Dckt4aGRaZG85djM4emFKQjB0RnhJdGJIbHptYTRtYng2ZGoiLCJtYWMiOiJmYzQyNzgzMmQyODUzOWUzY2U0OTBmODM5N2ZmN2Y1MTdkYjliYTU2OWQ4NWFmZDMwMmU2ZjAyMWVlNjczYTMwIn0%3D; referrer=eyJpdiI6IkNuSG15TEsxcnNqcVoxZEszdG1vZ0E9PSIsInZhbHVlIjoiUDZRQTIwWldPVUhoWkI3MjRscE9wY1d5OHJEVERUSjNWa0lmdTA1RnZUeVRxSzV4UElZVzRvNmYwc0ZWQkx0cmNCZ0tuS0g1VHhxQnBoM2IrZnc1d1E9PSIsIm1hYyI6IjYyOThmN2ExYjBkNWZlZjlhOGY2NThhOTIxZjY3OTE2ZDc0NTIwYzlmMjEzZGQ5ODNiMGI4MTE0NGUwNzdiOGIifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D
Source: global traffic	HTTP traffic detected: GET /js/app.js?id=11d7149dd52495db050a HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6ImdMbDIvQUU0VTZSRzNWSmZjdWxlTUE9PSIsInZhbHVlIjoieHlvRzhmZW1sSlBXWW9TTkQvZC9uMzRDNHZXY0xzdzJyUVNVTGNzQTFtQ1ppQmoxMDVGalBETUROK1pqc1Z5aFU1aXVEVlBmWmp3cDVVeG9mczdDTFA0alA5L0hJVjVyckE1Vm5BMllyc28ySy9SM1ZZV1ltZzRaRFZVdWJlMmUiLCJtYWMiOiIxNzJiYmFlYTQ4ZmYzMzZiZDBlODUwY2QyN2IzZWI5YzNkMjhhODU0ZDc4NzVhMWNiNmRiMjE4NDZhMmM2Y2ZkIn0%3D; _=eyJpdiI6IjNHT1RhWG1LWjZwaTZpclJyYmZCb3c9PSIsInZhbHVlIjoiTkJOYmV2bmVoL2JwYWRMb1cyOTZQdDduU2UxaC8yVFNSemVwTGVtbmtFaHhBQTU0d3hJdC9pNzRRQnVRdWNRbnV4TXpuUFl5azY0STJxM2krZFBVUjVDcHhRc01Dckt4aGRaZG85djM4emFKQjB0RnhJdGJIbHptYTRtYng2ZGoiLCJtYWMiOiJmYzQyNzgzMmQyODUzOWUzY2U0OTBmODM5N2ZmN2Y1MTdkYjliYTU2OWQ4NWFmZDMwMmU2ZjAyMWVlNjczYTMwIn0%3D; referrer=eyJpdiI6IkNuSG15TEsxcnNqcVoxZEszdG1vZ0E9PSIsInZhbHVlIjoiUDZRQTIwWldPVUhoWkI3MjRscE9wY1d5OHJEVERUSjNWa0lmdTA1RnZUeVRxSzV4UElZVzRvNmYwc0ZWQkx0cmNCZ0tuS0g1VHhxQnBoM2IrZnc1d1E9PSIsIm1hYyI6IjYyOThmN2ExYjBkNWZlZjlhOGY2NThhOTIxZjY3OTE2ZDc0NTIwYzlmMjEzZGQ5ODNiMGI4MTE0NGUwNzdiOGIifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D
Source: global traffic	HTTP traffic detected: GET /images/male/40-60/t-5.jpg HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6ImdMbDIvQUU0VTZSRzNWSmZjdWxlTUE9PSIsInZhbHVlIjoieHlvRzhmZW1sSlBXWW9TTkQvZC9uMzRDNHZXY0xzdzJyUVNVTGNzQTFtQ1ppQmoxMDVGalBETUROK1pqc1Z5aFU1aXVEVlBmWmp3cDVVeG9mczdDTFA0alA5L0hJVjVyckE1Vm5BMllyc28ySy9SM1ZZV1ltZzRaRFZVdWJlMmUiLCJtYWMiOiIxNzJiYmFlYTQ4ZmYzMzZiZDBlODUwY2QyN2IzZWI5YzNkMjhhODU0ZDc4NzVhMWNiNmRiMjE4NDZhMmM2Y2ZkIn0%3D; _=eyJpdiI6IjNHT1RhWG1LWjZwaTZpclJyYmZCb3c9PSIsInZhbHVlIjoiTkJOYmV2bmVoL2JwYWRMb1cyOTZQdDduU2UxaC8yVFNSemVwTGVtbmtFaHhBQTU0d3hJdC9pNzRRQnVRdWNRbnV4TXpuUFl5azY0STJxM2krZFBVUjVDcHhRc01Dckt4aGRaZG85djM4emFKQjB0RnhJdGJIbHptYTRtYng2ZGoiLCJtYWMiOiJmYzQyNzgzMmQyODUzOWUzY2U0OTBmODM5N2ZmN2Y1MTdkYjliYTU2OWQ4NWFmZDMwMmU2ZjAyMWVlNjczYTMwIn0%3D; referrer=eyJpdiI6IkNuSG15TEsxcnNqcVoxZEszdG1vZ0E9PSIsInZhbHVlIjoiUDZRQTIwWldPVUhoWkI3MjRscE9wY1d5OHJEVERUSjNWa0lmdTA1RnZUeVRxSzV4UElZVzRvNmYwc0ZWQkx0cmNCZ0tuS0g1VHhxQnBoM2IrZnc1d1E9PSIsIm1hYyI6IjYyOThmN2ExYjBkNWZlZjlhOGY2NThhOTIxZjY3OTE2ZDc0NTIwYzlmMjEzZGQ5ODNiMGI4MTE0NGUwNzdiOGIifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D
Source: global traffic	HTTP traffic detected: GET /images/male/40-60/t-0.jpg HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6ImdMbDIvQUU0VTZSRzNWSmZjdWxlTUE9PSIsInZhbHVlIjoieHlvRzhmZW1sSlBXWW9TTkQvZC9uMzRDNHZXY0xzdzJyUVNVTGNzQTFtQ1ppQmoxMDVGalBETUROK1pqc1Z5aFU1aXVEVlBmWmp3cDVVeG9mczdDTFA0alA5L0hJVjVyckE1Vm5BMllyc28ySy9SM1ZZV1ltZzRaRFZVdWJlMmUiLCJtYWMiOiIxNzJiYmFlYTQ4ZmYzMzZiZDBlODUwY2QyN2IzZWI5YzNkMjhhODU0ZDc4NzVhMWNiNmRiMjE4NDZhMmM2Y2ZkIn0%3D; _=eyJpdiI6IjNHT1RhWG1LWjZwaTZpclJyYmZCb3c9PSIsInZhbHVlIjoiTkJOYmV2bmVoL2JwYWRMb1cyOTZQdDduU2UxaC8yVFNSemVwTGVtbmtFaHhBQTU0d3hJdC9pNzRRQnVRdWNRbnV4TXpuUFl5azY0STJxM2krZFBVUjVDcHhRc01Dckt4aGRaZG85djM4emFKQjB0RnhJdGJIbHptYTRtYng2ZGoiLCJtYWMiOiJmYzQyNzgzMmQyODUzOWUzY2U0OTBmODM5N2ZmN2Y1MTdkYjliYTU2OWQ4NWFmZDMwMmU2ZjAyMWVlNjczYTMwIn0%3D; referrer=eyJpdiI6IkNuSG15TEsxcnNqcVoxZEszdG1vZ0E9PSIsInZhbHVlIjoiUDZRQTIwWldPVUhoWkI3MjRscE9wY1d5OHJEVERUSjNWa0lmdTA1RnZUeVRxSzV4UElZVzRvNmYwc0ZWQkx0cmNCZ0tuS0g1VHhxQnBoM2IrZnc1d1E9PSIsIm1hYyI6IjYyOThmN2ExYjBkNWZlZjlhOGY2NThhOTIxZjY3OTE2ZDc0NTIwYzlmMjEzZGQ5ODNiMGI4MTE0NGUwNzdiOGIifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN
Source: global traffic	HTTP traffic detected: GET /event/1YahHTWvLs8kmboN?page=https:%2F%2Fvisi-sharp.net%2Freport%3Faff_id%3D326%26subid2%3D6812_sessid20250109205426977%26subid%3D8802&event=page:load HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6IitWM0Z6bjVKL1l4enk3Mlg3ZjlLTEE9PSIsInZhbHVlIjoiVzMyVWwxdmdTU2NMcmlLblozemxETWRoUDNNcTJaNktjL1Y2K3ZnVHFIbTR6Q0lYVmZZdHF0bkJENVFwTmNTZFF0UStyamNUVHV1ZkNxQ21mVkJKRUpjMlJWQ1JtRFU4ZDdFMFUrMVpXeUlwMVJiQmpLZnA0Vzh6cDZWaFU1T2wiLCJtYWMiOiI2YzEwN2E2Y2I1MzFiMTViYmU3ZTM3M2Q0NjZkOGY1YzE2ZTllMzA4ZDdiYWNmNmVmY2E2Yzc1ZjVkZGI3ZGJiIn0%3D; _=eyJpdiI6IkY3UHNXa0kwSytkSGpoRlZwL090ZVE9PSIsInZhbHVlIjoib29JalVoZUJjbUU3WmtwL1ByZElidi9NYlhMK1FtalZRU255dXJ5VDhpMHRTVGFHT0UxQXFNQWZ1NWRVNGFUVjZncWVzdWNjcy9WajQ3YjRLdHU4ZjRtdGY5U0pNTTF1WHVaMGJQQlBZOUd2SVBHWVlobzdCb1YvVzJKOXlNbGsiLCJtYWMiOiIxMzFhNjIyMTdlNGE4NTRjZjkxNGIzOWZmMmViNjM4M2FjZmVmYTUzOGM5ODc0YmZkNmFiMzQ3MmZiZDBhMjM5In0%3D; referrer=eyJpdiI6IlVPOHFaWEV0cFlGSVJ5TU5Hd3h0Smc9PSIsInZhbHVlIjoiRURjQTFXcWNJRGJoWkVXS3MrR3NkQ0hXSnR0TDZYQVJLcXJYckZ1bGUrSUNoOW5JN1dKYjI5K0JtT2l3VTdRU1VWMkN1aGllUFBkcVZaOXN3WHJQaDB6M0hUWWMrZEdTL2pJUjhJcXYvVUpyNWd4OUxQbzdHV01iNXkvYmk3cDVKZnNqWTFacWp1dUwrSVNaRDR3ZXlpUHpqQmhUWnFCZXZhYzNRUldDSkI2SmRGbmpWWFcyWkE1OCtqeUxncENFIiwibWFjIjoiNjk1ZjE3YjVkYzE4ODIwODUxMmFjYzA3MTk3YmQ0ZGVjYWEzZGU0NjExMmU1ZmU3ZTFhOGE4ZTJiYjI1YjBkYiJ9
Source: global traffic	HTTP traffic detected: GET /images/male/30-40/t-6.jpg HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6IitWM0Z6bjVKL1l4enk3Mlg3ZjlLTEE9PSIsInZhbHVlIjoiVzMyVWwxdmdTU2NMcmlLblozemxETWRoUDNNcTJaNktjL1Y2K3ZnVHFIbTR6Q0lYVmZZdHF0bkJENVFwTmNTZFF0UStyamNUVHV1ZkNxQ21mVkJKRUpjMlJWQ1JtRFU4ZDdFMFUrMVpXeUlwMVJiQmpLZnA0Vzh6cDZWaFU1T2wiLCJtYWMiOiI2YzEwN2E2Y2I1MzFiMTViYmU3ZTM3M2Q0NjZkOGY1YzE2ZTllMzA4ZDdiYWNmNmVmY2E2Yzc1ZjVkZGI3ZGJiIn0%3D; _=eyJpdiI6IkY3UHNXa0kwSytkSGpoRlZwL090ZVE9PSIsInZhbHVlIjoib29JalVoZUJjbUU3WmtwL1ByZElidi9NYlhMK1FtalZRU255dXJ5VDhpMHRTVGFHT0UxQXFNQWZ1NWRVNGFUVjZncWVzdWNjcy9WajQ3YjRLdHU4ZjRtdGY5U0pNTTF1WHVaMGJQQlBZOUd2SVBHWVlobzdCb1YvVzJKOXlNbGsiLCJtYWMiOiIxMzFhNjIyMTdlNGE4NTRjZjkxNGIzOWZmMmViNjM4M2FjZmVmYTUzOGM5ODc0YmZkNmFiMzQ3MmZiZDBhMjM5In0%3D; referrer=eyJpdiI6IlVPOHFaWEV0cFlGSVJ5TU5Hd3h0Smc9PSIsInZhbHVlIjoiRURjQTFXcWNJRGJoWkVXS3MrR3NkQ0hXSnR0TDZYQVJLcXJYckZ1bGUrSUNoOW5JN1dKYjI5K0JtT2l3VTdRU1VWMkN1aGllUFBkcVZaOXN3WHJQaDB6M0hUWWMrZEdTL2pJUjhJcXYvVUpyNWd4OUxQbzdHV01iNXkvYmk3cDVKZnNqWTFacWp1dUwrSVNaRDR3ZXlpUHpqQmhUWnFCZXZhYzNRUldDSkI2SmRGbmpWWFcyWkE1OCtqeUxncENFIiwibWFjIjoiNjk1ZjE3YjVkYzE4ODIwODUxMmFjYzA3MTk3YmQ0ZGVjYWEzZGU0NjExMmU1ZmU3ZTFhOGE4ZTJiYjI1YjBkYiJ9
Source: global traffic	HTTP traffic detected: GET /images/male/30-40/t-2.jpg HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6IitWM0Z6bjVKL1l4enk3Mlg3ZjlLTEE9PSIsInZhbHVlIjoiVzMyVWwxdmdTU2NMcmlLblozemxETWRoUDNNcTJaNktjL1Y2K3ZnVHFIbTR6Q0lYVmZZdHF0bkJENVFwTmNTZFF0UStyamNUVHV1ZkNxQ21mVkJKRUpjMlJWQ1JtRFU4ZDdFMFUrMVpXeUlwMVJiQmpLZnA0Vzh6cDZWaFU1T2wiLCJtYWMiOiI2YzEwN2E2Y2I1MzFiMTViYmU3ZTM3M2Q0NjZkOGY1YzE2ZTllMzA4ZDdiYWNmNmVmY2E2Yzc1ZjVkZGI3ZGJiIn0%3D; _=eyJpdiI6IkY3UHNXa0kwSytkSGpoRlZwL090ZVE9PSIsInZhbHVlIjoib29JalVoZUJjbUU3WmtwL1ByZElidi9NYlhMK1FtalZRU255dXJ5VDhpMHRTVGFHT0UxQXFNQWZ1NWRVNGFUVjZncWVzdWNjcy9WajQ3YjRLdHU4ZjRtdGY5U0pNTTF1WHVaMGJQQlBZOUd2SVBHWVlobzdCb1YvVzJKOXlNbGsiLCJtYWMiOiIxMzFhNjIyMTdlNGE4NTRjZjkxNGIzOWZmMmViNjM4M2FjZmVmYTUzOGM5ODc0YmZkNmFiMzQ3MmZiZDBhMjM5In0%3D; referrer=eyJpdiI6IlVPOHFaWEV0cFlGSVJ5TU5Hd3h0Smc9PSIsInZhbHVlIjoiRURjQTFXcWNJRGJoWkVXS3MrR3NkQ0hXSnR0TDZYQVJLcXJYckZ1bGUrSUNoOW5JN1dKYjI5K0JtT2l3VTdRU1VWMkN1aGllUFBkcVZaOXN3WHJQaDB6M0hUWWMrZEdTL2pJUjhJcXYvVUpyNWd4OUxQbzdHV01iNXkvYmk3cDVKZnNqWTFacWp1dUwrSVNaRDR3ZXlpUHpqQmhUWnFCZXZhYzNRUldDSkI2SmRGbmpWWFcyWkE1OCtqeUxncENFIiwibWFjIjoiNjk1ZjE3YjVkYzE4ODIwODUxMmFjYzA3MTk3YmQ0ZGVjYWEzZGU0NjExMmU1ZmU3ZTFhOGE4ZTJiYjI1YjBkYiJ9
Source: global traffic	HTTP traffic detected: GET /images/female/30-40/t-7.jpg HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6IitWM0Z6bjVKL1l4enk3Mlg3ZjlLTEE9PSIsInZhbHVlIjoiVzMyVWwxdmdTU2NMcmlLblozemxETWRoUDNNcTJaNktjL1Y2K3ZnVHFIbTR6Q0lYVmZZdHF0bkJENVFwTmNTZFF0UStyamNUVHV1ZkNxQ21mVkJKRUpjMlJWQ1JtRFU4ZDdFMFUrMVpXeUlwMVJiQmpLZnA0Vzh6cDZWaFU1T2wiLCJtYWMiOiI2YzEwN2E2Y2I1MzFiMTViYmU3ZTM3M2Q0NjZkOGY1YzE2ZTllMzA4ZDdiYWNmNmVmY2E2Yzc1ZjVkZGI3ZGJiIn0%3D; _=eyJpdiI6IkY3UHNXa0kwSytkSGpoRlZwL090ZVE9PSIsInZhbHVlIjoib29JalVoZUJjbUU3WmtwL1ByZElidi9NYlhMK1FtalZRU255dXJ5VDhpMHRTVGFHT0UxQXFNQWZ1NWRVNGFUVjZncWVzdWNjcy9WajQ3YjRLdHU4ZjRtdGY5U0pNTTF1WHVaMGJQQlBZOUd2SVBHWVlobzdCb1YvVzJKOXlNbGsiLCJtYWMiOiIxMzFhNjIyMTdlNGE4NTRjZjkxNGIzOWZmMmViNjM4M2FjZmVmYTUzOGM5ODc0YmZkNmFiMzQ3MmZiZDBhMjM5In0%3D; referrer=eyJpdiI6IlVPOHFaWEV0cFlGSVJ5TU5Hd3h0Smc9PSIsInZhbHVlIjoiRURjQTFXcWNJRGJoWkVXS3MrR3NkQ0hXSnR0TDZYQVJLcXJYckZ1bGUrSUNoOW5JN1dKYjI5K0JtT2l3VTdRU1VWMkN1aGllUFBkcVZaOXN3WHJQaDB6M0hUWWMrZEdTL2pJUjhJcXYvVUpyNWd4OUxQbzdHV01iNXkvYmk3cDVKZnNqWTFacWp1dUwrSVNaRDR3ZXlpUHpqQmhUWnFCZXZhYzNRUldDSkI2SmRGbmpWWFcyWkE1OCtqeUxncENFIiwibWFjIjoiNjk1ZjE3YjVkYzE4ODIwODUxMmFjYzA3MTk3YmQ0ZGVjYWEzZGU0NjExMmU1ZmU3ZTFhOGE4ZTJiYjI1YjBkYiJ9
Source: global traffic	HTTP traffic detected: GET /images/female/40-60/t-1.jpg HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6IitWM0Z6bjVKL1l4enk3Mlg3ZjlLTEE9PSIsInZhbHVlIjoiVzMyVWwxdmdTU2NMcmlLblozemxETWRoUDNNcTJaNktjL1Y2K3ZnVHFIbTR6Q0lYVmZZdHF0bkJENVFwTmNTZFF0UStyamNUVHV1ZkNxQ21mVkJKRUpjMlJWQ1JtRFU4ZDdFMFUrMVpXeUlwMVJiQmpLZnA0Vzh6cDZWaFU1T2wiLCJtYWMiOiI2YzEwN2E2Y2I1MzFiMTViYmU3ZTM3M2Q0NjZkOGY1YzE2ZTllMzA4ZDdiYWNmNmVmY2E2Yzc1ZjVkZGI3ZGJiIn0%3D; _=eyJpdiI6IkY3UHNXa0kwSytkSGpoRlZwL090ZVE9PSIsInZhbHVlIjoib29JalVoZUJjbUU3WmtwL1ByZElidi9NYlhMK1FtalZRU255dXJ5VDhpMHRTVGFHT0UxQXFNQWZ1NWRVNGFUVjZncWVzdWNjcy9WajQ3YjRLdHU4ZjRtdGY5U0pNTTF1WHVaMGJQQlBZOUd2SVBHWVlobzdCb1YvVzJKOXlNbGsiLCJtYWMiOiIxMzFhNjIyMTdlNGE4NTRjZjkxNGIzOWZmMmViNjM4M2FjZmVmYTUzOGM5ODc0YmZkNmFiMzQ3MmZiZDBhMjM5In0%3D; referrer=eyJpdiI6IlVPOHFaWEV0cFlGSVJ5TU5Hd3h0Smc9PSIsInZhbHVlIjoiRURjQTFXcWNJRGJoWkVXS3MrR3NkQ0hXSnR0TDZYQVJLcXJYckZ1bGUrSUNoOW5JN1dKYjI5K0JtT2l3VTdRU1VWMkN1aGllUFBkcVZaOXN3WHJQaDB6M0hUWWMrZEdTL2pJUjhJcXYvVUpyNWd4OUxQbzdHV01iNXkvYmk3cDVKZnNqWTFacWp1dUwrSVNaRDR3ZXlpUHpqQmhUWnFCZXZhYzNRUldDSkI2SmRGbmpWWFcyWkE1OCtqeUxncENFIiwibWFjIjoiNjk1ZjE3YjVkYzE4ODIwODUxMmFjYzA3MTk3YmQ0ZGVjYWEzZGU0NjExMmU1ZmU3ZTFhOGE4ZTJiYjI1YjBkYiJ9
Source: global traffic	HTTP traffic detected: GET /images/100-natural.svg HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6IitWM0Z6bjVKL1l4enk3Mlg3ZjlLTEE9PSIsInZhbHVlIjoiVzMyVWwxdmdTU2NMcmlLblozemxETWRoUDNNcTJaNktjL1Y2K3ZnVHFIbTR6Q0lYVmZZdHF0bkJENVFwTmNTZFF0UStyamNUVHV1ZkNxQ21mVkJKRUpjMlJWQ1JtRFU4ZDdFMFUrMVpXeUlwMVJiQmpLZnA0Vzh6cDZWaFU1T2wiLCJtYWMiOiI2YzEwN2E2Y2I1MzFiMTViYmU3ZTM3M2Q0NjZkOGY1YzE2ZTllMzA4ZDdiYWNmNmVmY2E2Yzc1ZjVkZGI3ZGJiIn0%3D; _=eyJpdiI6IkY3UHNXa0kwSytkSGpoRlZwL090ZVE9PSIsInZhbHVlIjoib29JalVoZUJjbUU3WmtwL1ByZElidi9NYlhMK1FtalZRU255dXJ5VDhpMHRTVGFHT0UxQXFNQWZ1NWRVNGFUVjZncWVzdWNjcy9WajQ3YjRLdHU4ZjRtdGY5U0pNTTF1WHVaMGJQQlBZOUd2SVBHWVlobzdCb1YvVzJKOXlNbGsiLCJtYWMiOiIxMzFhNjIyMTdlNGE4NTRjZjkxNGIzOWZmMmViNjM4M2FjZmVmYTUzOGM5ODc0YmZkNmFiMzQ3MmZiZDBhMjM5In0%3D; referrer=eyJpdiI6IlVPOHFaWEV0cFlGSVJ5TU5Hd3h0Smc9PSIsInZhbHVlIjoiRURjQTFXcWNJRGJoWkVXS3MrR3NkQ0hXSnR0TDZYQVJLcXJYckZ1bGUrSUNoOW5JN1dKYjI5K0JtT2l3VTdRU1VWMkN1aGllUFBkcVZaOXN3WHJQaDB6M0hUWWMrZEdTL2pJUjhJcXYvVUpyNWd4OUxQbzdHV01iNXkvYmk3cDVKZnNqWTFacWp1dUwrSVNaRDR3ZXlpUHpqQmhUWnFCZXZhYzNRUldDSkI2SmRGbmpWWFcyWkE1OCtqeUxncENFIiwibWFjIjoiNjk1ZjE3YjVkYzE4ODIwODUxMmFjYzA3MTk3YmQ0ZGVjYWEzZGU0NjExMmU1ZmU3ZTFhOGE4ZTJiYjI1YjBkYiJ9
Source: global traffic	HTTP traffic detected: GET /images/female/30-40/t-3.jpg HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6Ii96bVU3djUwZXZSRXAwaWJ6UG9MakE9PSIsInZhbHVlIjoiYWFkUis1am4vbFZiY0xBd3B6bkNsaEhZMk5sdGg1UlNhcFhHcVdXR1BDN081dGtrRXRGa3JNWlNWaXBHUStsMlF4Rm5WdnlOQUhLMTBBZklWaVpPSXVEaFlqZm5yZDl0SENtYlcxbmhHWUdhbFNWdFZXOG9ZZkxEN21ROXg5RGYiLCJtYWMiOiI3ZDA2YjZmMmY2MTgyYWNmNjljMjE4NDY0MTI0MzkxNzA3NzhmY2NlOGU3MGY2ZGMyZDY5NGU4NTY0ZDYzOGViIn0%3D; _=eyJpdiI6ImI3VUsydmtPd0p3MWJOUW5kUTU2bEE9PSIsInZhbHVlIjoiR09EYzEyeWUxdlllVXNTKzhrUklneXc4WnE2YUlnWGpsUWNWQjkxSWU0dUo1TUFwRTlPUTE3UHdKbTBFTDZrYm1iNDA5dXJuZW1XVzlKRElJdVdCelBnQkFob1J0bmY1cUV0UllDMlZUdUF4NFowRmxGSGNuSzYrY1BjdkpqeVQiLCJtYWMiOiJjZmQ0OWMzNGQyOThiNGM4N2Y1NTkxZWI4ZWRmNGQxYjRkOGY0NjYzZjNlMmRhMTMwZDQ1MjMxZTI2M2VmMzZmIn0%3D; referrer=eyJpdiI6IlNsVFpsclB6c0phOHV0dE5kRjNKWmc9PSIsInZhbHVlIjoiRzBTR3c4Zi8xYUlqdTl6eVVGSmMrMm5FOUIwaEF0L2VrZWkzVm9DM2ZNK2lSOHU3TndyTzZ0NmxyYjN1RHlOemdtbDNoVlVtVUltUVJnKzkvQXpuQ2c9PSIsIm1hYyI6IjNjZGU2MTc2MDU4MTk4NzQzNWYxNTZiOWRjYjYzZDdjNzVmYWMxNzdmMzYxM2ZiYmExYWE2YTczZTMyNWU1NWMifQ%3D%3D
Source: global traffic	HTTP traffic detected: GET /images/FDA_2.svg HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6Ii96bVU3djUwZXZSRXAwaWJ6UG9MakE9PSIsInZhbHVlIjoiYWFkUis1am4vbFZiY0xBd3B6bkNsaEhZMk5sdGg1UlNhcFhHcVdXR1BDN081dGtrRXRGa3JNWlNWaXBHUStsMlF4Rm5WdnlOQUhLMTBBZklWaVpPSXVEaFlqZm5yZDl0SENtYlcxbmhHWUdhbFNWdFZXOG9ZZkxEN21ROXg5RGYiLCJtYWMiOiI3ZDA2YjZmMmY2MTgyYWNmNjljMjE4NDY0MTI0MzkxNzA3NzhmY2NlOGU3MGY2ZGMyZDY5NGU4NTY0ZDYzOGViIn0%3D; _=eyJpdiI6ImI3VUsydmtPd0p3MWJOUW5kUTU2bEE9PSIsInZhbHVlIjoiR09EYzEyeWUxdlllVXNTKzhrUklneXc4WnE2YUlnWGpsUWNWQjkxSWU0dUo1TUFwRTlPUTE3UHdKbTBFTDZrYm1iNDA5dXJuZW1XVzlKRElJdVdCelBnQkFob1J0bmY1cUV0UllDMlZUdUF4NFowRmxGSGNuSzYrY1BjdkpqeVQiLCJtYWMiOiJjZmQ0OWMzNGQyOThiNGM4N2Y1NTkxZWI4ZWRmNGQxYjRkOGY0NjYzZjNlMmRhMTMwZDQ1MjMxZTI2M2VmMzZmIn0%3D; referrer=eyJpdiI6IlNsVFpsclB6c0phOHV0dE5kRjNKWmc9PSIsInZhbHVlIjoiRzBTR3c4Zi8xYUlqdTl6eVVGSmMrMm5FOUIwaEF0L2VrZWkzVm9DM2ZNK2lSOHU3TndyTzZ0NmxyYjN1RHlOemdtbDNoVlVtVUltUVJnKzkvQXpuQ2c9PSIsIm1hYyI6IjNjZGU2MTc2MDU4MTk4NzQzNWYxNTZiOWRjYjYzZDdjNzVmYWMxNzdmMzYxM2ZiYmExYWE2YTczZTMyNWU1NWMifQ%3D%3D
Source: global traffic	HTTP traffic detected: GET /images/GMP_stars.svg HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6Ii96bVU3djUwZXZSRXAwaWJ6UG9MakE9PSIsInZhbHVlIjoiYWFkUis1am4vbFZiY0xBd3B6bkNsaEhZMk5sdGg1UlNhcFhHcVdXR1BDN081dGtrRXRGa3JNWlNWaXBHUStsMlF4Rm5WdnlOQUhLMTBBZklWaVpPSXVEaFlqZm5yZDl0SENtYlcxbmhHWUdhbFNWdFZXOG9ZZkxEN21ROXg5RGYiLCJtYWMiOiI3ZDA2YjZmMmY2MTgyYWNmNjljMjE4NDY0MTI0MzkxNzA3NzhmY2NlOGU3MGY2ZGMyZDY5NGU4NTY0ZDYzOGViIn0%3D; _=eyJpdiI6ImI3VUsydmtPd0p3MWJOUW5kUTU2bEE9PSIsInZhbHVlIjoiR09EYzEyeWUxdlllVXNTKzhrUklneXc4WnE2YUlnWGpsUWNWQjkxSWU0dUo1TUFwRTlPUTE3UHdKbTBFTDZrYm1iNDA5dXJuZW1XVzlKRElJdVdCelBnQkFob1J0bmY1cUV0UllDMlZUdUF4NFowRmxGSGNuSzYrY1BjdkpqeVQiLCJtYWMiOiJjZmQ0OWMzNGQyOThiNGM4N2Y1NTkxZWI4ZWRmNGQxYjRkOGY0NjYzZjNlMmRhMTMwZDQ1MjMxZTI2M2VmMzZmIn0%3D; referrer=eyJpdiI6IlNsVFpsclB6c0phOHV0dE5kRjNKWmc9PSIsInZhbHVlIjoiRzBTR3c4Zi8xYUlqdTl6eVVGSmMrMm5FOUIwaEF0L2VrZWkzVm9DM2ZNK2lSOHU3TndyTzZ0NmxyYjN1RHlOemdtbDNoVlVtVUltUVJnKzkvQXpuQ2c9PSIsIm1hYyI6IjNjZGU2MTc2MDU4MTk4NzQzNWYxNTZiOWRjYjYzZDdjNzVmYWMxNzdmMzYxM2ZiYmExYWE2YTczZTMyNWU1NWMifQ%3D%3D
Source: global traffic	HTTP traffic detected: GET /images/male/40-60/t-4.jpg HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6Ii96bVU3djUwZXZSRXAwaWJ6UG9MakE9PSIsInZhbHVlIjoiYWFkUis1am4vbFZiY0xBd3B6bkNsaEhZMk5sdGg1UlNhcFhHcVdXR1BDN081dGtrRXRGa3JNWlNWaXBHUStsMlF4Rm5WdnlOQUhLMTBBZklWaVpPSXVEaFlqZm5yZDl0SENtYlcxbmhHWUdhbFNWdFZXOG9ZZkxEN21ROXg5RGYiLCJtYWMiOiI3ZDA2YjZmMmY2MTgyYWNmNjljMjE4NDY0MTI0MzkxNzA3NzhmY2NlOGU3MGY2ZGMyZDY5NGU4NTY0ZDYzOGViIn0%3D; _=eyJpdiI6ImI3VUsydmtPd0p3MWJOUW5kUTU2bEE9PSIsInZhbHVlIjoiR09EYzEyeWUxdlllVXNTKzhrUklneXc4WnE2YUlnWGpsUWNWQjkxSWU0dUo1TUFwRTlPUTE3UHdKbTBFTDZrYm1iNDA5dXJuZW1XVzlKRElJdVdCelBnQkFob1J0bmY1cUV0UllDMlZUdUF4NFowRmxGSGNuSzYrY1BjdkpqeVQiLCJtYWMiOiJjZmQ0OWMzNGQyOThiNGM4N2Y1NTkxZWI4ZWRmNGQxYjRkOGY0NjYzZjNlMmRhMTMwZDQ1MjMxZTI2M2VmMzZmIn0%3D; referrer=eyJpdiI6IlNsVFpsclB6c0phOHV0dE5kRjNKWmc9PSIsInZhbHVlIjoiRzBTR3c4Zi8xYUlqdTl6eVVGSmMrMm5FOUIwaEF0L2VrZWkzVm9DM2ZNK2lSOHU3TndyTzZ0NmxyYjN1RHlOemdtbDNoVlVtVUltUVJnKzkvQXpuQ2c9PSIsIm1hYyI6IjNjZGU2MTc2MDU4MTk4NzQzNWYxNTZiOWRjYjYzZDdjNzVmYWMxNzdmMzYxM2ZiYmExYWE2YTczZTMyNWU1NWMifQ%3D%3D
Source: global traffic	HTTP traffic detected: GET /en_US/fbevents.js HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://visi-sharp.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/male/40-60/t-5.jpg HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6Ii96bVU3djUwZXZSRXAwaWJ6UG9MakE9PSIsInZhbHVlIjoiYWFkUis1am4vbFZiY0xBd3B6bkNsaEhZMk5sdGg1UlNhcFhHcVdXR1BDN081dGtrRXRGa3JNWlNWaXBHUStsMlF4Rm5WdnlOQUhLMTBBZklWaVpPSXVEaFlqZm5yZDl0SENtYlcxbmhHWUdhbFNWdFZXOG9ZZkxEN21ROXg5RGYiLCJtYWMiOiI3ZDA2YjZmMmY2MTgyYWNmNjljMjE4NDY0MTI0MzkxNzA3NzhmY2NlOGU3MGY2ZGMyZDY5NGU4NTY0ZDYzOGViIn0%3D; _=eyJpdiI6ImI3VUsydmtPd0p3MWJOUW5kUTU2bEE9PSIsInZhbHVlIjoiR09EYzEyeWUxdlllVXNTKzhrUklneXc4WnE2YUlnWGpsUWNWQjkxSWU0dUo1TUFwRTlPUTE3UHdKbTBFTDZrYm1iNDA5dXJuZW1XVzlKRElJdVdCelBnQkFob1J0bmY1cUV0UllDMlZUdUF4NFowRmxGSGNuSzYrY1BjdkpqeVQiLCJtYWMiOiJjZmQ0OWMzNGQyOThiNGM4N2Y1NTkxZWI4ZWRmNGQxYjRkOGY0NjYzZjNlMmRhMTMwZDQ1MjMxZTI2M2VmMzZmIn0%3D; referrer=eyJpdiI6IlNsVFpsclB6c0phOHV0dE5kRjNKWmc9PSIsInZhbHVlIjoiRzBTR3c4Zi8xYUlqdTl6eVVGSmMrMm5FOUIwaEF0L2VrZWkzVm9DM2ZNK2lSOHU3TndyTzZ0NmxyYjN1RHlOemdtbDNoVlVtVUltUVJnKzkvQXpuQ2c9PSIsIm1hYyI6IjNjZGU2MTc2MDU4MTk4NzQzNWYxNTZiOWRjYjYzZDdjNzVmYWMxNzdmMzYxM2ZiYmExYWE2YTczZTMyNWU1NWMifQ%3D%3D
Source: global traffic	HTTP traffic detected: GET /images/USA.svg HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6Ii96bVU3djUwZXZSRXAwaWJ6UG9MakE9PSIsInZhbHVlIjoiYWFkUis1am4vbFZiY0xBd3B6bkNsaEhZMk5sdGg1UlNhcFhHcVdXR1BDN081dGtrRXRGa3JNWlNWaXBHUStsMlF4Rm5WdnlOQUhLMTBBZklWaVpPSXVEaFlqZm5yZDl0SENtYlcxbmhHWUdhbFNWdFZXOG9ZZkxEN21ROXg5RGYiLCJtYWMiOiI3ZDA2YjZmMmY2MTgyYWNmNjljMjE4NDY0MTI0MzkxNzA3NzhmY2NlOGU3MGY2ZGMyZDY5NGU4NTY0ZDYzOGViIn0%3D; _=eyJpdiI6ImI3VUsydmtPd0p3MWJOUW5kUTU2bEE9PSIsInZhbHVlIjoiR09EYzEyeWUxdlllVXNTKzhrUklneXc4WnE2YUlnWGpsUWNWQjkxSWU0dUo1TUFwRTlPUTE3UHdKbTBFTDZrYm1iNDA5dXJuZW1XVzlKRElJdVdCelBnQkFob1J0bmY1cUV0UllDMlZUdUF4NFowRmxGSGNuSzYrY1BjdkpqeVQiLCJtYWMiOiJjZmQ0OWMzNGQyOThiNGM4N2Y1NTkxZWI4ZWRmNGQxYjRkOGY0NjYzZjNlMmRhMTMwZDQ1MjMxZTI2M2VmMzZmIn0%3D; referrer=eyJpdiI6IlNsVFpsclB6c0phOHV0dE5kRjNKWmc9PSIsInZhbHVlIjoiRzBTR3c4Zi8xYUlqdTl6eVVGSmMrMm5FOUIwaEF0L2VrZWkzVm9DM2ZNK2lSOHU3TndyTzZ0NmxyYjN1RHlOemdtbDNoVlVtVUltUVJnKzkvQXpuQ2c9PSIsIm1hYyI6IjNjZGU2MTc2MDU4MTk4NzQzNWYxNTZiOWRjYjYzZDdjNzVmYWMxNzdmMzYxM2ZiYmExYWE2YTczZTMyNWU1NWMifQ%3D%3D
Source: global traffic	HTTP traffic detected: GET /track/?a=6797&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=prod7,prod8,prod9,prod11&caller_url=https%3A%2F%2Fvisi-sharp.net%2Freport%3Faff_id%3D326%26subid2%3D6812_sessid20250109205426977%26subid%3D8802 HTTP/1.1Host: tracking.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://visi-sharp.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/male/30-40/t-6.jpg HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6Ii96bVU3djUwZXZSRXAwaWJ6UG9MakE9PSIsInZhbHVlIjoiYWFkUis1am4vbFZiY0xBd3B6bkNsaEhZMk5sdGg1UlNhcFhHcVdXR1BDN081dGtrRXRGa3JNWlNWaXBHUStsMlF4Rm5WdnlOQUhLMTBBZklWaVpPSXVEaFlqZm5yZDl0SENtYlcxbmhHWUdhbFNWdFZXOG9ZZkxEN21ROXg5RGYiLCJtYWMiOiI3ZDA2YjZmMmY2MTgyYWNmNjljMjE4NDY0MTI0MzkxNzA3NzhmY2NlOGU3MGY2ZGMyZDY5NGU4NTY0ZDYzOGViIn0%3D; _=eyJpdiI6ImI3VUsydmtPd0p3MWJOUW5kUTU2bEE9PSIsInZhbHVlIjoiR09EYzEyeWUxdlllVXNTKzhrUklneXc4WnE2YUlnWGpsUWNWQjkxSWU0dUo1TUFwRTlPUTE3UHdKbTBFTDZrYm1iNDA5dXJuZW1XVzlKRElJdVdCelBnQkFob1J0bmY1cUV0UllDMlZUdUF4NFowRmxGSGNuSzYrY1BjdkpqeVQiLCJtYWMiOiJjZmQ0OWMzNGQyOThiNGM4N2Y1NTkxZWI4ZWRmNGQxYjRkOGY0NjYzZjNlMmRhMTMwZDQ1MjMxZTI2M2VmMzZmIn0%3D; referrer=eyJpdiI6IlNsVFpsclB6c0phOHV0dE5kRjNKWmc9PSIsInZhbHVlIjoiRzBTR3c4Zi8xYUlqdTl6eVVGSmMrMm5FOUIwaEF0L2VrZWkzVm9DM2ZNK2lSOHU3TndyTzZ0NmxyYjN1RHlOemdtbDNoVlVtVUltUVJnKzkvQXpuQ2c9PSIsIm1hYyI6IjNjZGU2MTc2MDU4MTk4NzQzNWYxNTZiOWRjYjYzZDdjNzVmYWMxNzdmMzYxM2ZiYmExYWE2YTczZTMyNWU1NWMifQ%3D%3D
Source: global traffic	HTTP traffic detected: GET /images/verified_purchase.png HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6Ii96bVU3djUwZXZSRXAwaWJ6UG9MakE9PSIsInZhbHVlIjoiYWFkUis1am4vbFZiY0xBd3B6bkNsaEhZMk5sdGg1UlNhcFhHcVdXR1BDN081dGtrRXRGa3JNWlNWaXBHUStsMlF4Rm5WdnlOQUhLMTBBZklWaVpPSXVEaFlqZm5yZDl0SENtYlcxbmhHWUdhbFNWdFZXOG9ZZkxEN21ROXg5RGYiLCJtYWMiOiI3ZDA2YjZmMmY2MTgyYWNmNjljMjE4NDY0MTI0MzkxNzA3NzhmY2NlOGU3MGY2ZGMyZDY5NGU4NTY0ZDYzOGViIn0%3D; _=eyJpdiI6ImI3VUsydmtPd0p3MWJOUW5kUTU2bEE9PSIsInZhbHVlIjoiR09EYzEyeWUxdlllVXNTKzhrUklneXc4WnE2YUlnWGpsUWNWQjkxSWU0dUo1TUFwRTlPUTE3UHdKbTBFTDZrYm1iNDA5dXJuZW1XVzlKRElJdVdCelBnQkFob1J0bmY1cUV0UllDMlZUdUF4NFowRmxGSGNuSzYrY1BjdkpqeVQiLCJtYWMiOiJjZmQ0OWMzNGQyOThiNGM4N2Y1NTkxZWI4ZWRmNGQxYjRkOGY0NjYzZjNlMmRhMTMwZDQ1MjMxZTI2M2VmMzZmIn0%3D; referrer=eyJpdiI6IlNsVFpsclB6c0phOHV0dE5kRjNKWmc9PSIsInZhbHVlIjoiRzBTR3c4Zi8xYUlqdTl6eVVGSmMrMm5FOUIwaEF0L2VrZWkzVm9DM2ZNK2lSOHU3TndyTzZ0NmxyYjN1RHlOemdtbDNoVlVtVUltUVJnKzkvQXpuQ2c9PSIsIm1hYyI6IjNjZGU2MTc2MDU4MTk4NzQzNWYxNTZiOWRjYjYzZDdjNzVmYWMxNzdmMzYxM2ZiYmExYWE2YTczZTMyNWU1NWMifQ%3D%3D
Source: global traffic	HTTP traffic detected: GET /conversions.php?siteId=567&dataLayer=populate HTTP/1.1Host: dashboard.heatmap.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://visi-sharp.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/?a=6797&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=prod7,prod8,prod9,prod11&caller_url=https%3A%2F%2Fvisi-sharp.net%2Freport%3Faff_id%3D326%26subid2%3D6812_sessid20250109205426977%26subid%3D8802 HTTP/1.1Host: tracking.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/100-natural.svg HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6Ii96bVU3djUwZXZSRXAwaWJ6UG9MakE9PSIsInZhbHVlIjoiYWFkUis1am4vbFZiY0xBd3B6bkNsaEhZMk5sdGg1UlNhcFhHcVdXR1BDN081dGtrRXRGa3JNWlNWaXBHUStsMlF4Rm5WdnlOQUhLMTBBZklWaVpPSXVEaFlqZm5yZDl0SENtYlcxbmhHWUdhbFNWdFZXOG9ZZkxEN21ROXg5RGYiLCJtYWMiOiI3ZDA2YjZmMmY2MTgyYWNmNjljMjE4NDY0MTI0MzkxNzA3NzhmY2NlOGU3MGY2ZGMyZDY5NGU4NTY0ZDYzOGViIn0%3D; _=eyJpdiI6ImI3VUsydmtPd0p3MWJOUW5kUTU2bEE9PSIsInZhbHVlIjoiR09EYzEyeWUxdlllVXNTKzhrUklneXc4WnE2YUlnWGpsUWNWQjkxSWU0dUo1TUFwRTlPUTE3UHdKbTBFTDZrYm1iNDA5dXJuZW1XVzlKRElJdVdCelBnQkFob1J0bmY1cUV0UllDMlZUdUF4NFowRmxGSGNuSzYrY1BjdkpqeVQiLCJtYWMiOiJjZmQ0OWMzNGQyOThiNGM4N2Y1NTkxZWI4ZWRmNGQxYjRkOGY0NjYzZjNlMmRhMTMwZDQ1MjMxZTI2M2VmMzZmIn0%3D; referrer=eyJpdiI6IlNsVFpsclB6c0phOHV0dE5kRjNKWmc9PSIsInZhbHVlIjoiRzBTR3c4Zi8xYUlqdTl6eVVGSmMrMm5FOUIwaEF0L2VrZWkzVm9DM2ZNK2lSOHU3TndyTzZ0NmxyYjN1RHlOemdtbDNoVlVtVUltUVJnKzkvQXpuQ2c9PSIsIm1hYyI6IjNjZGU2MTc2MDU4MTk4NzQzNWYxNTZiOWRjYjYzZDdjNzVmYWMxNzdmMzYxM2ZiYmExYWE2YTczZTMyNWU1NWMifQ%3D%3D
Source: global traffic	HTTP traffic detected: GET /images/FDA_2.svg HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6Ii96bVU3djUwZXZSRXAwaWJ6UG9MakE9PSIsInZhbHVlIjoiYWFkUis1am4vbFZiY0xBd3B6bkNsaEhZMk5sdGg1UlNhcFhHcVdXR1BDN081dGtrRXRGa3JNWlNWaXBHUStsMlF4Rm5WdnlOQUhLMTBBZklWaVpPSXVEaFlqZm5yZDl0SENtYlcxbmhHWUdhbFNWdFZXOG9ZZkxEN21ROXg5RGYiLCJtYWMiOiI3ZDA2YjZmMmY2MTgyYWNmNjljMjE4NDY0MTI0MzkxNzA3NzhmY2NlOGU3MGY2ZGMyZDY5NGU4NTY0ZDYzOGViIn0%3D; _=eyJpdiI6ImI3VUsydmtPd0p3MWJOUW5kUTU2bEE9PSIsInZhbHVlIjoiR09EYzEyeWUxdlllVXNTKzhrUklneXc4WnE2YUlnWGpsUWNWQjkxSWU0dUo1TUFwRTlPUTE3UHdKbTBFTDZrYm1iNDA5dXJuZW1XVzlKRElJdVdCelBnQkFob1J0bmY1cUV0UllDMlZUdUF4NFowRmxGSGNuSzYrY1BjdkpqeVQiLCJtYWMiOiJjZmQ0OWMzNGQyOThiNGM4N2Y1NTkxZWI4ZWRmNGQxYjRkOGY0NjYzZjNlMmRhMTMwZDQ1MjMxZTI2M2VmMzZmIn0%3D; referrer=eyJpdiI6IlNsVFpsclB6c0phOHV0dE5kRjNKWmc9PSIsInZhbHVlIjoiRzBTR3c4Zi8xYUlqdTl6eVVGSmMrMm5FOUIwaEF0L2VrZWkzVm9DM2ZNK2lSOHU3TndyTzZ0NmxyYjN1RHlOemdtbDNoVlVtVUltUVJnKzkvQXpuQ2c9PSIsIm1hYyI6IjNjZGU2MTc2MDU4MTk4NzQzNWYxNTZiOWRjYjYzZDdjNzVmYWMxNzdmMzYxM2ZiYmExYWE2YTczZTMyNWU1NWMifQ%3D%3D; _ga_PL0H41SBF9=GS1.1.1736456088.1.0.1736456088.0.0.0; _ga=GA1.2.1941801668.1736456088; _gid=GA1.2.992191435.1736456088; _gat_gtag_UA_62785402_66=1
Source: global traffic	HTTP traffic detected: GET /en_US/fbevents.js HTTP/1.1Host: connect.facebook.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /signals/config/789222289013177?v=2.9.179&r=stable&domain=visi-sharp.net&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113 HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://visi-sharp.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/GMP_stars.svg HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6Ii96bVU3djUwZXZSRXAwaWJ6UG9MakE9PSIsInZhbHVlIjoiYWFkUis1am4vbFZiY0xBd3B6bkNsaEhZMk5sdGg1UlNhcFhHcVdXR1BDN081dGtrRXRGa3JNWlNWaXBHUStsMlF4Rm5WdnlOQUhLMTBBZklWaVpPSXVEaFlqZm5yZDl0SENtYlcxbmhHWUdhbFNWdFZXOG9ZZkxEN21ROXg5RGYiLCJtYWMiOiI3ZDA2YjZmMmY2MTgyYWNmNjljMjE4NDY0MTI0MzkxNzA3NzhmY2NlOGU3MGY2ZGMyZDY5NGU4NTY0ZDYzOGViIn0%3D; _=eyJpdiI6ImI3VUsydmtPd0p3MWJOUW5kUTU2bEE9PSIsInZhbHVlIjoiR09EYzEyeWUxdlllVXNTKzhrUklneXc4WnE2YUlnWGpsUWNWQjkxSWU0dUo1TUFwRTlPUTE3UHdKbTBFTDZrYm1iNDA5dXJuZW1XVzlKRElJdVdCelBnQkFob1J0bmY1cUV0UllDMlZUdUF4NFowRmxGSGNuSzYrY1BjdkpqeVQiLCJtYWMiOiJjZmQ0OWMzNGQyOThiNGM4N2Y1NTkxZWI4ZWRmNGQxYjRkOGY0NjYzZjNlMmRhMTMwZDQ1MjMxZTI2M2VmMzZmIn0%3D; referrer=eyJpdiI6IlNsVFpsclB6c0phOHV0dE5kRjNKWmc9PSIsInZhbHVlIjoiRzBTR3c4Zi8xYUlqdTl6eVVGSmMrMm5FOUIwaEF0L2VrZWkzVm9DM2ZNK2lSOHU3TndyTzZ0NmxyYjN1RHlOemdtbDNoVlVtVUltUVJnKzkvQXpuQ2c9PSIsIm1hYyI6IjNjZGU2MTc2MDU4MTk4NzQzNWYxNTZiOWRjYjYzZDdjNzVmYWMxNzdmMzYxM2ZiYmExYWE2YTczZTMyNWU1NWMifQ%3D%3D; _ga_PL0H41SBF9=GS1.1.1736456088.1.0.1736456088.0.0.0; _ga=GA1.2.1941801668.1736456088; _gid=GA1.2.992191435.1736456088; _gat_gtag_UA_62785402_66=1
Source: global traffic	HTTP traffic detected: GET /images/female/30-40/t-7.jpg HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6Ii96bVU3djUwZXZSRXAwaWJ6UG9MakE9PSIsInZhbHVlIjoiYWFkUis1am4vbFZiY0xBd3B6bkNsaEhZMk5sdGg1UlNhcFhHcVdXR1BDN081dGtrRXRGa3JNWlNWaXBHUStsMlF4Rm5WdnlOQUhLMTBBZklWaVpPSXVEaFlqZm5yZDl0SENtYlcxbmhHWUdhbFNWdFZXOG9ZZkxEN21ROXg5RGYiLCJtYWMiOiI3ZDA2YjZmMmY2MTgyYWNmNjljMjE4NDY0MTI0MzkxNzA3NzhmY2NlOGU3MGY2ZGMyZDY5NGU4NTY0ZDYzOGViIn0%3D; _=eyJpdiI6ImI3VUsydmtPd0p3MWJOUW5kUTU2bEE9PSIsInZhbHVlIjoiR09EYzEyeWUxdlllVXNTKzhrUklneXc4WnE2YUlnWGpsUWNWQjkxSWU0dUo1TUFwRTlPUTE3UHdKbTBFTDZrYm1iNDA5dXJuZW1XVzlKRElJdVdCelBnQkFob1J0bmY1cUV0UllDMlZUdUF4NFowRmxGSGNuSzYrY1BjdkpqeVQiLCJtYWMiOiJjZmQ0OWMzNGQyOThiNGM4N2Y1NTkxZWI4ZWRmNGQxYjRkOGY0NjYzZjNlMmRhMTMwZDQ1MjMxZTI2M2VmMzZmIn0%3D; referrer=eyJpdiI6IlNsVFpsclB6c0phOHV0dE5kRjNKWmc9PSIsInZhbHVlIjoiRzBTR3c4Zi8xYUlqdTl6eVVGSmMrMm5FOUIwaEF0L2VrZWkzVm9DM2ZNK2lSOHU3TndyTzZ0NmxyYjN1RHlOemdtbDNoVlVtVUltUVJnKzkvQXpuQ2c9PSIsIm1hYyI6IjNjZGU2MTc2MDU4MTk4NzQzNWYxNTZiOWRjYjYzZDdjNzVmYWMxNzdmMzYxM2ZiYmExYWE2YTczZTMyNWU1NWMifQ%3D%3D; _ga_PL0H41SBF9=GS1.1.1736456088.1.0.1736456088.0.0.0; _ga=GA1.2.1941801668.1736456088; _gid=GA1.2.992191435.1736456088; _gat_gtag_UA_62785402_66=1
Source: global traffic	HTTP traffic detected: GET /iframe_api HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/USA.svg HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6Ii96bVU3djUwZXZSRXAwaWJ6UG9MakE9PSIsInZhbHVlIjoiYWFkUis1am4vbFZiY0xBd3B6bkNsaEhZMk5sdGg1UlNhcFhHcVdXR1BDN081dGtrRXRGa3JNWlNWaXBHUStsMlF4Rm5WdnlOQUhLMTBBZklWaVpPSXVEaFlqZm5yZDl0SENtYlcxbmhHWUdhbFNWdFZXOG9ZZkxEN21ROXg5RGYiLCJtYWMiOiI3ZDA2YjZmMmY2MTgyYWNmNjljMjE4NDY0MTI0MzkxNzA3NzhmY2NlOGU3MGY2ZGMyZDY5NGU4NTY0ZDYzOGViIn0%3D; _=eyJpdiI6ImI3VUsydmtPd0p3MWJOUW5kUTU2bEE9PSIsInZhbHVlIjoiR09EYzEyeWUxdlllVXNTKzhrUklneXc4WnE2YUlnWGpsUWNWQjkxSWU0dUo1TUFwRTlPUTE3UHdKbTBFTDZrYm1iNDA5dXJuZW1XVzlKRElJdVdCelBnQkFob1J0bmY1cUV0UllDMlZUdUF4NFowRmxGSGNuSzYrY1BjdkpqeVQiLCJtYWMiOiJjZmQ0OWMzNGQyOThiNGM4N2Y1NTkxZWI4ZWRmNGQxYjRkOGY0NjYzZjNlMmRhMTMwZDQ1MjMxZTI2M2VmMzZmIn0%3D; referrer=eyJpdiI6IlNsVFpsclB6c0phOHV0dE5kRjNKWmc9PSIsInZhbHVlIjoiRzBTR3c4Zi8xYUlqdTl6eVVGSmMrMm5FOUIwaEF0L2VrZWkzVm9DM2ZNK2lSOHU3TndyTzZ0NmxyYjN1RHlOemdtbDNoVlVtVUltUVJnKzkvQXpuQ2c9PSIsIm1hYyI6IjNjZGU2MTc2MDU4MTk4NzQzNWYxNTZiOWRjYjYzZDdjNzVmYWMxNzdmMzYxM2ZiYmExYWE2YTczZTMyNWU1NWMifQ%3D%3D; _ga_PL0H41SBF9=GS1.1.1736456088.1.0.1736456088.0.0.0; _ga=GA1.2.1941801668.1736456088; _gid=GA1.2.992191435.1736456088; _gat_gtag_UA_62785402_66=1; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; campaign_id=; referrer=8.46.123.189::visi-sharp.net%2Freport
Source: global traffic	HTTP traffic detected: GET /conversions.php?siteId=567&dataLayer=populate HTTP/1.1Host: dashboard.heatmap.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/verified_purchase.png HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6Ii96bVU3djUwZXZSRXAwaWJ6UG9MakE9PSIsInZhbHVlIjoiYWFkUis1am4vbFZiY0xBd3B6bkNsaEhZMk5sdGg1UlNhcFhHcVdXR1BDN081dGtrRXRGa3JNWlNWaXBHUStsMlF4Rm5WdnlOQUhLMTBBZklWaVpPSXVEaFlqZm5yZDl0SENtYlcxbmhHWUdhbFNWdFZXOG9ZZkxEN21ROXg5RGYiLCJtYWMiOiI3ZDA2YjZmMmY2MTgyYWNmNjljMjE4NDY0MTI0MzkxNzA3NzhmY2NlOGU3MGY2ZGMyZDY5NGU4NTY0ZDYzOGViIn0%3D; _=eyJpdiI6ImI3VUsydmtPd0p3MWJOUW5kUTU2bEE9PSIsInZhbHVlIjoiR09EYzEyeWUxdlllVXNTKzhrUklneXc4WnE2YUlnWGpsUWNWQjkxSWU0dUo1TUFwRTlPUTE3UHdKbTBFTDZrYm1iNDA5dXJuZW1XVzlKRElJdVdCelBnQkFob1J0bmY1cUV0UllDMlZUdUF4NFowRmxGSGNuSzYrY1BjdkpqeVQiLCJtYWMiOiJjZmQ0OWMzNGQyOThiNGM4N2Y1NTkxZWI4ZWRmNGQxYjRkOGY0NjYzZjNlMmRhMTMwZDQ1MjMxZTI2M2VmMzZmIn0%3D; referrer=eyJpdiI6IlNsVFpsclB6c0phOHV0dE5kRjNKWmc9PSIsInZhbHVlIjoiRzBTR3c4Zi8xYUlqdTl6eVVGSmMrMm5FOUIwaEF0L2VrZWkzVm9DM2ZNK2lSOHU3TndyTzZ0NmxyYjN1RHlOemdtbDNoVlVtVUltUVJnKzkvQXpuQ2c9PSIsIm1hYyI6IjNjZGU2MTc2MDU4MTk4NzQzNWYxNTZiOWRjYjYzZDdjNzVmYWMxNzdmMzYxM2ZiYmExYWE2YTczZTMyNWU1NWMifQ%3D%3D; _ga_PL0H41SBF9=GS1.1.1736456088.1.0.1736456088.0.0.0; _ga=GA1.2.1941801668.1736456088; _gid=GA1.2.992191435.1736456088; _gat_gtag_UA_62785402_66=1; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; campaign_id=; referrer=8.46.123.189::visi-sharp.net%2Freport
Source: global traffic	HTTP traffic detected: GET /s/player/3ede36f2/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=ai9MQ_IsTqk; VISITOR_INFO1_LIVE=rtLrPOSmvLs; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgbg%3D%3D
Source: global traffic	HTTP traffic detected: GET /track/?verbose=1&ip=1&_=1736456090572 HTTP/1.1Host: api-js.mixpanel.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/player/3ede36f2/www-embed-player.vflset/www-embed-player.js HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=ai9MQ_IsTqk; VISITOR_INFO1_LIVE=rtLrPOSmvLs; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgbg%3D%3D
Source: global traffic	HTTP traffic detected: GET /s/player/3ede36f2/player_ias.vflset/en_US/base.js HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=ai9MQ_IsTqk; VISITOR_INFO1_LIVE=rtLrPOSmvLs; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgbg%3D%3D
Source: global traffic	HTTP traffic detected: GET /instream/ad_status.js HTTP/1.1Host: static.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.youtube.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/id HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.youtube.comX-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.youtube.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/th/bTS-krGMW8fDflzgOBqs4RfQ289v88xjeZzvxqf94UM.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.youtube.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ytc/AIdro_kXPpC91hWBfq9kR4J1VteYD5pZC7CaWzeH_gaYjVNe4rdWPt3VI-qtFVO3abjvzqNChQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1Host: yt3.ggpht.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.youtube.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /instream/ad_status.js HTTP/1.1Host: static.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/id?slf_rd=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.youtube.comX-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.youtube.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ytc/AIdro_kXPpC91hWBfq9kR4J1VteYD5pZC7CaWzeH_gaYjVNe4rdWPt3VI-qtFVO3abjvzqNChQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1Host: yt3.ggpht.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/player/3ede36f2/player_ias.vflset/en_US/embed.js HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=ai9MQ_IsTqk; VISITOR_INFO1_LIVE=rtLrPOSmvLs; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgbg%3D%3D
Source: global traffic	HTTP traffic detected: GET /js/th/bTS-krGMW8fDflzgOBqs4RfQ289v88xjeZzvxqf94UM.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /youtubei/v1/player?prettyPrint=false HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=ai9MQ_IsTqk; VISITOR_INFO1_LIVE=rtLrPOSmvLs; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgbg%3D%3D
Source: global traffic	HTTP traffic detected: GET /pagead/id?slf_rd=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /videoplayback?expire=1736477696&ei=oDeAZ4C1Hra16dsPva6GiQQ&ip=8.46.123.189&id=o-AFNUZ2D2_Dd_aic2yntfv7c15wny2z3sWT93BgYqBaOw&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&met=1736456096%2C&mh=Zv&mm=31%2C26&mn=sn-t0aedn7l%2Csn-5uaeznsl&ms=au%2Conr&mv=m&mvi=3&pl=23&rms=au%2Cau&initcwndbps=5993750&bui=AfMhrI_v1nI-oQK3g-PuPjzASs-2436ao-H8NaxGpHcpJL3u0kJOy4wnfenkEkNpKUJe8MWKfUyv1X_U&spc=x-caUO_ZvH2nKgc11lFsonvpfIbWW35N7uSENW84_44Wpmic6daKejAei2CW&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=SHRIcJg-iUfzqflgmOmkUd0Q&rqh=1&gir=yes&clen=53761950&dur=3162.121&lmt=1736210078379414&mt=1736455748&fvip=5&keepalive=yes&fexp=51326932%2C51335594%2C51353497%2C51371294&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=0zUwPYFa0-F9Ww&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=met%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crms%2Cinitcwndbps&lsig=AGluJ3MwRAIgd6E0Yp0En6DgIrRYNed7XLkmQUXtz7JNPI8g7GpSkUcCIDQYCwRMjs3SpmghCvcjjoGUD2dtN_9W-pVz4m6ztJDe&alr=yes&sig=AJfQdSswRQIga6oJUHFntcixSjzFhaGFhzelwZPA2umB8Vss3GLjf3ACIQCLvrER5hnqt9prZMjWn4QhPR8Pza3Oj3mHWeIWAJHCWw%3D%3D&cpn=KBmVCHNtDNYL6zM0&cver=1.20250107.01.00-canary_control_1.20250108.01.00&range=0-71408&rn=2&rbuf=0&pot=IjihUKFTxtCWz-I31SbsPc0k7wXZCe4HxSHwA8gzlmTiaOM66BviN-sG9CjoFeY34DfAAYRj5XWSFA==&ump=1&srfvp=1 HTTP/1.1Host: rr3---sn-t0aedn7l.googlevideo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /videoplayback?expire=1736477696&ei=oDeAZ4C1Hra16dsPva6GiQQ&ip=8.46.123.189&id=o-AFNUZ2D2_Dd_aic2yntfv7c15wny2z3sWT93BgYqBaOw&itag=397&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&met=1736456096%2C&mh=Zv&mm=31%2C26&mn=sn-t0aedn7l%2Csn-5uaeznsl&ms=au%2Conr&mv=m&mvi=3&pl=23&rms=au%2Cau&initcwndbps=5993750&bui=AfMhrI_v1nI-oQK3g-PuPjzASs-2436ao-H8NaxGpHcpJL3u0kJOy4wnfenkEkNpKUJe8MWKfUyv1X_U&spc=x-caUO_ZvH2nKgc11lFsonvpfIbWW35N7uSENW84_44Wpmic6daKejAei2CW&vprv=1&svpuc=1&mime=video%2Fmp4&ns=SHRIcJg-iUfzqflgmOmkUd0Q&rqh=1&gir=yes&clen=30618074&dur=3162.080&lmt=1736215533919687&mt=1736455748&fvip=5&keepalive=yes&fexp=51326932%2C51335594%2C51353497%2C51371294&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=0zUwPYFa0-F9Ww&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=met%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crms%2Cinitcwndbps&lsig=AGluJ3MwRAIgd6E0Yp0En6DgIrRYNed7XLkmQUXtz7JNPI8g7GpSkUcCIDQYCwRMjs3SpmghCvcjjoGUD2dtN_9W-pVz4m6ztJDe&alr=yes&sig=AJfQdSswRQIhAI_rwFllGszfC6Kw1hjuFkUNp8WXhyBqQQKnD-9PSY0hAiApeosoQv0Ed0T0YWUxzjvfzAH3RGr1AN1KY05xWXbW5A%3D%3D&cpn=KBmVCHNtDNYL6zM0&cver=1.20250107.01.00-canary_control_1.20250108.01.00&range=0-154594&rn=1&rbuf=0&pot=IjgHswewYDMwLETUc8VK3mvHSeZ_6kjkY8JW4G7QMIdEi0XZTvhE1E3lUstO9kDURtRm4iKAQ5Y09w==&ump=1&srfvp=1 HTTP/1.1Host: rr3---sn-t0aedn7l.googlevideo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /youtubei/v1/next?prettyPrint=false HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=ai9MQ_IsTqk; VISITOR_INFO1_LIVE=rtLrPOSmvLs; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgbg%3D%3D
Source: global traffic	HTTP traffic detected: GET /videoplayback?expire=1736477696&ei=oDeAZ4C1Hra16dsPva6GiQQ&ip=8.46.123.189&id=o-AFNUZ2D2_Dd_aic2yntfv7c15wny2z3sWT93BgYqBaOw&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&met=1736456096%2C&mh=Zv&mm=31%2C26&mn=sn-t0aedn7l%2Csn-5uaeznsl&ms=au%2Conr&mv=m&mvi=3&pl=23&rms=au%2Cau&initcwndbps=5993750&bui=AfMhrI_v1nI-oQK3g-PuPjzASs-2436ao-H8NaxGpHcpJL3u0kJOy4wnfenkEkNpKUJe8MWKfUyv1X_U&spc=x-caUO_ZvH2nKgc11lFsonvpfIbWW35N7uSENW84_44Wpmic6daKejAei2CW&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=SHRIcJg-iUfzqflgmOmkUd0Q&rqh=1&gir=yes&clen=53761950&dur=3162.121&lmt=1736210078379414&mt=1736455748&fvip=5&keepalive=yes&fexp=51326932%2C51335594%2C51353497%2C51371294&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=0zUwPYFa0-F9Ww&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=met%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crms%2Cinitcwndbps&lsig=AGluJ3MwRAIgd6E0Yp0En6DgIrRYNed7XLkmQUXtz7JNPI8g7GpSkUcCIDQYCwRMjs3SpmghCvcjjoGUD2dtN_9W-pVz4m6ztJDe&alr=yes&sig=AJfQdSswRQIga6oJUHFntcixSjzFhaGFhzelwZPA2umB8Vss3GLjf3ACIQCLvrER5hnqt9prZMjWn4QhPR8Pza3Oj3mHWeIWAJHCWw%3D%3D&cpn=KBmVCHNtDNYL6zM0&cver=1.20250107.01.00-canary_control_1.20250108.01.00&range=71409-140449&rn=4&rbuf=3842&pot=IjhcpFyiOyRrBB_DKNIRyTDQEvEk_RPzONUN9zXHa5AfnB7OFe8fwxbyCdwV4RvDHcM99XmXGIFv4A==&ump=1&srfvp=1 HTTP/1.1Host: rr3---sn-t0aedn7l.googlevideo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /videoplayback?expire=1736477696&ei=oDeAZ4C1Hra16dsPva6GiQQ&ip=8.46.123.189&id=o-AFNUZ2D2_Dd_aic2yntfv7c15wny2z3sWT93BgYqBaOw&itag=397&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&met=1736456096%2C&mh=Zv&mm=31%2C26&mn=sn-t0aedn7l%2Csn-5uaeznsl&ms=au%2Conr&mv=m&mvi=3&pl=23&rms=au%2Cau&initcwndbps=5993750&bui=AfMhrI_v1nI-oQK3g-PuPjzASs-2436ao-H8NaxGpHcpJL3u0kJOy4wnfenkEkNpKUJe8MWKfUyv1X_U&spc=x-caUO_ZvH2nKgc11lFsonvpfIbWW35N7uSENW84_44Wpmic6daKejAei2CW&vprv=1&svpuc=1&mime=video%2Fmp4&ns=SHRIcJg-iUfzqflgmOmkUd0Q&rqh=1&gir=yes&clen=30618074&dur=3162.080&lmt=1736215533919687&mt=1736455748&fvip=5&keepalive=yes&fexp=51326932%2C51335594%2C51353497%2C51371294&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=0zUwPYFa0-F9Ww&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=met%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crms%2Cinitcwndbps&lsig=AGluJ3MwRAIgd6E0Yp0En6DgIrRYNed7XLkmQUXtz7JNPI8g7GpSkUcCIDQYCwRMjs3SpmghCvcjjoGUD2dtN_9W-pVz4m6ztJDe&alr=yes&sig=AJfQdSswRQIhAI_rwFllGszfC6Kw1hjuFkUNp8WXhyBqQQKnD-9PSY0hAiApeosoQv0Ed0T0YWUxzjvfzAH3RGr1AN1KY05xWXbW5A%3D%3D&cpn=KBmVCHNtDNYL6zM0&cver=1.20250107.01.00-canary_control_1.20250108.01.00&range=154595-294178&rn=3&rbuf=3830&pot=IjgDLAMqZKw0jEBLd1pOQW9YTXl7dUx7Z11Sf2pPNBhAFEFGSmdAS0l6VlRKaURLQktifSYfRwkwaA==&ump=1&srfvp=1 HTTP/1.1Host: rr3---sn-t0aedn7l.googlevideo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/player/3ede36f2/player_ias.vflset/en_US/captions.js HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=ai9MQ_IsTqk; VISITOR_INFO1_LIVE=rtLrPOSmvLs; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgbg%3D%3D
Source: global traffic	HTTP traffic detected: GET /videoplayback?expire=1736477696&ei=oDeAZ4C1Hra16dsPva6GiQQ&ip=8.46.123.189&id=o-AFNUZ2D2_Dd_aic2yntfv7c15wny2z3sWT93BgYqBaOw&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&met=1736456096%2C&mh=Zv&mm=31%2C26&mn=sn-t0aedn7l%2Csn-5uaeznsl&ms=au%2Conr&mv=m&mvi=3&pl=23&rms=au%2Cau&initcwndbps=5993750&bui=AfMhrI_v1nI-oQK3g-PuPjzASs-2436ao-H8NaxGpHcpJL3u0kJOy4wnfenkEkNpKUJe8MWKfUyv1X_U&spc=x-caUO_ZvH2nKgc11lFsonvpfIbWW35N7uSENW84_44Wpmic6daKejAei2CW&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=SHRIcJg-iUfzqflgmOmkUd0Q&rqh=1&gir=yes&clen=53761950&dur=3162.121&lmt=1736210078379414&mt=1736455748&fvip=5&keepalive=yes&fexp=51326932%2C51335594%2C51353497%2C51371294&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=0zUwPYFa0-F9Ww&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=met%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crms%2Cinitcwndbps&lsig=AGluJ3MwRAIgd6E0Yp0En6DgIrRYNed7XLkmQUXtz7JNPI8g7GpSkUcCIDQYCwRMjs3SpmghCvcjjoGUD2dtN_9W-pVz4m6ztJDe&alr=yes&sig=AJfQdSswRQIga6oJUHFntcixSjzFhaGFhzelwZPA2umB8Vss3GLjf3ACIQCLvrER5hnqt9prZMjWn4QhPR8Pza3Oj3mHWeIWAJHCWw%3D%3D&cpn=KBmVCHNtDNYL6zM0&cver=1.20250107.01.00-canary_control_1.20250108.01.00&range=140450-307330&rn=5&rbuf=7766&pot=IjhZAlkEPoJuohplLXQUbzV2F1chWxZVPXMIUTBhbjYaOhtoEEkaZRNUDHoQRx5lGGU4U3wxHSdqRg==&ump=1&srfvp=1 HTTP/1.1Host: rr3---sn-t0aedn7l.googlevideo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/player/3ede36f2/player_ias.vflset/en_US/endscreen.js HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=ai9MQ_IsTqk; VISITOR_INFO1_LIVE=rtLrPOSmvLs; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgbg%3D%3D
Source: global traffic	HTTP traffic detected: GET /ytc/AIdro_kXPpC91hWBfq9kR4J1VteYD5pZC7CaWzeH_gaYjVNe4rdWPt3VI-qtFVO3abjvzqNChQ=s88-c-k-c0x00ffffff-no-rj HTTP/1.1Host: yt3.ggpht.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.youtube.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /videoplayback?expire=1736477696&ei=oDeAZ4C1Hra16dsPva6GiQQ&ip=8.46.123.189&id=o-AFNUZ2D2_Dd_aic2yntfv7c15wny2z3sWT93BgYqBaOw&itag=397&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&met=1736456096%2C&mh=Zv&mm=31%2C26&mn=sn-t0aedn7l%2Csn-5uaeznsl&ms=au%2Conr&mv=m&mvi=3&pl=23&rms=au%2Cau&initcwndbps=5993750&bui=AfMhrI_v1nI-oQK3g-PuPjzASs-2436ao-H8NaxGpHcpJL3u0kJOy4wnfenkEkNpKUJe8MWKfUyv1X_U&spc=x-caUO_ZvH2nKgc11lFsonvpfIbWW35N7uSENW84_44Wpmic6daKejAei2CW&vprv=1&svpuc=1&mime=video%2Fmp4&ns=SHRIcJg-iUfzqflgmOmkUd0Q&rqh=1&gir=yes&clen=30618074&dur=3162.080&lmt=1736215533919687&mt=1736455748&fvip=5&keepalive=yes&fexp=51326932%2C51335594%2C51353497%2C51371294&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=0zUwPYFa0-F9Ww&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=met%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crms%2Cinitcwndbps&lsig=AGluJ3MwRAIgd6E0Yp0En6DgIrRYNed7XLkmQUXtz7JNPI8g7GpSkUcCIDQYCwRMjs3SpmghCvcjjoGUD2dtN_9W-pVz4m6ztJDe&alr=yes&sig=AJfQdSswRQIhAI_rwFllGszfC6Kw1hjuFkUNp8WXhyBqQQKnD-9PSY0hAiApeosoQv0Ed0T0YWUxzjvfzAH3RGr1AN1KY05xWXbW5A%3D%3D&cpn=KBmVCHNtDNYL6zM0&cver=1.20250107.01.00-canary_control_1.20250108.01.00&range=294179-867497&rn=6&rbuf=9952&pot=IjjGJ8YhoafxhoVAslGLSqpTiHK-folwolaXdK9E8ROFH4RNj2yFQIxxk1-PYoFAh0CnduMUggL1Yw==&ump=1&srfvp=1 HTTP/1.1Host: rr3---sn-t0aedn7l.googlevideo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true&authuser=0 HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=m0Zu1_GrK9QwLAE5OcCZdC0qoRCznfa8EYUarUwutpfX211D_Qx8bZdHcYIh7Zyu7xV_o4_YSa5g6bwnUp3rwpYcBwP06xiB1Brn7g5wlNI8_7OLQa37O12Ka5GiZNFkob2VJrzireBkSsJ-J7ZeqWm8wHsbnsyOCOazKsuraHPAytM-j8Nsapn3ohF9
Source: global traffic	HTTP traffic detected: GET /youtubei/v1/log_event?alt=json HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=ai9MQ_IsTqk; VISITOR_INFO1_LIVE=rtLrPOSmvLs; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgbg%3D%3D
Source: global traffic	HTTP traffic detected: GET /videoplayback?expire=1736477696&ei=oDeAZ4C1Hra16dsPva6GiQQ&ip=8.46.123.189&id=o-AFNUZ2D2_Dd_aic2yntfv7c15wny2z3sWT93BgYqBaOw&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&met=1736456096%2C&mh=Zv&mm=31%2C26&mn=sn-t0aedn7l%2Csn-5uaeznsl&ms=au%2Conr&mv=m&mvi=3&pl=23&rms=au%2Cau&initcwndbps=5993750&bui=AfMhrI_v1nI-oQK3g-PuPjzASs-2436ao-H8NaxGpHcpJL3u0kJOy4wnfenkEkNpKUJe8MWKfUyv1X_U&spc=x-caUO_ZvH2nKgc11lFsonvpfIbWW35N7uSENW84_44Wpmic6daKejAei2CW&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=SHRIcJg-iUfzqflgmOmkUd0Q&rqh=1&gir=yes&clen=53761950&dur=3162.121&lmt=1736210078379414&mt=1736455748&fvip=5&keepalive=yes&fexp=51326932%2C51335594%2C51353497%2C51371294&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=0zUwPYFa0-F9Ww&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=met%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crms%2Cinitcwndbps&lsig=AGluJ3MwRAIgd6E0Yp0En6DgIrRYNed7XLkmQUXtz7JNPI8g7GpSkUcCIDQYCwRMjs3SpmghCvcjjoGUD2dtN_9W-pVz4m6ztJDe&alr=yes&sig=AJfQdSswRQIga6oJUHFntcixSjzFhaGFhzelwZPA2umB8Vss3GLjf3ACIQCLvrER5hnqt9prZMjWn4QhPR8Pza3Oj3mHWeIWAJHCWw%3D%3D&cpn=KBmVCHNtDNYL6zM0&cver=1.20250107.01.00-canary_control_1.20250108.01.00&range=307331-522882&rn=7&rbuf=16543&pot=IjizobOn1CGEA_DGx9f-zN_V_fTL-Pz219Di8trChJXwmfHL-urwxvn35tn65PTG8sbS8JaS94SA5Q==&ump=1&srfvp=1 HTTP/1.1Host: rr3---sn-t0aedn7l.googlevideo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ytc/AIdro_kXPpC91hWBfq9kR4J1VteYD5pZC7CaWzeH_gaYjVNe4rdWPt3VI-qtFVO3abjvzqNChQ=s88-c-k-c0x00ffffff-no-rj HTTP/1.1Host: yt3.ggpht.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true&authuser=0 HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=m0Zu1_GrK9QwLAE5OcCZdC0qoRCznfa8EYUarUwutpfX211D_Qx8bZdHcYIh7Zyu7xV_o4_YSa5g6bwnUp3rwpYcBwP06xiB1Brn7g5wlNI8_7OLQa37O12Ka5GiZNFkob2VJrzireBkSsJ-J7ZeqWm8wHsbnsyOCOazKsuraHPAytM-j8Nsapn3ohF9
Source: global traffic	HTTP traffic detected: GET /youtubei/v1/log_event?alt=json HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=ai9MQ_IsTqk; VISITOR_INFO1_LIVE=rtLrPOSmvLs; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgbg%3D%3D
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true&authuser=0 HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=iEQt66g_a3YZoX5RAKt25TG_mJWE9wso6IcXpLlSqRsNi6a76p9pk7gHZyelwNrVeEgL4S2XsmvRokGyx7PvpF2JGBGXvYJRRMijNedm_PnaxGtAIGb_0yez7eh4fRD_u9xcTp1KY_rAu4tMA7hhGFV73Fcn3YEyiL9Enp-w5RpWJTHB2sSBUr8
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true&authuser=0 HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=PG722sbfvqV6KlnsNvt4kckHWxljIqmQAhvMZlsAlgxqeh-8Wm13XoliLu3G25e9Wz86t1KY5j3-ZGu9u9BPyCVOa82KW9U9aPxZ6SbGW9CqF64MPmvWQ36GmWGXeuG072J1Ie6_25YbYOzx7OlQSDm1qXiAZjeV9WfuHuh_fzRMniyrCGN0GHbolFbMZw8
Source: global traffic	HTTP traffic detected: GET /videoplayback?expire=1736477696&ei=oDeAZ4C1Hra16dsPva6GiQQ&ip=8.46.123.189&id=o-AFNUZ2D2_Dd_aic2yntfv7c15wny2z3sWT93BgYqBaOw&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&met=1736456096%2C&mh=Zv&mm=31%2C26&mn=sn-t0aedn7l%2Csn-5uaeznsl&ms=au%2Conr&mv=m&mvi=3&pl=23&rms=au%2Cau&initcwndbps=5993750&bui=AfMhrI_v1nI-oQK3g-PuPjzASs-2436ao-H8NaxGpHcpJL3u0kJOy4wnfenkEkNpKUJe8MWKfUyv1X_U&spc=x-caUO_ZvH2nKgc11lFsonvpfIbWW35N7uSENW84_44Wpmic6daKejAei2CW&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=SHRIcJg-iUfzqflgmOmkUd0Q&rqh=1&gir=yes&clen=53761950&dur=3162.121&lmt=1736210078379414&mt=1736455748&fvip=5&keepalive=yes&fexp=51326932%2C51335594%2C51353497%2C51371294&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=0zUwPYFa0-F9Ww&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=met%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crms%2Cinitcwndbps&lsig=AGluJ3MwRAIgd6E0Yp0En6DgIrRYNed7XLkmQUXtz7JNPI8g7GpSkUcCIDQYCwRMjs3SpmghCvcjjoGUD2dtN_9W-pVz4m6ztJDe&alr=yes&sig=AJfQdSswRQIga6oJUHFntcixSjzFhaGFhzelwZPA2umB8Vss3GLjf3ACIQCLvrER5hnqt9prZMjWn4QhPR8Pza3Oj3mHWeIWAJHCWw%3D%3D&cpn=KBmVCHNtDNYL6zM0&cver=1.20250107.01.00-canary_control_1.20250108.01.00&range=522883-930949&rn=8&rbuf=22827&pot=MnRVUFcU02mb1lVo7Z7SSGuhIjkijW2NOXIe1qTwwvI-sjBmeM01ox1Lem1cDkd2xg24MILS1YW3tBTPGSB5dKyHzO_Hiec1qSLqNcg8h7RoghHABUUy000X84tZrvpFRJLeEVZL1llS3aRL-wnc2WHE9bh6Ag==&ump=1&srfvp=1 HTTP/1.1Host: rr3---sn-t0aedn7l.googlevideo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /videoplayback?expire=1736477696&ei=oDeAZ4C1Hra16dsPva6GiQQ&ip=8.46.123.189&id=o-AFNUZ2D2_Dd_aic2yntfv7c15wny2z3sWT93BgYqBaOw&itag=397&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&met=1736456096%2C&mh=Zv&mm=31%2C26&mn=sn-t0aedn7l%2Csn-5uaeznsl&ms=au%2Conr&mv=m&mvi=3&pl=23&rms=au%2Cau&initcwndbps=5993750&bui=AfMhrI_v1nI-oQK3g-PuPjzASs-2436ao-H8NaxGpHcpJL3u0kJOy4wnfenkEkNpKUJe8MWKfUyv1X_U&spc=x-caUO_ZvH2nKgc11lFsonvpfIbWW35N7uSENW84_44Wpmic6daKejAei2CW&vprv=1&svpuc=1&mime=video%2Fmp4&ns=SHRIcJg-iUfzqflgmOmkUd0Q&rqh=1&gir=yes&clen=30618074&dur=3162.080&lmt=1736215533919687&mt=1736455748&fvip=5&keepalive=yes&fexp=51326932%2C51335594%2C51353497%2C51371294&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=0zUwPYFa0-F9Ww&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=met%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crms%2Cinitcwndbps&lsig=AGluJ3MwRAIgd6E0Yp0En6DgIrRYNed7XLkmQUXtz7JNPI8g7GpSkUcCIDQYCwRMjs3SpmghCvcjjoGUD2dtN_9W-pVz4m6ztJDe&alr=yes&sig=AJfQdSswRQIhAI_rwFllGszfC6Kw1hjuFkUNp8WXhyBqQQKnD-9PSY0hAiApeosoQv0Ed0T0YWUxzjvfzAH3RGr1AN1KY05xWXbW5A%3D%3D&cpn=KBmVCHNtDNYL6zM0&cver=1.20250107.01.00-canary_control_1.20250108.01.00&range=867498-2649207&rn=9&rbuf=24682&pot=MnRVUFcU02mb1lVo7Z7SSGuhIjkijW2NOXIe1qTwwvI-sjBmeM01ox1Lem1cDkd2xg24MILS1YW3tBTPGSB5dKyHzO_Hiec1qSLqNcg8h7RoghHABUUy000X84tZrvpFRJLeEVZL1llS3aRL-wnc2WHE9bh6Ag==&ump=1&srfvp=1 HTTP/1.1Host: rr3---sn-t0aedn7l.googlevideo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /youtubei/v1/log_event?alt=json HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=ai9MQ_IsTqk; VISITOR_INFO1_LIVE=rtLrPOSmvLs; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgbg%3D%3D
Source: global traffic	HTTP traffic detected: GET /videoplayback?expire=1736477696&ei=oDeAZ4C1Hra16dsPva6GiQQ&ip=8.46.123.189&id=o-AFNUZ2D2_Dd_aic2yntfv7c15wny2z3sWT93BgYqBaOw&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&met=1736456096%2C&mh=Zv&mm=31%2C26&mn=sn-t0aedn7l%2Csn-5uaeznsl&ms=au%2Conr&mv=m&mvi=3&pl=23&rms=au%2Cau&initcwndbps=5993750&bui=AfMhrI_v1nI-oQK3g-PuPjzASs-2436ao-H8NaxGpHcpJL3u0kJOy4wnfenkEkNpKUJe8MWKfUyv1X_U&spc=x-caUO_ZvH2nKgc11lFsonvpfIbWW35N7uSENW84_44Wpmic6daKejAei2CW&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=SHRIcJg-iUfzqflgmOmkUd0Q&rqh=1&gir=yes&clen=53761950&dur=3162.121&lmt=1736210078379414&mt=1736455748&fvip=5&keepalive=yes&fexp=51326932%2C51335594%2C51353497%2C51371294&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=0zUwPYFa0-F9Ww&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=met%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crms%2Cinitcwndbps&lsig=AGluJ3MwRAIgd6E0Yp0En6DgIrRYNed7XLkmQUXtz7JNPI8g7GpSkUcCIDQYCwRMjs3SpmghCvcjjoGUD2dtN_9W-pVz4m6ztJDe&alr=yes&sig=AJfQdSswRQIga6oJUHFntcixSjzFhaGFhzelwZPA2umB8Vss3GLjf3ACIQCLvrER5hnqt9prZMjWn4QhPR8Pza3Oj3mHWeIWAJHCWw%3D%3D&cpn=KBmVCHNtDNYL6zM0&cver=1.20250107.01.00-canary_control_1.20250108.01.00&range=930950-1534326&rn=10&rbuf=32724&pot=MnRVUFcU02mb1lVo7Z7SSGuhIjkijW2NOXIe1qTwwvI-sjBmeM01ox1Lem1cDkd2xg24MILS1YW3tBTPGSB5dKyHzO_Hiec1qSLqNcg8h7RoghHABUUy000X84tZrvpFRJLeEVZL1llS3aRL-wnc2WHE9bh6Ag==&ump=1&srfvp=1 HTTP/1.1Host: rr3---sn-t0aedn7l.googlevideo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true&authuser=0 HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=PG722sbfvqV6KlnsNvt4kckHWxljIqmQAhvMZlsAlgxqeh-8Wm13XoliLu3G25e9Wz86t1KY5j3-ZGu9u9BPyCVOa82KW9U9aPxZ6SbGW9CqF64MPmvWQ36GmWGXeuG072J1Ie6_25YbYOzx7OlQSDm1qXiAZjeV9WfuHuh_fzRMniyrCGN0GHbolFbMZw8
Source: global traffic	HTTP traffic detected: GET /videoplayback?expire=1736477696&ei=oDeAZ4C1Hra16dsPva6GiQQ&ip=8.46.123.189&id=o-AFNUZ2D2_Dd_aic2yntfv7c15wny2z3sWT93BgYqBaOw&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&met=1736456096%2C&mh=Zv&mm=31%2C26&mn=sn-t0aedn7l%2Csn-5uaeznsl&ms=au%2Conr&mv=m&mvi=3&pl=23&rms=au%2Cau&initcwndbps=5993750&bui=AfMhrI_v1nI-oQK3g-PuPjzASs-2436ao-H8NaxGpHcpJL3u0kJOy4wnfenkEkNpKUJe8MWKfUyv1X_U&spc=x-caUO_ZvH2nKgc11lFsonvpfIbWW35N7uSENW84_44Wpmic6daKejAei2CW&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=SHRIcJg-iUfzqflgmOmkUd0Q&rqh=1&gir=yes&clen=53761950&dur=3162.121&lmt=1736210078379414&mt=1736455748&fvip=5&keepalive=yes&fexp=51326932%2C51335594%2C51353497%2C51371294&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=0zUwPYFa0-F9Ww&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=met%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crms%2Cinitcwndbps&lsig=AGluJ3MwRAIgd6E0Yp0En6DgIrRYNed7XLkmQUXtz7JNPI8g7GpSkUcCIDQYCwRMjs3SpmghCvcjjoGUD2dtN_9W-pVz4m6ztJDe&alr=yes&sig=AJfQdSswRQIga6oJUHFntcixSjzFhaGFhzelwZPA2umB8Vss3GLjf3ACIQCLvrER5hnqt9prZMjWn4QhPR8Pza3Oj3mHWeIWAJHCWw%3D%3D&cpn=KBmVCHNtDNYL6zM0&cver=1.20250107.01.00-canary_control_1.20250108.01.00&range=1534327-2152745&rn=11&rbuf=47948&pot=MnRVUFcU02mb1lVo7Z7SSGuhIjkijW2NOXIe1qTwwvI-sjBmeM01ox1Lem1cDkd2xg24MILS1YW3tBTPGSB5dKyHzO_Hiec1qSLqNcg8h7RoghHABUUy000X84tZrvpFRJLeEVZL1llS3aRL-wnc2WHE9bh6Ag==&ump=1&srfvp=1 HTTP/1.1Host: rr3---sn-t0aedn7l.googlevideo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /event/1YahHTWvLs8kmboN?event=transcript:open HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /X-XSRF-TOKEN: eyJpdiI6Ii96bVU3djUwZXZSRXAwaWJ6UG9MakE9PSIsInZhbHVlIjoiYWFkUis1am4vbFZiY0xBd3B6bkNsaEhZMk5sdGg1UlNhcFhHcVdXR1BDN081dGtrRXRGa3JNWlNWaXBHUStsMlF4Rm5WdnlOQUhLMTBBZklWaVpPSXVEaFlqZm5yZDl0SENtYlcxbmhHWUdhbFNWdFZXOG9ZZkxEN21ROXg5RGYiLCJtYWMiOiI3ZDA2YjZmMmY2MTgyYWNmNjljMjE4NDY0MTI0MzkxNzA3NzhmY2NlOGU3MGY2ZGMyZDY5NGU4NTY0ZDYzOGViIn0=sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6Ii96bVU3djUwZXZSRXAwaWJ6UG9MakE9PSIsInZhbHVlIjoiYWFkUis1am4vbFZiY0xBd3B6bkNsaEhZMk5sdGg1UlNhcFhHcVdXR1BDN081dGtrRXRGa3JNWlNWaXBHUStsMlF4Rm5WdnlOQUhLMTBBZklWaVpPSXVEaFlqZm5yZDl0SENtYlcxbmhHWUdhbFNWdFZXOG9ZZkxEN21ROXg5RGYiLCJtYWMiOiI3ZDA2YjZmMmY2MTgyYWNmNjljMjE4NDY0MTI0MzkxNzA3NzhmY2NlOGU3MGY2ZGMyZDY5NGU4NTY0ZDYzOGViIn0%3D; _=eyJpdiI6ImI3VUsydmtPd0p3MWJOUW5kUTU2bEE9PSIsInZhbHVlIjoiR09EYzEyeWUxdlllVXNTKzhrUklneXc4WnE2YUlnWGpsUWNWQjkxSWU0dUo1TUFwRTlPUTE3UHdKbTBFTDZrYm1iNDA5dXJuZW1XVzlKRElJdVdCelBnQkFob1J0bmY1cUV0UllDMlZUdUF4NFowRmxGSGNuSzYrY1BjdkpqeVQiLCJtYWMiOiJjZmQ0OWMzNGQyOThiNGM4N2Y1NTkxZWI4ZWRmNGQxYjRkOGY0NjYzZjNlMmRhMTMwZDQ1MjMxZTI2M2VmMzZmIn0%3D; referrer=eyJpdiI6IlNsVFpsclB6c0phOHV0dE5kRjNKWmc9PSIsInZhbHVlIjoiRzBTR3c4Zi8xYUlqdTl6eVVGSmMrMm5FOUIwaEF0L2VrZWkzVm9
Source: global traffic	HTTP traffic detected: GET /images/0.png HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visi-sharp.net/css/app-19.css?id=9cf94c61215466bf367fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6Ii96bVU3djUwZXZSRXAwaWJ6UG9MakE9PSIsInZhbHVlIjoiYWFkUis1am4vbFZiY0xBd3B6bkNsaEhZMk5sdGg1UlNhcFhHcVdXR1BDN081dGtrRXRGa3JNWlNWaXBHUStsMlF4Rm5WdnlOQUhLMTBBZklWaVpPSXVEaFlqZm5yZDl0SENtYlcxbmhHWUdhbFNWdFZXOG9ZZkxEN21ROXg5RGYiLCJtYWMiOiI3ZDA2YjZmMmY2MTgyYWNmNjljMjE4NDY0MTI0MzkxNzA3NzhmY2NlOGU3MGY2ZGMyZDY5NGU4NTY0ZDYzOGViIn0%3D; _=eyJpdiI6ImI3VUsydmtPd0p3MWJOUW5kUTU2bEE9PSIsInZhbHVlIjoiR09EYzEyeWUxdlllVXNTKzhrUklneXc4WnE2YUlnWGpsUWNWQjkxSWU0dUo1TUFwRTlPUTE3UHdKbTBFTDZrYm1iNDA5dXJuZW1XVzlKRElJdVdCelBnQkFob1J0bmY1cUV0UllDMlZUdUF4NFowRmxGSGNuSzYrY1BjdkpqeVQiLCJtYWMiOiJjZmQ0OWMzNGQyOThiNGM4N2Y1NTkxZWI4ZWRmNGQxYjRkOGY0NjYzZjNlMmRhMTMwZDQ1MjMxZTI2M2VmMzZmIn0%3D; referrer=eyJpdiI6IlNsVFpsclB6c0phOHV0dE5kRjNKWmc9PSIsInZhbHVlIjoiRzBTR3c4Zi8xYUlqdTl6eVVGSmMrMm5FOUIwaEF0L2VrZWkzVm9DM2ZNK2lSOHU3TndyTzZ0NmxyYjN1RHlOemdtbDNoVlVtVUltUVJnKzkvQXpuQ2c9PSIsIm1hYyI6IjNjZGU2MTc2MDU4MTk4NzQzNWYxNTZiOWRjYjYzZDdjNzVmYWMxNzdmMzYxM2ZiYmExYWE2YTczZTMyNWU1NWMifQ%3D%3D; _ga_PL0H41SBF9=GS1.1.1736456088.1.0.1736456088.0.0.0; _gid=GA1.2.992191435.1736456088; _gat_gtag_UA_62785402_66=1; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6
Source: global traffic	HTTP traffic detected: GET /images/5.png HTTP/1.1Host: visi-sharp.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://visi-sharp.net/css/app-19.css?id=9cf94c61215466bf367fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6Ii96bVU3djUwZXZSRXAwaWJ6UG9MakE9PSIsInZhbHVlIjoiYWFkUis1am4vbFZiY0xBd3B6bkNsaEhZMk5sdGg1UlNhcFhHcVdXR1BDN081dGtrRXRGa3JNWlNWaXBHUStsMlF4Rm5WdnlOQUhLMTBBZklWaVpPSXVEaFlqZm5yZDl0SENtYlcxbmhHWUdhbFNWdFZXOG9ZZkxEN21ROXg5RGYiLCJtYWMiOiI3ZDA2YjZmMmY2MTgyYWNmNjljMjE4NDY0MTI0MzkxNzA3NzhmY2NlOGU3MGY2ZGMyZDY5NGU4NTY0ZDYzOGViIn0%3D; _=eyJpdiI6ImI3VUsydmtPd0p3MWJOUW5kUTU2bEE9PSIsInZhbHVlIjoiR09EYzEyeWUxdlllVXNTKzhrUklneXc4WnE2YUlnWGpsUWNWQjkxSWU0dUo1TUFwRTlPUTE3UHdKbTBFTDZrYm1iNDA5dXJuZW1XVzlKRElJdVdCelBnQkFob1J0bmY1cUV0UllDMlZUdUF4NFowRmxGSGNuSzYrY1BjdkpqeVQiLCJtYWMiOiJjZmQ0OWMzNGQyOThiNGM4N2Y1NTkxZWI4ZWRmNGQxYjRkOGY0NjYzZjNlMmRhMTMwZDQ1MjMxZTI2M2VmMzZmIn0%3D; referrer=eyJpdiI6IlNsVFpsclB6c0phOHV0dE5kRjNKWmc9PSIsInZhbHVlIjoiRzBTR3c4Zi8xYUlqdTl6eVVGSmMrMm5FOUIwaEF0L2VrZWkzVm9DM2ZNK2lSOHU3TndyTzZ0NmxyYjN1RHlOemdtbDNoVlVtVUltUVJnKzkvQXpuQ2c9PSIsIm1hYyI6IjNjZGU2MTc2MDU4MTk4NzQzNWYxNTZiOWRjYjYzZDdjNzVmYWMxNzdmMzYxM2ZiYmExYWE2YTczZTMyNWU1NWMifQ%3D%3D; _ga_PL0H41SBF9=GS1.1.1736456088.1.0.1736456088.0.0.0; _gid=GA1.2.992191435.1736456088; _gat_gtag_UA_62785402_66=1; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6
Source: global traffic	HTTP traffic detected: GET /videoplayback?expire=1736477696&ei=oDeAZ4C1Hra16dsPva6GiQQ&ip=8.46.123.189&id=o-AFNUZ2D2_Dd_aic2yntfv7c15wny2z3sWT93BgYqBaOw&itag=397&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&met=1736456096%2C&mh=Zv&mm=31%2C26&mn=sn-t0aedn7l%2Csn-5uaeznsl&ms=au%2Conr&mv=m&mvi=3&pl=23&rms=au%2Cau&initcwndbps=5993750&bui=AfMhrI_v1nI-oQK3g-PuPjzASs-2436ao-H8NaxGpHcpJL3u0kJOy4wnfenkEkNpKUJe8MWKfUyv1X_U&spc=x-caUO_ZvH2nKgc11lFsonvpfIbWW35N7uSENW84_44Wpmic6daKejAei2CW&vprv=1&svpuc=1&mime=video%2Fmp4&ns=SHRIcJg-iUfzqflgmOmkUd0Q&rqh=1&gir=yes&clen=30618074&dur=3162.080&lmt=1736215533919687&mt=1736455748&fvip=5&keepalive=yes&fexp=51326932%2C51335594%2C51353497%2C51371294&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=0zUwPYFa0-F9Ww&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=met%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crms%2Cinitcwndbps&lsig=AGluJ3MwRAIgd6E0Yp0En6DgIrRYNed7XLkmQUXtz7JNPI8g7GpSkUcCIDQYCwRMjs3SpmghCvcjjoGUD2dtN_9W-pVz4m6ztJDe&alr=yes&sig=AJfQdSswRQIhAI_rwFllGszfC6Kw1hjuFkUNp8WXhyBqQQKnD-9PSY0hAiApeosoQv0Ed0T0YWUxzjvfzAH3RGr1AN1KY05xWXbW5A%3D%3D&cpn=KBmVCHNtDNYL6zM0&cver=1.20250107.01.00-canary_control_1.20250108.01.00&range=2649208-4534709&rn=12&rbuf=50645&pot=MnRVUFcU02mb1lVo7Z7SSGuhIjkijW2NOXIe1qTwwvI-sjBmeM01ox1Lem1cDkd2xg24MILS1YW3tBTPGSB5dKyHzO_Hiec1qSLqNcg8h7RoghHABUUy000X84tZrvpFRJLeEVZL1llS3aRL-wnc2WHE9bh6Ag==&ump=1&srfvp=1 HTTP/1.1Host: rr3---sn-t0aedn7l.googlevideo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/0.png HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; XSRF-TOKEN=eyJpdiI6Ii96bVU3djUwZXZSRXAwaWJ6UG9MakE9PSIsInZhbHVlIjoiYWFkUis1am4vbFZiY0xBd3B6bkNsaEhZMk5sdGg1UlNhcFhHcVdXR1BDN081dGtrRXRGa3JNWlNWaXBHUStsMlF4Rm5WdnlOQUhLMTBBZklWaVpPSXVEaFlqZm5yZDl0SENtYlcxbmhHWUdhbFNWdFZXOG9ZZkxEN21ROXg5RGYiLCJtYWMiOiI3ZDA2YjZmMmY2MTgyYWNmNjljMjE4NDY0MTI0MzkxNzA3NzhmY2NlOGU3MGY2ZGMyZDY5NGU4NTY0ZDYzOGViIn0%3D; _=eyJpdiI6ImI3VUsydmtPd0p3MWJOUW5kUTU2bEE9PSIsInZhbHVlIjoiR09EYzEyeWUxdlllVXNTKzhrUklneXc4WnE2YUlnWGpsUWNWQjkxSWU0dUo1TUFwRTlPUTE3UHdKbTBFTDZrYm1iNDA5dXJuZW1XVzlKRElJdVdCelBnQkFob1J0bmY1cUV0UllDMlZUdUF4NFowRmxGSGNuSzYrY1BjdkpqeVQiLCJtYWMiOiJjZmQ0OWMzNGQyOThiNGM4N2Y1NTkxZWI4ZWRmNGQxYjRkOGY0NjYzZjNlMmRhMTMwZDQ1MjMxZTI2M2VmMzZmIn0%3D; referrer=eyJpdiI6IlNsVFpsclB6c0phOHV0dE5kRjNKWmc9PSIsInZhbHVlIjoiRzBTR3c4Zi8xYUlqdTl6eVVGSmMrMm5FOUIwaEF0L2VrZWkzVm9DM2ZNK2lSOHU3TndyTzZ0NmxyYjN1RHlOemdtbDNoVlVtVUltUVJnKzkvQXpuQ2c9PSIsIm1hYyI6IjNjZGU2MTc2MDU4MTk4NzQzNWYxNTZiOWRjYjYzZDdjNzVmYWMxNzdmMzYxM2ZiYmExYWE2YTczZTMyNWU1NWMifQ%3D%3D; _ga_PL0H41SBF9=GS1.1.1736456088.1.0.1736456088.0.0.0; _gid=GA1.2.992191435.1736456088; _gat_gtag_UA_62785402_66=1; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; campaign_id=; referrer=8.46.123.189::visi-sharp.net%2Freport; _ga=GA1.1.1941801668.1736456088; _ga_61SXPRGS4Y=GS1.1.1736456088.1.0.1736456096.0.0.0; transcript=true
Source: global traffic	HTTP traffic detected: GET /event/1YahHTWvLs8kmboN?event=transcript:open HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; _ga_PL0H41SBF9=GS1.1.1736456088.1.0.1736456088.0.0.0; _gid=GA1.2.992191435.1736456088; _gat_gtag_UA_62785402_66=1; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; campaign_id=; referrer=8.46.123.189::visi-sharp.net%2Freport; _ga=GA1.1.1941801668.1736456088; _ga_61SXPRGS4Y=GS1.1.1736456088.1.0.1736456096.0.0.0; transcript=true; XSRF-TOKEN=eyJpdiI6IjRaeTRVWWdYaW5ZZm1VdnlXVFVES3c9PSIsInZhbHVlIjoiQ25ndFZWSnV2OHpuVm94ZlZGY21vMkdQb3A3R0w5OVZaM3hDM0s5UEQyenZZcEVxUCtFZ280Sy9LelZlaFZDY0orNDROM0NHYmRhRkpaUUR4QXg2cVpISWdodDFlTzdOUmhMbFMrcXU2ZFJ3a0R0QW0vN1dTWE9ITno0bi9QUXkiLCJtYWMiOiIzYWJjNzkzMDMzMTMxMzU1ZTFiNzA4YzI3NjE0MjVjMDQ2NDU1ODUyMjUyODhlY2UxOTQxZTc0MTQxNjllZWYyIn0%3D; _=eyJpdiI6InZpU1E5ejB0Tk5OYStmaU53V2VMMHc9PSIsInZhbHVlIjoiRGFCU2hUTTdhZk54MlRVWjI1RmF2S01NVEN3WFlLWm5TOUlnZDJlWjI5ZC91MFBjck1qSmJvbkhGc05BRERmVERxM3puY3c2OTZ6OHZTZ2RVTldEZHN2blVjalFuWlBMV3FzNUlWMDBZS2praUhjODY0REdEdDR4MFZWY3BiUlAiLCJtYWMiOiIzMzIwMTI5Mjc5NTI0Y2IwNzE3ODMwYTEzYWM5MjUxODZlMDcyODIxOTVjOWMxNzBhZjQ2NTc0MmE4NGQ3YTNiIn0%3D; referrer=eyJpdiI6IlZIblp0M1B6RUEzUnNidEd0Y1k3elE9PSIsInZhbHVlIjoicEZCN0JXam1uVjd2Y0tpbnFKRWRNS2NIcXlsMjRsZkxWY0VBclpSS1poZFhkeXdiM2tnWkVWZnM4alozbjJITTJtRmluQ3lUTGt3bUJQeFZ0T0ZrTXlIcjYreXhZM1J0cGxlOUVYMGlQVnpoME9pUTB2Um5BT1dDR1NodmZuRnVPbnpUQklSNXY0UXhhVlo3Z2YwSHNBU2JkZW1LVk1CdWdPc1NRYmVIMHpha3ZSYitWVTdjd1lDWnk1QzFuVlNQIiwibWFjIjoiNTg3
Source: global traffic	HTTP traffic detected: GET /images/5.png HTTP/1.1Host: visi-sharp.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; pixels=eyJpdiI6InBUckFuZGc3dUNhN0tJOERXd290a2c9PSIsInZhbHVlIjoiQmVwNlA5MGtISFB1STF1M2tpbDRwTDRoQW92QXN2bGpzM1ZSeXhxaWlSUTJkejQyWW9nM3QyWHdXZFBOMi9VdC9WTlZuM3F1ZTdoWkJ4bTJCTGVjMWNhZGEyeGVnYy9Fck85QVBMN0RxMmJGK3pIRlJXeGFGcDdjWnRMV2FoeXdnSGFXcFh3Z25ub2cwb3p2bnB2dklBPT0iLCJtYWMiOiJiMWNkZDIwZDRmM2I1N2MyOWIwMzk2OTljOTE1MzM0NTUwMDA2MmUxMzg5ZTgyZjI4YzBlZWVmM2E2YTUzMmY5In0%3D; user=1YahHTWvLs8kmboN; _ga_PL0H41SBF9=GS1.1.1736456088.1.0.1736456088.0.0.0; _gid=GA1.2.992191435.1736456088; _gat_gtag_UA_62785402_66=1; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; campaign_id=; referrer=8.46.123.189::visi-sharp.net%2Freport; _ga=GA1.1.1941801668.1736456088; _ga_61SXPRGS4Y=GS1.1.1736456088.1.0.1736456096.0.0.0; transcript=true; XSRF-TOKEN=eyJpdiI6IjRaeTRVWWdYaW5ZZm1VdnlXVFVES3c9PSIsInZhbHVlIjoiQ25ndFZWSnV2OHpuVm94ZlZGY21vMkdQb3A3R0w5OVZaM3hDM0s5UEQyenZZcEVxUCtFZ280Sy9LelZlaFZDY0orNDROM0NHYmRhRkpaUUR4QXg2cVpISWdodDFlTzdOUmhMbFMrcXU2ZFJ3a0R0QW0vN1dTWE9ITno0bi9QUXkiLCJtYWMiOiIzYWJjNzkzMDMzMTMxMzU1ZTFiNzA4YzI3NjE0MjVjMDQ2NDU1ODUyMjUyODhlY2UxOTQxZTc0MTQxNjllZWYyIn0%3D; _=eyJpdiI6InZpU1E5ejB0Tk5OYStmaU53V2VMMHc9PSIsInZhbHVlIjoiRGFCU2hUTTdhZk54MlRVWjI1RmF2S01NVEN3WFlLWm5TOUlnZDJlWjI5ZC91MFBjck1qSmJvbkhGc05BRERmVERxM3puY3c2OTZ6OHZTZ2RVTldEZHN2blVjalFuWlBMV3FzNUlWMDBZS2praUhjODY0REdEdDR4MFZWY3BiUlAiLCJtYWMiOiIzMzIwMTI5Mjc5NTI0Y2IwNzE3ODMwYTEzYWM5MjUxODZlMDcyODIxOTVjOWMxNzBhZjQ2NTc0MmE4NGQ3YTNiIn0%3D; referrer=eyJpdiI6IlZIblp0M1B6RUEzUnNidEd0Y1k3elE9PSIsInZhbHVlIjoicEZCN0JXam1uVjd2Y0tpbnFKRWRNS2NIcXlsMjRsZkxWY0VBclpSS1poZFhkeXdiM2tnWkVWZnM4alozbjJITTJtRmluQ3lUTGt3bUJQeFZ0T0ZrTXlIcjYreXhZM1J0cGxlOUVYMGlQVnpoME9pUTB2Um5BT1dDR1NodmZuRnVPbnpUQklSNXY0UXhhVlo3Z2YwSHNBU2JkZW1LVk1CdWdPc1NRYmVIMHpha3ZSYitWVTdjd1lDWnk1QzFuVlNQIiwibWFjIjoiNTg3OTczNTYxMDc3MmQ3Y2YxMjQ1MjkxZTZh
Source: global traffic	HTTP traffic detected: GET /videoplayback?expire=1736477696&ei=oDeAZ4C1Hra16dsPva6GiQQ&ip=8.46.123.189&id=o-AFNUZ2D2_Dd_aic2yntfv7c15wny2z3sWT93BgYqBaOw&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&met=1736456096%2C&mh=Zv&mm=31%2C26&mn=sn-t0aedn7l%2Csn-5uaeznsl&ms=au%2Conr&mv=m&mvi=3&pl=23&rms=au%2Cau&initcwndbps=5993750&bui=AfMhrI_v1nI-oQK3g-PuPjzASs-2436ao-H8NaxGpHcpJL3u0kJOy4wnfenkEkNpKUJe8MWKfUyv1X_U&spc=x-caUO_ZvH2nKgc11lFsonvpfIbWW35N7uSENW84_44Wpmic6daKejAei2CW&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=SHRIcJg-iUfzqflgmOmkUd0Q&rqh=1&gir=yes&clen=53761950&dur=3162.121&lmt=1736210078379414&mt=1736455748&fvip=5&keepalive=yes&fexp=51326932%2C51335594%2C51353497%2C51371294&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=0zUwPYFa0-F9Ww&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=met%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crms%2Cinitcwndbps&lsig=AGluJ3MwRAIgd6E0Yp0En6DgIrRYNed7XLkmQUXtz7JNPI8g7GpSkUcCIDQYCwRMjs3SpmghCvcjjoGUD2dtN_9W-pVz4m6ztJDe&alr=yes&sig=AJfQdSswRQIga6oJUHFntcixSjzFhaGFhzelwZPA2umB8Vss3GLjf3ACIQCLvrER5hnqt9prZMjWn4QhPR8Pza3Oj3mHWeIWAJHCWw%3D%3D&cpn=KBmVCHNtDNYL6zM0&cver=1.20250107.01.00-canary_control_1.20250108.01.00&range=2152746-2758556&rn=13&rbuf=73606&pot=MnRVUFcU02mb1lVo7Z7SSGuhIjkijW2NOXIe1qTwwvI-sjBmeM01ox1Lem1cDkd2xg24MILS1YW3tBTPGSB5dKyHzO_Hiec1qSLqNcg8h7RoghHABUUy000X84tZrvpFRJLeEVZL1llS3aRL-wnc2WHE9bh6Ag==&ump=1&srfvp=1 HTTP/1.1Host: rr3---sn-t0aedn7l.googlevideo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /videoplayback?expire=1736477696&ei=oDeAZ4C1Hra16dsPva6GiQQ&ip=8.46.123.189&id=o-AFNUZ2D2_Dd_aic2yntfv7c15wny2z3sWT93BgYqBaOw&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&met=1736456096%2C&mh=Zv&mm=31%2C26&mn=sn-t0aedn7l%2Csn-5uaeznsl&ms=au%2Conr&mv=m&mvi=3&pl=23&rms=au%2Cau&initcwndbps=5993750&bui=AfMhrI_v1nI-oQK3g-PuPjzASs-2436ao-H8NaxGpHcpJL3u0kJOy4wnfenkEkNpKUJe8MWKfUyv1X_U&spc=x-caUO_ZvH2nKgc11lFsonvpfIbWW35N7uSENW84_44Wpmic6daKejAei2CW&vprv=1&svpuc=1&mime=video%2Fmp4&ns=SHRIcJg-iUfzqflgmOmkUd0Q&rqh=1&gir=yes&clen=19149109&dur=3162.080&lmt=1736214191480824&mt=1736455748&fvip=5&keepalive=yes&fexp=51326932%2C51335594%2C51353497%2C51371294&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=0zUwPYFa0-F9Ww&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=met%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crms%2Cinitcwndbps&lsig=AGluJ3MwRAIgd6E0Yp0En6DgIrRYNed7XLkmQUXtz7JNPI8g7GpSkUcCIDQYCwRMjs3SpmghCvcjjoGUD2dtN_9W-pVz4m6ztJDe&alr=yes&sig=AJfQdSswRQIgcLp4-VK-_D_B2jQpxlwXEYLJAK-_pYxJCeYqu1DdqUoCIQCBhtm60dCWWEBxDoW0xGPIfTFq-DYsFmEyp2N4EKWwaA%3D%3D&cpn=KBmVCHNtDNYL6zM0&cver=1.20250107.01.00-canary_control_1.20250108.01.00&range=0-8147&rn=14&rbuf=0&pot=MnRVUFcU02mb1lVo7Z7SSGuhIjkijW2NOXIe1qTwwvI-sjBmeM01ox1Lem1cDkd2xg24MILS1YW3tBTPGSB5dKyHzO_Hiec1qSLqNcg8h7RoghHABUUy000X84tZrvpFRJLeEVZL1llS3aRL-wnc2WHE9bh6Ag==&ump=1&srfvp=1 HTTP/1.1Host: rr3---sn-t0aedn7l.googlevideo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5 HTTP/1.1Host: www.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://visi-sharp.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543
Source: global traffic	HTTP traffic detected: GET /secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5 HTTP/1.1Host: buygoods.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://visi-sharp.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543
Source: global traffic	HTTP traffic detected: GET /secure/checkout/assets/css/chk.css?v=4 HTTP/1.1Host: buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr
Source: global traffic	HTTP traffic detected: GET /images/buygoodslogonew.png HTTP/1.1Host: buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr
Source: global traffic	HTTP traffic detected: GET /assets/checkout/css/bootstrap.min.css HTTP/1.1Host: cdn.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543
Source: global traffic	HTTP traffic detected: GET /assets/checkout/img/visa-cvv.jpg HTTP/1.1Host: cdn.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543
Source: global traffic	HTTP traffic detected: GET /web/3.97.2/js/client.min.js HTTP/1.1Host: js.braintreegateway.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web/3.97.2/js/data-collector.min.js HTTP/1.1Host: js.braintreegateway.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web/3.97.2/js/paypal-checkout.min.js HTTP/1.1Host: js.braintreegateway.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /videoplayback?expire=1736477696&ei=oDeAZ4C1Hra16dsPva6GiQQ&ip=8.46.123.189&id=o-AFNUZ2D2_Dd_aic2yntfv7c15wny2z3sWT93BgYqBaOw&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AfMhrI_v1nI-oQK3g-PuPjzASs-2436ao-H8NaxGpHcpJL3u0kJOy4wnfenkEkNpKUJe8MWKfUyv1X_U&spc=x-caUO_ZvH2nKgc11lFsonvpfIbWW35N7uSENW84_44Wpmic6daKejAei2CW&vprv=1&svpuc=1&mime=video%2Fmp4&ns=SHRIcJg-iUfzqflgmOmkUd0Q&rqh=1&gir=yes&clen=19149109&dur=3162.080&lmt=1736214191480824&keepalive=yes&fexp=24350590,24350737,24350787,24350796,24350816,24350827,24350851,51326932,51335594,51353497,51371294&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=0zUwPYFa0-F9Ww&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AJfQdSswRQIgcLp4-VK-_D_B2jQpxlwXEYLJAK-_pYxJCeYqu1DdqUoCIQCBhtm60dCWWEBxDoW0xGPIfTFq-DYsFmEyp2N4EKWwaA%3D%3D&cpn=KBmVCHNtDNYL6zM0&cver=1.20250107.01.00-canary_control_1.20250108.01.00&redirect_counter=1&cm2rm=sn-t0as7s&rrc=80&cms_redirect=yes&cmsv=e&met=1736456176,&mh=Zv&mm=34&mn=sn-a5mekn6k&ms=ltu&mt=1736454705&mv=u&mvi=3&pl=23&rms=ltu,au&lsparams=met,mh,mm,mn,ms,mv,mvi,pl,rms&lsig=AGluJ3MwRQIhAL2FLQj-OXUHQ09J8A4C93TpHsD1IbBSNoAPmWSX_UHUAiAscarB2ka1b3l28sSRgffmEoROYF8_YI5ssGrESM26ng%3D%3D&range=0-8147&rn=15&rbuf=0&pot=MnRVUFcU02mb1lVo7Z7SSGuhIjkijW2NOXIe1qTwwvI-sjBmeM01ox1Lem1cDkd2xg24MILS1YW3tBTPGSB5dKyHzO_Hiec1qSLqNcg8h7RoghHABUUy000X84tZrvpFRJLeEVZL1llS3aRL-wnc2WHE9bh6Ag==&ump=1&srfvp=1 HTTP/1.1Host: rr3---sn-a5mekn6k.googlevideo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/checkout/img/amex-cvv.jpg HTTP/1.1Host: cdn.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543
Source: global traffic	HTTP traffic detected: GET /images/buygoodslogonew.png HTTP/1.1Host: buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr
Source: global traffic	HTTP traffic detected: GET /assets/checkout/img/trust-guard.png HTTP/1.1Host: cdn.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543
Source: global traffic	HTTP traffic detected: GET /assets/checkout/img/visa-cvv.jpg HTTP/1.1Host: cdn.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543
Source: global traffic	HTTP traffic detected: GET /secure/checkout/assets/js/fontawesome.js HTTP/1.1Host: buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr
Source: global traffic	HTTP traffic detected: GET /secure/checkout/assets/js/md5.min.js HTTP/1.1Host: buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr
Source: global traffic	HTTP traffic detected: GET /secure/checkout/assets/js/dictionary.js?v=29 HTTP/1.1Host: buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr
Source: global traffic	HTTP traffic detected: GET /assets/checkout/img/mcafee.png HTTP/1.1Host: cdn.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543
Source: global traffic	HTTP traffic detected: GET /secure/checkout/assets/js/paypal-cs-conversion.js?v=7 HTTP/1.1Host: buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr
Source: global traffic	HTTP traffic detected: GET /secure/checkout/assets/js/app.js?v=1.0.12 HTTP/1.1Host: buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr
Source: global traffic	HTTP traffic detected: GET /web/3.97.2/js/client.min.js HTTP/1.1Host: js.braintreegateway.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/checkout/img/badge-60-day.png HTTP/1.1Host: cdn.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543
Source: global traffic	HTTP traffic detected: GET /lib/v1/js/vaultFrame.js?v=65 HTTP/1.1Host: pay.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543
Source: global traffic	HTTP traffic detected: GET /web/3.97.2/js/data-collector.min.js HTTP/1.1Host: js.braintreegateway.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web/3.97.2/js/paypal-checkout.min.js HTTP/1.1Host: js.braintreegateway.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /secure/checkout/assets/js/places.js?v=2 HTTP/1.1Host: buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr
Source: global traffic	HTTP traffic detected: GET /assets/checkout/img/amex-cvv.jpg HTTP/1.1Host: cdn.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543
Source: global traffic	HTTP traffic detected: GET /assets/checkout/img/trust-guard.png HTTP/1.1Host: cdn.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543
Source: global traffic	HTTP traffic detected: GET /cardinalcruise/v1/songbird.js HTTP/1.1Host: songbird.cardinalcommerce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/address?id=corporateaddress HTTP/1.1Host: display.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543
Source: global traffic	HTTP traffic detected: GET /assets/checkout/img/mcafee.png HTTP/1.1Host: cdn.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543
Source: global traffic	HTTP traffic detected: GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1Host: static.cloudflareinsights.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://buygoods.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /secure/checkout/assets/js/md5.min.js HTTP/1.1Host: buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr
Source: global traffic	HTTP traffic detected: GET /secure/checkout/assets/js/fontawesome.js HTTP/1.1Host: buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr
Source: global traffic	HTTP traffic detected: GET /secure/checkout/assets/js/dictionary.js?v=29 HTTP/1.1Host: buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr
Source: global traffic	HTTP traffic detected: GET /secure/checkout/assets/js/paypal-cs-conversion.js?v=7 HTTP/1.1Host: buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr
Source: global traffic	HTTP traffic detected: GET /assets/checkout/img/badge-60-day.png HTTP/1.1Host: cdn.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543
Source: global traffic	HTTP traffic detected: GET /lib/v1/js/vaultFrame.js?v=65 HTTP/1.1Host: pay.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi
Source: global traffic	HTTP traffic detected: GET /secure/checkout/assets/js/places.js?v=2 HTTP/1.1Host: buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr
Source: global traffic	HTTP traffic detected: GET /us1/v5/datadog-rum.js HTTP/1.1Host: www.datadoghq-browser-agent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /secure/checkout/assets/js/app.js?v=1.0.12 HTTP/1.1Host: buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr
Source: global traffic	HTTP traffic detected: GET /track/?a=6797&firstcookie=0&tracking_redirect=&referrer=https%3A%2F%2Fvisi-sharp.net%2F&sessid2=sessid2025010920547110&product=prod11&is_checkout=1&caller_url=https%3A%2F%2Fbuygoods.com%2Fsecure%2Fcheckout.html%3Fsessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5 HTTP/1.1Host: tracking.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543; __cflb=02DiuEJgUPmnkKW5JETNtVJGZX1NbzGS7gkYar8NAE5eU
Source: global traffic	HTTP traffic detected: GET /v1/address?id=corporateaddress HTTP/1.1Host: display.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189::visi-sharp.net%2Freport; spisessid2_6797=sessid20250109205417543; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFrcLwBSnkWnK6
Source: global traffic	HTTP traffic detected: GET /cardinalcruise/v1/songbird.js HTTP/1.1Host: songbird.cardinalcommerce.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1Host: static.cloudflareinsights.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/?a=6797&firstcookie=0&tracking_redirect=&referrer=https%3A%2F%2Fvisi-sharp.net%2F&sessid2=sessid2025010920547110&product=prod11&is_checkout=1&caller_url=https%3A%2F%2Fbuygoods.com%2Fsecure%2Fcheckout.html%3Fsessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5 HTTP/1.1Host: tracking.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuEJgUPmnkKW5JETNtVJGZX1NbzGS7gkYar8NAE5eU; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110
Source: global traffic	HTTP traffic detected: GET /secure/checkout/init HTTP/1.1Host: buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110
Source: global traffic	HTTP traffic detected: GET /v1/terms?id=terms HTTP/1.1Host: display.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFrcLwBSnkWnK6; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110
Source: global traffic	HTTP traffic detected: GET /productimages/6797/42/6_bo_les_1_g0pjc_p_g_resized333.png HTTP/1.1Host: cdn.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1Host: buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110
Source: global traffic	HTTP traffic detected: GET /vault/v1/formframe-checkout?a=6797&s=sessid2025010920547110&lang=en&t=1736456180055 HTTP/1.1Host: pay.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110
Source: global traffic	HTTP traffic detected: GET /cardinalcruise/v1/b109e0c6fd2a5b6b93b2/1.b109e0c6fd2a5b6b93b2.songbird.js HTTP/1.1Host: includes.ccdc02.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://buygoods.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: yomali.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /us1/v5/datadog-rum.js HTTP/1.1Host: www.datadoghq-browser-agent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /affiliates/go/conversion/iframe/bg?a=6797&t=7febff6eb4188829241aea58b12110cf&checkout=1&s=sessid2025010920547110 HTTP/1.1Host: buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; _dd_s=rum=1&id=5f6b158d-0c63-46f6-b297-0b17901ad71f&created=1736456180128&expire=1736457080129
Source: global traffic	HTTP traffic detected: GET /v1/terms?id=terms HTTP/1.1Host: display.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFrcLwBSnkWnK6; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /productimages/6797/42/6_bo_les_1_g0pjc_p_g_resized333.png HTTP/1.1Host: cdn.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /css/bootstrap.min.css HTTP/1.1Host: pay.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://pay.buygoods.com/vault/v1/formframe-checkout?a=6797&s=sessid2025010920547110&lang=en&t=1736456180055Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /css/v1/formframe-checkout.css HTTP/1.1Host: pay.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://pay.buygoods.com/vault/v1/formframe-checkout?a=6797&s=sessid2025010920547110&lang=en&t=1736456180055Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /img/visa.svg HTTP/1.1Host: pay.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pay.buygoods.com/vault/v1/formframe-checkout?a=6797&s=sessid2025010920547110&lang=en&t=1736456180055Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /img/mastercard.svg HTTP/1.1Host: pay.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pay.buygoods.com/vault/v1/formframe-checkout?a=6797&s=sessid2025010920547110&lang=en&t=1736456180055Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /img/amex.svg HTTP/1.1Host: pay.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pay.buygoods.com/vault/v1/formframe-checkout?a=6797&s=sessid2025010920547110&lang=en&t=1736456180055Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /img/discover.svg HTTP/1.1Host: pay.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pay.buygoods.com/vault/v1/formframe-checkout?a=6797&s=sessid2025010920547110&lang=en&t=1736456180055Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /secure/k/logo.php?m=153600&s=sessid2025010920547110 HTTP/1.1Host: buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; _dd_s=rum=1&id=5f6b158d-0c63-46f6-b297-0b17901ad71f&created=1736456180128&expire=1736457080129
Source: global traffic	HTTP traffic detected: GET /secure/checkout/iframe?a=6797&s=sessid2025010920547110 HTTP/1.1Host: buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; _dd_s=rum=1&id=5f6b158d-0c63-46f6-b297-0b17901ad71f&created=1736456180128&expire=1736457080129
Source: global traffic	HTTP traffic detected: GET /conversion/iframe?a=6812&token=4df97f99b03e60bc03420f175bd3f509&checkout=1&sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5 HTTP/1.1Host: go.maxweb.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/e0c90b6a3ed1/main.js? HTTP/1.1Host: buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; _dd_s=rum=1&id=5f6b158d-0c63-46f6-b297-0b17901ad71f&created=1736456180128&expire=1736457080129
Source: global traffic	HTTP traffic detected: GET /cardinalcruise/v1/b109e0c6fd2a5b6b93b2/1.b109e0c6fd2a5b6b93b2.songbird.js HTTP/1.1Host: includes.ccdc02.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/jcb.svg HTTP/1.1Host: pay.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pay.buygoods.com/vault/v1/formframe-checkout?a=6797&s=sessid2025010920547110&lang=en&t=1736456180055Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /js/v1/formframe-checkout.js?v=7 HTTP/1.1Host: pay.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pay.buygoods.com/vault/v1/formframe-checkout?a=6797&s=sessid2025010920547110&lang=en&t=1736456180055Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /js/fontawesome.js HTTP/1.1Host: pay.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pay.buygoods.com/vault/v1/formframe-checkout?a=6797&s=sessid2025010920547110&lang=en&t=1736456180055Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /img/visa.svg HTTP/1.1Host: pay.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /img/mastercard.svg HTTP/1.1Host: pay.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /js/cleave.min.js HTTP/1.1Host: pay.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pay.buygoods.com/vault/v1/formframe-checkout?a=6797&s=sessid2025010920547110&lang=en&t=1736456180055Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /img/discover.svg HTTP/1.1Host: pay.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /js/jquery-3.7.1.min.js HTTP/1.1Host: pay.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pay.buygoods.com/vault/v1/formframe-checkout?a=6797&s=sessid2025010920547110&lang=en&t=1736456180055Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/e0c90b6a3ed1/main.js? HTTP/1.1Host: buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; _dd_s=rum=1&id=5f6b158d-0c63-46f6-b297-0b17901ad71f&created=1736456180128&expire=1736457080129
Source: global traffic	HTTP traffic detected: GET /img/amex.svg HTTP/1.1Host: pay.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /logo.htm?s=sessid2025010920547110&m=153600 HTTP/1.1Host: ssl.kaptcha.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /da/r/fb.js HTTP/1.1Host: c.paypal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sdk/js?components=buttons&currency=USD&intent=authorize&client-id=AWSfZDWVfeaW_xPHzvcISR7UNHryoYSdRwwe1q8K4V4L_qjHgTV_BTD_Vswt1Iz_5hHpy13c5DpEw9tq HTTP/1.1Host: www.paypal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bootstrap.bundle.min.js HTTP/1.1Host: pay.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pay.buygoods.com/vault/v1/formframe-checkout?a=6797&s=sessid2025010920547110&lang=en&t=1736456180055Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /web/3.97.2/html/dispatch-frame.min.html HTTP/1.1Host: checkout.paypal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /data/logo.htm?m=null&s=9e5a8d4c3b5fdad7146d23b99f3c2d46 HTTP/1.1Host: assets.braintreegateway.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /graphql HTTP/1.1Host: payments.braintree-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /conv.php?t=VwumnwEbwiuW1LnCjrTK6W5n8XbpE%2FrQ0YECP9k22IftgTbRA7TlUs0XBr0%2FTIb4 HTTP/1.1Host: trends.revcontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /conv.php?t=UHosPivC2%2BcgsgzKtGW1xhQrpvXnbcriAs6vNSyHf%2BTkKQHzGQF0q0sESBeaH3K9 HTTP/1.1Host: trends.revcontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /conv.php?t=vbK2mTY%2FYmXvXtqlJ42HeM4mxYEnICdrkVEh1JhJgAOAmyt98m%2FLKaiRDQQIcGbu HTTP/1.1Host: trends.revcontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/fontawesome.js HTTP/1.1Host: pay.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /img/jcb.svg HTTP/1.1Host: pay.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/jsd/r/8ff755483e3a4408 HTTP/1.1Host: buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuEzB32VBtgHEATPXr64oJeuFiEXhFpPtNakqshnqr; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; _dd_s=rum=1&id=5f6b158d-0c63-46f6-b297-0b17901ad71f&created=1736456180128&expire=1736457080129
Source: global traffic	HTTP traffic detected: GET /tracking/attribute?callback={SUBID4}&event_type=conversion_event HTTP/1.1Host: business.newsbreak.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/v1/formframe-checkout.js?v=7 HTTP/1.1Host: pay.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /js/cleave.min.js HTTP/1.1Host: pay.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /js/jquery-3.7.1.min.js HTTP/1.1Host: pay.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /images/transp.gif HTTP/1.1Host: www.softwareprojects.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ssl.kaptcha.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/r/d/b/p3?f=f90ace7de996d798d0419f2ab4a0d6dd&s=BRAINTREE_SIGNIN HTTP/1.1Host: c6.paypal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js HTTP/1.1Host: c.paypal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /da/r/fb.js HTTP/1.1Host: c.paypal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logo.htm?m=null&s=9e5a8d4c3b5fdad7146d23b99f3c2d46 HTTP/1.1Host: ssl.kaptcha.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: k=5a5777f320d8433faaa2e91bb331e368
Source: global traffic	HTTP traffic detected: GET /js/bootstrap.bundle.min.js HTTP/1.1Host: pay.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1Host: pay.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; cf_clearance=4xdrG6Mcn4532JavguZPhRDadlux5aKeJsUIKChu00w-1736456183-1.2.1.1-VVD4n5k4xK7BPCYSL1aKRL8mZ.euy_ZSzviwZDtJoRXbFP1W_PBi3Emmy.yRc_BxLWSRWmL7gjhC9aCNyXvrlo7ShYIgE8KEqG82bue_4xUow23NJgmt3rJY1rhxA.1t_faDopiDYbUt1JeWbHagRvco6MipYLru6dGmkBTQ8IdUaLJ7OhSCVyyOR2kJkheQltIhJVFKR8QE0vYFqni3rOnkKILlTR5PtGydD_62JEu3M9l1RXIYRtBYSEoyM94_uKVrtiYrOCGhxtr9vcCf.YHb3QFaJRe2q1mhYxbYf9JbC7FimVm0PKHEGuKjLpWzZIjuSe9HWsSPBcgJKoenLM7ez.fqpMF.57akL0551bNs8WTnj1ImB6eB7DEsNBW8
Source: global traffic	HTTP traffic detected: GET /counter.cgi?i=127.0.0.1&p=f90ace7de996d798d0419f2ab4a0d6dd&t=1736456181.951&a=14 HTTP/1.1Host: b.stats.paypal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sdk/js?components=buttons&currency=USD&intent=authorize&client-id=AWSfZDWVfeaW_xPHzvcISR7UNHryoYSdRwwe1q8K4V4L_qjHgTV_BTD_Vswt1Iz_5hHpy13c5DpEw9tq HTTP/1.1Host: www.paypal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/e0c90b6a3ed1/main.js? HTTP/1.1Host: pay.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; cf_clearance=4xdrG6Mcn4532JavguZPhRDadlux5aKeJsUIKChu00w-1736456183-1.2.1.1-VVD4n5k4xK7BPCYSL1aKRL8mZ.euy_ZSzviwZDtJoRXbFP1W_PBi3Emmy.yRc_BxLWSRWmL7gjhC9aCNyXvrlo7ShYIgE8KEqG82bue_4xUow23NJgmt3rJY1rhxA.1t_faDopiDYbUt1JeWbHagRvco6MipYLru6dGmkBTQ8IdUaLJ7OhSCVyyOR2kJkheQltIhJVFKR8QE0vYFqni3rOnkKILlTR5PtGydD_62JEu3M9l1RXIYRtBYSEoyM94_uKVrtiYrOCGhxtr9vcCf.YHb3QFaJRe2q1mhYxbYf9JbC7FimVm0PKHEGuKjLpWzZIjuSe9HWsSPBcgJKoenLM7ez.fqpMF.57akL0551bNs8WTnj1ImB6eB7DEsNBW8
Source: global traffic	HTTP traffic detected: GET /tagmanager/pptm.js?id=buygoods.com&t=xo&v=5.0.465&source=payments_sdk&client_id=AWSfZDWVfeaW_xPHzvcISR7UNHryoYSdRwwe1q8K4V4L_qjHgTV_BTD_Vswt1Iz_5hHpy13c5DpEw9tq&comp=buttons&disableSetCookie=true&vault=false HTTP/1.1Host: www.paypal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/r/d/b/p3?f=f90ace7de996d798d0419f2ab4a0d6dd&s=BRAINTREE_SIGNIN HTTP/1.1Host: c6.paypal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/transp.gif HTTP/1.1Host: www.softwareprojects.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /da/r/fb.js HTTP/1.1Host: c.paypal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/11101953222/?random=1736456183528&cv=11&fst=1736456183528&bg=ffffff&guid=ON&async=1&gtm=45be5170v9103334271za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/11101953222?random=1736456183528&cv=11&fst=1736456183528&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5170v9103334271za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/11101953222?random=1736456183580&cv=11&fst=1736456183580&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5170v9103334271za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&label=ZtTmCKbbnI4YEMa56a0p&hn=www.googleadservices.com&frm=2&tiba=Pixels&gtm_ee=1&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0 HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/601533754?random=1736456183664&cv=11&fst=1736456183664&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/601533754?random=1736456183706&cv=11&fst=1736456183706&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&label=BLRdCKaU-YsCELra6p4C&hn=www.googleadservices.com&frm=2&tiba=Pixels&gtm_ee=1&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0 HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/e0c90b6a3ed1/main.js? HTTP/1.1Host: pay.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /td/rul/388275037?random=1736456183756&cv=11&fst=1736456183756&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /md HTTP/1.1Host: ssl.kaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: k=5a5777f320d8433faaa2e91bb331e368
Source: global traffic	HTTP traffic detected: GET /counter2.cgi?i=127.0.0.1&p=f90ace7de996d798d0419f2ab4a0d6dd&t=1736456181.951&a=14 HTTP/1.1Host: lhr.stats.paypal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/388275037?random=1736456183859&cv=11&fst=1736456183859&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&label=FCqNCNvFgJMCEN22krkB&hn=www.googleadservices.com&frm=2&tiba=Pixels&gtm_ee=1&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0 HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A8T2VCMX6GD4SG-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A8T2VCMX6GD4SG-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=a76c98f4-6469-4316-9f25-c961ba7f91b9&fltp=analytics&mrid=8T2VCMX6GD4SG&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=BuyGoods%20-%20Secure%20Checkout&dh=1024&dw=1280&bh=907&bw=1280&cd=24&sh=1024&sw=1280&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1736456184265&g=300&completeurl=https%3A%2F%2Fbuygoods.com%2Fsecure%2Fcheckout.html%3Fsessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ru=https%3A%2F%2Fvisi-sharp.net%2F&disableSetCookie=true HTTP/1.1Host: t.paypal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /muse/muse.js HTTP/1.1Host: www.paypalobjects.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js-sdk-logos/2.2.7/paypal-white.svg HTTP/1.1Host: www.paypalobjects.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tagmanager/pptm.js?id=buygoods.com&t=xo&v=5.0.465&source=payments_sdk&client_id=AWSfZDWVfeaW_xPHzvcISR7UNHryoYSdRwwe1q8K4V4L_qjHgTV_BTD_Vswt1Iz_5hHpy13c5DpEw9tq&comp=buttons&disableSetCookie=true&vault=false HTTP/1.1Host: www.paypal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /videoplayback?expire=1736477696&ei=oDeAZ4C1Hra16dsPva6GiQQ&ip=8.46.123.189&id=o-AFNUZ2D2_Dd_aic2yntfv7c15wny2z3sWT93BgYqBaOw&itag=397&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&met=1736456096%2C&mh=Zv&mm=31%2C26&mn=sn-t0aedn7l%2Csn-5uaeznsl&ms=au%2Conr&mv=m&mvi=3&pl=23&rms=au%2Cau&initcwndbps=5993750&bui=AfMhrI_v1nI-oQK3g-PuPjzASs-2436ao-H8NaxGpHcpJL3u0kJOy4wnfenkEkNpKUJe8MWKfUyv1X_U&spc=x-caUO_ZvH2nKgc11lFsonvpfIbWW35N7uSENW84_44Wpmic6daKejAei2CW&vprv=1&svpuc=1&mime=video%2Fmp4&ns=SHRIcJg-iUfzqflgmOmkUd0Q&rqh=1&gir=yes&clen=30618074&dur=3162.080&lmt=1736215533919687&mt=1736455748&fvip=5&keepalive=yes&fexp=51326932%2C51335594%2C51353497%2C51371294&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=0zUwPYFa0-F9Ww&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=met%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crms%2Cinitcwndbps&lsig=AGluJ3MwRAIgd6E0Yp0En6DgIrRYNed7XLkmQUXtz7JNPI8g7GpSkUcCIDQYCwRMjs3SpmghCvcjjoGUD2dtN_9W-pVz4m6ztJDe&alr=yes&sig=AJfQdSswRQIhAI_rwFllGszfC6Kw1hjuFkUNp8WXhyBqQQKnD-9PSY0hAiApeosoQv0Ed0T0YWUxzjvfzAH3RGr1AN1KY05xWXbW5A%3D%3D&cpn=KBmVCHNtDNYL6zM0&cver=1.20250107.01.00-canary_control_1.20250108.01.00&range=4534710-6616791&rn=16&rbuf=101845&pot=MnRVUFcU02mb1lVo7Z7SSGuhIjkijW2NOXIe1qTwwvI-sjBmeM01ox1Lem1cDkd2xg24MILS1YW3tBTPGSB5dKyHzO_Hiec1qSLqNcg8h7RoghHABUUy000X84tZrvpFRJLeEVZL1llS3aRL-wnc2WHE9bh6Ag==&ump=1&srfvp=1 HTTP/1.1Host: rr3---sn-t0aedn7l.googlevideo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /smart/buttons?fundingSource=paypal&style.label=pay&style.layout=horizontal&style.color=blue&style.shape=rect&style.tagline=false&style.menuPlacement=below&onShippingChange=true&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_418f4016f2_mja6nty6mjq&customerId=&clientID=AWSfZDWVfeaW_xPHzvcISR7UNHryoYSdRwwe1q8K4V4L_qjHgTV_BTD_Vswt1Iz_5hHpy13c5DpEw9tq&clientMetadataID=uid_7087b81da0_mja6nty6mjq&commit=true&components.0=buttons&currency=USD&debug=false&disableSetCookie=true&env=production&experiment.enableVenmo=false&experiment.venmoVaultWithoutPurchase=false&experiment.venmoWebEnabled=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOmZhbHNlLCJwcm9kdWN0cyI6eyJwYXlJbjMiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJtYWVzdHJvIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaW5lcnMiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImN1cCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&intent=authorize&locale.country=US&locale.lang=en&hasShippingCallback=true&platform=desktop&renderedButtons.0=paypal&sessionID=uid_7087b81da0_mja6nty6mjq&sdkCorrelationID=prebuild&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMmY3VycmVuY3k9VVNEJmludGVudD1hdXRob3JpemUmY2xpZW50LWlkPUFXU2ZaRFdWZmVhV194UEh6dmNJU1I3VU5IcnlvWVNkUnd3ZTFxOEs0VjRMX3FqSGdUVl9CVERfVnN3dDFJel81aEhweTEzYzVEcEV3OXRxIiwi
Source: global traffic	HTTP traffic detected: GET /8xnhgfcmq7d3k99b HTTP/1.1Host: client-analytics.braintreegateway.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/601533754/?random=1736456183664&cv=11&fst=1736456183664&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/388275037/?random=1736456183756&cv=11&fst=1736456183756&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /da/r/fb.js HTTP/1.1Host: c.paypal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/10780050324?random=1736456184032&cv=11&fst=1736456184032&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/388644778?random=1736456184074&cv=11&fst=1736456184074&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5190h2za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/10780050324/?random=1736456184032&cv=11&fst=1736456184032&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /td/rul/388644778?random=1736456184093&cv=11&fst=1736456184093&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5190h2za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&label=4N6-CLaYgZMCEKr_qLkB&hn=www.googleadservices.com&frm=2&tiba=Pixels&gtm_ee=1&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0 HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fin HTTP/1.1Host: ssl.kaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: k=5a5777f320d8433faaa2e91bb331e368
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/11101953222/?random=1736456183528&cv=11&fst=1736456183528&bg=ffffff&guid=ON&async=1&gtm=45be5170v9103334271za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /md HTTP/1.1Host: ssl.kaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: k=5a5777f320d8433faaa2e91bb331e368
Source: global traffic	HTTP traffic detected: GET /js-sdk-logos/2.2.7/paypal-white.svg HTTP/1.1Host: www.paypalobjects.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/jsd/r/8ff755600b5243c9 HTTP/1.1Host: pay.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; __cflb=02DiuDqeA12C7yZiXvHMtnAKZaxhG15oex7CK4kFmZ4yi; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A8T2VCMX6GD4SG-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A8T2VCMX6GD4SG-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=a76c98f4-6469-4316-9f25-c961ba7f91b9&fltp=analytics&mrid=8T2VCMX6GD4SG&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=BuyGoods%20-%20Secure%20Checkout&dh=1024&dw=1280&bh=907&bw=1280&cd=24&sh=1024&sw=1280&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1736456184265&g=300&completeurl=https%3A%2F%2Fbuygoods.com%2Fsecure%2Fcheckout.html%3Fsessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ru=https%3A%2F%2Fvisi-sharp.net%2F&disableSetCookie=true HTTP/1.1Host: t.paypal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /videoplayback?expire=1736477696&ei=oDeAZ4C1Hra16dsPva6GiQQ&ip=8.46.123.189&id=o-AFNUZ2D2_Dd_aic2yntfv7c15wny2z3sWT93BgYqBaOw&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&met=1736456096%2C&mh=Zv&mm=31%2C26&mn=sn-t0aedn7l%2Csn-5uaeznsl&ms=au%2Conr&mv=m&mvi=3&pl=23&rms=au%2Cau&initcwndbps=5993750&bui=AfMhrI_v1nI-oQK3g-PuPjzASs-2436ao-H8NaxGpHcpJL3u0kJOy4wnfenkEkNpKUJe8MWKfUyv1X_U&spc=x-caUO_ZvH2nKgc11lFsonvpfIbWW35N7uSENW84_44Wpmic6daKejAei2CW&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=SHRIcJg-iUfzqflgmOmkUd0Q&rqh=1&gir=yes&clen=53761950&dur=3162.121&lmt=1736210078379414&mt=1736455748&fvip=5&keepalive=yes&fexp=51326932%2C51335594%2C51353497%2C51371294&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=0zUwPYFa0-F9Ww&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=met%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crms%2Cinitcwndbps&lsig=AGluJ3MwRAIgd6E0Yp0En6DgIrRYNed7XLkmQUXtz7JNPI8g7GpSkUcCIDQYCwRMjs3SpmghCvcjjoGUD2dtN_9W-pVz4m6ztJDe&alr=yes&sig=AJfQdSswRQIga6oJUHFntcixSjzFhaGFhzelwZPA2umB8Vss3GLjf3ACIQCLvrER5hnqt9prZMjWn4QhPR8Pza3Oj3mHWeIWAJHCWw%3D%3D&cpn=KBmVCHNtDNYL6zM0&cver=1.20250107.01.00-canary_control_1.20250108.01.00&range=2758557-3367501&rn=17&rbuf=103606&pot=MnRVUFcU02mb1lVo7Z7SSGuhIjkijW2NOXIe1qTwwvI-sjBmeM01ox1Lem1cDkd2xg24MILS1YW3tBTPGSB5dKyHzO_Hiec1qSLqNcg8h7RoghHABUUy000X84tZrvpFRJLeEVZL1llS3aRL-wnc2WHE9bh6Ag==&ump=1&srfvp=1 HTTP/1.1Host: rr3---sn-t0aedn7l.googlevideo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /muse/analytics/index.html HTTP/1.1Host: www.paypalobjects.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /muse/muse.js HTTP/1.1Host: www.paypalobjects.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/r/d/b/p1 HTTP/1.1Host: c.paypal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: l7_az=dcg01.phx
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/388644778/?random=1736456184074&cv=11&fst=1736456184074&bg=ffffff&guid=ON&async=1&gtm=45be5190h2za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /counter2.cgi?i=127.0.0.1&p=f90ace7de996d798d0419f2ab4a0d6dd&t=1736456181.951&a=14 HTTP/1.1Host: lhr.stats.paypal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /8xnhgfcmq7d3k99b HTTP/1.1Host: client-analytics.braintreegateway.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/r/d/b/p2 HTTP/1.1Host: c.paypal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: l7_az=dcg01.phx
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/11101953222/?random=1736456183528&cv=11&fst=1736452800000&bg=ffffff&guid=ON&async=1&gtm=45be5170v9103334271za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dqxg-TTBVkaGn1FQ3vyqd9ODmmtYKrg&random=2140124334&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=PG722sbfvqV6KlnsNvt4kckHWxljIqmQAhvMZlsAlgxqeh-8Wm13XoliLu3G25e9Wz86t1KY5j3-ZGu9u9BPyCVOa82KW9U9aPxZ6SbGW9CqF64MPmvWQ36GmWGXeuG072J1Ie6_25YbYOzx7OlQSDm1qXiAZjeV9WfuHuh_fzRMniyrCGN0GHbolFbMZw8
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/11101953222/?random=2125437952&cv=11&fst=1736456183580&bg=ffffff&guid=ON&async=1&gtm=45be5170v9103334271za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&label=ZtTmCKbbnI4YEMa56a0p&hn=www.googleadservices.com&frm=2&tiba=Pixels&gtm_ee=1&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbECIgEBQAFKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZWIECgICAw&pscrd=CKih-7Gi1PGryQEiEwimrouxw-mKAxWAnYMHHZ5aPTUyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICzICCBUyAggfMgIIEzICCBI6Fmh0dHBzOi8vZ28ubWF4d2ViLmNvbS8 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /sdk/js?components=buttons&currency=USD&intent=authorize&client-id=AWSfZDWVfeaW_xPHzvcISR7UNHryoYSdRwwe1q8K4V4L_qjHgTV_BTD_Vswt1Iz_5hHpy13c5DpEw9tq HTTP/1.1Host: www.paypal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.label=pay&style.layout=horizontal&style.color=blue&style.shape=rect&style.tagline=false&style.menuPlacement=below&onShippingChange=true&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_418f4016f2_mja6nty6mjq&customerId=&clientID=AWSfZDWVfeaW_xPHzvcISR7UNHryoYSdRwwe1q8K4V4L_qjHgTV_BTD_Vswt1Iz_5hHpy13c5DpEw9tq&clientMetadataID=uid_7087b81da0_mja6nty6mjq&commit=true&components.0=buttons&currency=USD&debug=false&disableSetCookie=true&env=production&experiment.enableVenmo=false&experiment.venmoVaultWithoutPurchase=false&experiment.venmoWebEnabled=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOmZhbHNlLCJwcm9kdWN0cyI6eyJwYXlJbjMiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJtYWVzdHJvIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaW5lcnMiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImN1cCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/601533754/?random=1736456183664&cv=11&fst=1736452800000&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dPiuw8mUmfh6zNzWrKyRp9xYjJQLN3Q&random=1512842882&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=PG722sbfvqV6KlnsNvt4kckHWxljIqmQAhvMZlsAlgxqeh-8Wm13XoliLu3G25e9Wz86t1KY5j3-ZGu9u9BPyCVOa82KW9U9aPxZ6SbGW9CqF64MPmvWQ36GmWGXeuG072J1Ie6_25YbYOzx7OlQSDm1qXiAZjeV9WfuHuh_fzRMniyrCGN0GHbolFbMZw8
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/601533754/?random=1736456183664&cv=11&fst=1736456183664&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlwASRMwIlFtDI15v9S7FZPBOM1E56oW4z1NUizoQAIpjtKBziyHsgHg3nz
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/388275037/?random=1736456183756&cv=11&fst=1736456183756&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlwASRMwIlFtDI15v9S7FZPBOM1E56oW4z1NUizoQAIpjtKBziyHsgHg3nz
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/10780050324/?random=1736456184032&cv=11&fst=1736456184032&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkVe6uxQ3ZbU_YbCA6bB5Lo01CEY9XpbyKHyqxOacHx07tAT1vqDO7fPABi
Source: global traffic	HTTP traffic detected: GET /ts?pgrp=muse%3Aoffer%3A%3A%3A8T2VCMX6GD4SG-1&page=muse%3Aoffer%3A%3A%3A8T2VCMX6GD4SG-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=a76c98f4-6469-4316-9f25-c961ba7f91b9&es=visitorInfoFlowStarted&mrid=8T2VCMX6GD4SG&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=BuyGoods%20-%20Secure%20Checkout&dh=1024&dw=1280&bh=907&bw=1280&cd=24&sh=1024&sw=1280&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1736456185794&g=300&completeurl=https%3A%2F%2Fbuygoods.com%2Fsecure%2Fcheckout.html%3Fsessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&disableSetCookie=true HTTP/1.1Host: t.paypal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KHcl0EuY7AKSMgfvHl7J5E7hPtK=5yb3e7kLMljlp__GfoHY0QUWSqKtasQgBbjSlTaiKK38vQpZgCjVpEqkEvtZnzZ7YLoi-6aCZ5s4u9qh; l7_az=dcg01.phx; sc_f=R9c23A35etfgK6ZUlPyk-MzS1SVEIW1zOS1qXIkm9wJ2eneD7XPrzei51K_GbEt4Q-bHX5Mzn7elZ604joCIHxqm5j7jgu_SE8JSQm
Source: global traffic	HTTP traffic detected: GET /muse/noop.js HTTP/1.1Host: www.paypalobjects.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.paypalobjects.com/muse/analytics/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /md HTTP/1.1Host: ssl.kaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: k=5a5777f320d8433faaa2e91bb331e368
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/601533754/?random=1613111877&cv=11&fst=1736456183706&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&label=BLRdCKaU-YsCELra6p4C&hn=www.googleadservices.com&frm=2&tiba=Pixels&gtm_ee=1&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CKK4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIIo8WxAgiQybECCNPFsQIiAQFAAUonZXZlbnQtc291cmNlLCB0cmlnZ2VyPW5hdmlnYXRpb24tc291cmNlYgQKAgID&pscrd=CMCQ6sTH-vymOSITCLHXm7HD6YoDFeOpgwcdBEQjWjICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLMgIIFTICCB8yAggTMgIIEjoWaHR0cHM6Ly9nby5tYXh3ZWIuY29tLw HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkVe6uxQ3ZbU_YbCA6bB5Lo01CEY9XpbyKHyqxOacHx07tAT1vqDO7fPABi
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/388275037/?random=1736456183756&cv=11&fst=1736452800000&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dvlFcmYATCJvj7FRQHJlqt9sG-MMYdg&random=4189524081&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=PG722sbfvqV6KlnsNvt4kckHWxljIqmQAhvMZlsAlgxqeh-8Wm13XoliLu3G25e9Wz86t1KY5j3-ZGu9u9BPyCVOa82KW9U9aPxZ6SbGW9CqF64MPmvWQ36GmWGXeuG072J1Ie6_25YbYOzx7OlQSDm1qXiAZjeV9WfuHuh_fzRMniyrCGN0GHbolFbMZw8
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/388275037/?random=1843449611&cv=11&fst=1736456183859&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&label=FCqNCNvFgJMCEN22krkB&hn=www.googleadservices.com&frm=2&tiba=Pixels&gtm_ee=1&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxAgjTxbECIgEBQAFKJ3RyaWdnZXI9bmF2aWdhdGlvbi1zb3VyY2UsIGV2ZW50LXNvdXJjZWIECgICAw&pscrd=CIajl53k-vHlbyITCNDlm7HD6YoDFcmNgwcdHysHDzICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLMgIIFTICCB8yAggTMgIIEjoWaHR0cHM6Ly9nby5tYXh3ZWIuY29tLw HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkVe6uxQ3ZbU_YbCA6bB5Lo01CEY9XpbyKHyqxOacHx07tAT1vqDO7fPABi
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/388644778/?random=1736456184074&cv=11&fst=1736456184074&bg=ffffff&guid=ON&async=1&gtm=45be5190h2za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUktSJDZrrRfyRx_n0KbopMLRz3STZ-pe43OIvy5OQl7dyCDF3IaYraKAPdq
Source: global traffic	HTTP traffic detected: GET /8xnhgfcmq7d3k99b HTTP/1.1Host: client-analytics.braintreegateway.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-conversion/11101953222/?random=2125437952&cv=11&fst=1736456183580&bg=ffffff&guid=ON&async=1&gtm=45be5170v9103334271za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&label=ZtTmCKbbnI4YEMa56a0p&hn=www.googleadservices.com&frm=2&tiba=Pixels&gtm_ee=1&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbECIgEBQAFKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZWIECgICAw&pscrd=CKih-7Gi1PGryQEiEwimrouxw-mKAxWAnYMHHZ5aPTUyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICzICCBUyAggfMgIIEzICCBI6Fmh0dHBzOi8vZ28ubWF4d2ViLmNvbS8&is_vtc=1&cid=CAQSKQCa7L7dhAPjry3P8DCk9xjJTYGXw-KXVwRDVe1usltVmmfIUPxmWlhl&random=120483673 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=PG722sbfvqV6KlnsNvt4kckHWxljIqmQAhvMZlsAlgxqeh-8Wm13XoliLu3G25e9Wz86t1KY5j3-ZGu9u9BPyCVOa82KW9U9aPxZ6SbGW9CqF64MPmvWQ36GmWGXeuG072J1Ie6_25YbYOzx7OlQSDm1qXiAZjeV9WfuHuh_fzRMniyrCGN0GHbolFbMZw8
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/11101953222/?random=1736456183528&cv=11&fst=1736452800000&bg=ffffff&guid=ON&async=1&gtm=45be5170v9103334271za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dqxg-TTBVkaGn1FQ3vyqd9ODmmtYKrg&random=2140124334&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=PG722sbfvqV6KlnsNvt4kckHWxljIqmQAhvMZlsAlgxqeh-8Wm13XoliLu3G25e9Wz86t1KY5j3-ZGu9u9BPyCVOa82KW9U9aPxZ6SbGW9CqF64MPmvWQ36GmWGXeuG072J1Ie6_25YbYOzx7OlQSDm1qXiAZjeV9WfuHuh_fzRMniyrCGN0GHbolFbMZw8
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/10780050324/?random=1736456184032&cv=11&fst=1736452800000&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dxllOxqtTJEmskZsGUf_ARa2IBkrjn5f_CzM2fai4gMh2U-sD&random=3800009752&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=PG722sbfvqV6KlnsNvt4kckHWxljIqmQAhvMZlsAlgxqeh-8Wm13XoliLu3G25e9Wz86t1KY5j3-ZGu9u9BPyCVOa82KW9U9aPxZ6SbGW9CqF64MPmvWQ36GmWGXeuG072J1Ie6_25YbYOzx7OlQSDm1qXiAZjeV9WfuHuh_fzRMniyrCGN0GHbolFbMZw8
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/388644778/?random=1597635802&cv=11&fst=1736456184093&bg=ffffff&guid=ON&async=1&gtm=45be5190h2za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&label=4N6-CLaYgZMCEKr_qLkB&hn=www.googleadservices.com&frm=2&tiba=Pixels&gtm_ee=1&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbECIgEBOAFAAUoVZXZlbnQtc291cmNlLCB0cmlnZ2VyYgQKAgID&pscrd=CJfl2ZuIoLffyQEiEwiz8c2xw-mKAxU8i4MHHX7hKfwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICzICCBUyAggfMgIIEzICCBI6Fmh0dHBzOi8vZ28ubWF4d2ViLmNvbS8 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUnHZ9y62HJTed9ucHmsOHChF7s_rJJbm1Ip5wiMR83bH6qWT7PxRbdIXNml
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/388644778/?random=1736456184074&cv=11&fst=1736452800000&bg=ffffff&guid=ON&async=1&gtm=45be5190h2za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7d4HZw8yhkAoDn1jHRm_d7DrQP611z8sdeHOuyKih4afklLB2J&random=4231047368&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=PG722sbfvqV6KlnsNvt4kckHWxljIqmQAhvMZlsAlgxqeh-8Wm13XoliLu3G25e9Wz86t1KY5j3-ZGu9u9BPyCVOa82KW9U9aPxZ6SbGW9CqF64MPmvWQ36GmWGXeuG072J1Ie6_25YbYOzx7OlQSDm1qXiAZjeV9WfuHuh_fzRMniyrCGN0GHbolFbMZw8
Source: global traffic	HTTP traffic detected: GET /muse/noop.js HTTP/1.1Host: www.paypalobjects.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ts?pgrp=muse%3Aoffer%3A%3A%3A8T2VCMX6GD4SG-1&page=muse%3Aoffer%3A%3A%3A8T2VCMX6GD4SG-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=a76c98f4-6469-4316-9f25-c961ba7f91b9&es=visitorInfoFlowStarted&mrid=8T2VCMX6GD4SG&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=BuyGoods%20-%20Secure%20Checkout&dh=1024&dw=1280&bh=907&bw=1280&cd=24&sh=1024&sw=1280&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1736456185794&g=300&completeurl=https%3A%2F%2Fbuygoods.com%2Fsecure%2Fcheckout.html%3Fsessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&disableSetCookie=true HTTP/1.1Host: t.paypal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: l7_az=dcg01.phx
Source: global traffic	HTTP traffic detected: GET /md HTTP/1.1Host: ssl.kaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: k=5a5777f320d8433faaa2e91bb331e368
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/601533754/?random=1736456183664&cv=11&fst=1736452800000&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dPiuw8mUmfh6zNzWrKyRp9xYjJQLN3Q&random=1512842882&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=PG722sbfvqV6KlnsNvt4kckHWxljIqmQAhvMZlsAlgxqeh-8Wm13XoliLu3G25e9Wz86t1KY5j3-ZGu9u9BPyCVOa82KW9U9aPxZ6SbGW9CqF64MPmvWQ36GmWGXeuG072J1Ie6_25YbYOzx7OlQSDm1qXiAZjeV9WfuHuh_fzRMniyrCGN0GHbolFbMZw8
Source: global traffic	HTTP traffic detected: GET /pagead/1p-conversion/601533754/?random=1613111877&cv=11&fst=1736456183706&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&label=BLRdCKaU-YsCELra6p4C&hn=www.googleadservices.com&frm=2&tiba=Pixels&gtm_ee=1&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CKK4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIIo8WxAgiQybECCNPFsQIiAQFAAUonZXZlbnQtc291cmNlLCB0cmlnZ2VyPW5hdmlnYXRpb24tc291cmNlYgQKAgID&pscrd=CMCQ6sTH-vymOSITCLHXm7HD6YoDFeOpgwcdBEQjWjICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLMgIIFTICCB8yAggTMgIIEjoWaHR0cHM6Ly9nby5tYXh3ZWIuY29tLw&is_vtc=1&cid=CAQSKQCa7L7d5JD94r-2AAWPd62avDul84N9BhhfYgwQLOrJ4c4sR3gzTPMP&random=1733251338 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=PG722sbfvqV6KlnsNvt4kckHWxljIqmQAhvMZlsAlgxqeh-8Wm13XoliLu3G25e9Wz86t1KY5j3-ZGu9u9BPyCVOa82KW9U9aPxZ6SbGW9CqF64MPmvWQ36GmWGXeuG072J1Ie6_25YbYOzx7OlQSDm1qXiAZjeV9WfuHuh_fzRMniyrCGN0GHbolFbMZw8
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/388275037/?random=1736456183756&cv=11&fst=1736452800000&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dvlFcmYATCJvj7FRQHJlqt9sG-MMYdg&random=4189524081&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=PG722sbfvqV6KlnsNvt4kckHWxljIqmQAhvMZlsAlgxqeh-8Wm13XoliLu3G25e9Wz86t1KY5j3-ZGu9u9BPyCVOa82KW9U9aPxZ6SbGW9CqF64MPmvWQ36GmWGXeuG072J1Ie6_25YbYOzx7OlQSDm1qXiAZjeV9WfuHuh_fzRMniyrCGN0GHbolFbMZw8
Source: global traffic	HTTP traffic detected: GET /pagead/1p-conversion/388275037/?random=1843449611&cv=11&fst=1736456183859&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&label=FCqNCNvFgJMCEN22krkB&hn=www.googleadservices.com&frm=2&tiba=Pixels&gtm_ee=1&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxAgjTxbECIgEBQAFKJ3RyaWdnZXI9bmF2aWdhdGlvbi1zb3VyY2UsIGV2ZW50LXNvdXJjZWIECgICAw&pscrd=CIajl53k-vHlbyITCNDlm7HD6YoDFcmNgwcdHysHDzICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLMgIIFTICCB8yAggTMgIIEjoWaHR0cHM6Ly9nby5tYXh3ZWIuY29tLw&is_vtc=1&cid=CAQSKQCa7L7dhuW-RVJAv-tQLFDYii4VrqMIHwRTEWsgtkp7B-86lA6rSJ0V&random=3115250042 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=PG722sbfvqV6KlnsNvt4kckHWxljIqmQAhvMZlsAlgxqeh-8Wm13XoliLu3G25e9Wz86t1KY5j3-ZGu9u9BPyCVOa82KW9U9aPxZ6SbGW9CqF64MPmvWQ36GmWGXeuG072J1Ie6_25YbYOzx7OlQSDm1qXiAZjeV9WfuHuh_fzRMniyrCGN0GHbolFbMZw8
Source: global traffic	HTTP traffic detected: GET /8xnhgfcmq7d3k99b HTTP/1.1Host: client-analytics.braintreegateway.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-conversion/11101953222/?random=2125437952&cv=11&fst=1736456183580&bg=ffffff&guid=ON&async=1&gtm=45be5170v9103334271za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&label=ZtTmCKbbnI4YEMa56a0p&hn=www.googleadservices.com&frm=2&tiba=Pixels&gtm_ee=1&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbECIgEBQAFKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZWIECgICAw&pscrd=CKih-7Gi1PGryQEiEwimrouxw-mKAxWAnYMHHZ5aPTUyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICzICCBUyAggfMgIIEzICCBI6Fmh0dHBzOi8vZ28ubWF4d2ViLmNvbS8&is_vtc=1&cid=CAQSKQCa7L7dhAPjry3P8DCk9xjJTYGXw-KXVwRDVe1usltVmmfIUPxmWlhl&random=120483673 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=PG722sbfvqV6KlnsNvt4kckHWxljIqmQAhvMZlsAlgxqeh-8Wm13XoliLu3G25e9Wz86t1KY5j3-ZGu9u9BPyCVOa82KW9U9aPxZ6SbGW9CqF64MPmvWQ36GmWGXeuG072J1Ie6_25YbYOzx7OlQSDm1qXiAZjeV9WfuHuh_fzRMniyrCGN0GHbolFbMZw8
Source: global traffic	HTTP traffic detected: GET /pagead/1p-conversion/388644778/?random=1597635802&cv=11&fst=1736456184093&bg=ffffff&guid=ON&async=1&gtm=45be5190h2za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&label=4N6-CLaYgZMCEKr_qLkB&hn=www.googleadservices.com&frm=2&tiba=Pixels&gtm_ee=1&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbECIgEBOAFAAUoVZXZlbnQtc291cmNlLCB0cmlnZ2VyYgQKAgID&pscrd=CJfl2ZuIoLffyQEiEwiz8c2xw-mKAxU8i4MHHX7hKfwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICzICCBUyAggfMgIIEzICCBI6Fmh0dHBzOi8vZ28ubWF4d2ViLmNvbS8&is_vtc=1&cid=CAQSKQCa7L7dlg1z8sTVNQUYK5wt-v_0w2RHrwPXEVY8rWgEn0_IHo3SSbO4&random=951731852 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://go.maxweb.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=PG722sbfvqV6KlnsNvt4kckHWxljIqmQAhvMZlsAlgxqeh-8Wm13XoliLu3G25e9Wz86t1KY5j3-ZGu9u9BPyCVOa82KW9U9aPxZ6SbGW9CqF64MPmvWQ36GmWGXeuG072J1Ie6_25YbYOzx7OlQSDm1qXiAZjeV9WfuHuh_fzRMniyrCGN0GHbolFbMZw8
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/10780050324/?random=1736456184032&cv=11&fst=1736452800000&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dxllOxqtTJEmskZsGUf_ARa2IBkrjn5f_CzM2fai4gMh2U-sD&random=3800009752&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=PG722sbfvqV6KlnsNvt4kckHWxljIqmQAhvMZlsAlgxqeh-8Wm13XoliLu3G25e9Wz86t1KY5j3-ZGu9u9BPyCVOa82KW9U9aPxZ6SbGW9CqF64MPmvWQ36GmWGXeuG072J1Ie6_25YbYOzx7OlQSDm1qXiAZjeV9WfuHuh_fzRMniyrCGN0GHbolFbMZw8
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/388644778/?random=1736456184074&cv=11&fst=1736452800000&bg=ffffff&guid=ON&async=1&gtm=45be5190h2za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&hn=www.googleadservices.com&frm=2&tiba=Pixels&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7d4HZw8yhkAoDn1jHRm_d7DrQP611z8sdeHOuyKih4afklLB2J&random=4231047368&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=PG722sbfvqV6KlnsNvt4kckHWxljIqmQAhvMZlsAlgxqeh-8Wm13XoliLu3G25e9Wz86t1KY5j3-ZGu9u9BPyCVOa82KW9U9aPxZ6SbGW9CqF64MPmvWQ36GmWGXeuG072J1Ie6_25YbYOzx7OlQSDm1qXiAZjeV9WfuHuh_fzRMniyrCGN0GHbolFbMZw8
Source: global traffic	HTTP traffic detected: GET /pagead/1p-conversion/601533754/?random=1613111877&cv=11&fst=1736456183706&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&label=BLRdCKaU-YsCELra6p4C&hn=www.googleadservices.com&frm=2&tiba=Pixels&gtm_ee=1&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CKK4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIIo8WxAgiQybECCNPFsQIiAQFAAUonZXZlbnQtc291cmNlLCB0cmlnZ2VyPW5hdmlnYXRpb24tc291cmNlYgQKAgID&pscrd=CMCQ6sTH-vymOSITCLHXm7HD6YoDFeOpgwcdBEQjWjICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLMgIIFTICCB8yAggTMgIIEjoWaHR0cHM6Ly9nby5tYXh3ZWIuY29tLw&is_vtc=1&cid=CAQSKQCa7L7d5JD94r-2AAWPd62avDul84N9BhhfYgwQLOrJ4c4sR3gzTPMP&random=1733251338 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=PG722sbfvqV6KlnsNvt4kckHWxljIqmQAhvMZlsAlgxqeh-8Wm13XoliLu3G25e9Wz86t1KY5j3-ZGu9u9BPyCVOa82KW9U9aPxZ6SbGW9CqF64MPmvWQ36GmWGXeuG072J1Ie6_25YbYOzx7OlQSDm1qXiAZjeV9WfuHuh_fzRMniyrCGN0GHbolFbMZw8
Source: global traffic	HTTP traffic detected: GET /pagead/1p-conversion/388275037/?random=1843449611&cv=11&fst=1736456183859&bg=ffffff&guid=ON&async=1&gtm=45be5170za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&label=FCqNCNvFgJMCEN22krkB&hn=www.googleadservices.com&frm=2&tiba=Pixels&gtm_ee=1&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxAgjTxbECIgEBQAFKJ3RyaWdnZXI9bmF2aWdhdGlvbi1zb3VyY2UsIGV2ZW50LXNvdXJjZWIECgICAw&pscrd=CIajl53k-vHlbyITCNDlm7HD6YoDFcmNgwcdHysHDzICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLMgIIFTICCB8yAggTMgIIEjoWaHR0cHM6Ly9nby5tYXh3ZWIuY29tLw&is_vtc=1&cid=CAQSKQCa7L7dhuW-RVJAv-tQLFDYii4VrqMIHwRTEWsgtkp7B-86lA6rSJ0V&random=3115250042 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=PG722sbfvqV6KlnsNvt4kckHWxljIqmQAhvMZlsAlgxqeh-8Wm13XoliLu3G25e9Wz86t1KY5j3-ZGu9u9BPyCVOa82KW9U9aPxZ6SbGW9CqF64MPmvWQ36GmWGXeuG072J1Ie6_25YbYOzx7OlQSDm1qXiAZjeV9WfuHuh_fzRMniyrCGN0GHbolFbMZw8
Source: global traffic	HTTP traffic detected: GET /xoplatform/logger/api/logger?disableSetCookie=true HTTP/1.1Host: www.paypal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: l7_az=dcg01.phx
Source: global traffic	HTTP traffic detected: GET /assets/checkout/img/favicon.ico HTTP/1.1Host: cdn.buygoods.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; cf_clearance=gSz48_oIDtFsEiO7npQnPYsU2clvq4qgypXFbjTTe5U-1736456185-1.2.1.1-6fBqpjq6zT1Y753JKIliEiVpqgyzqwnHDmbtD.cEo7dEYNSEtXCjaNa4D4iKT.X7NuXO6618_DUJeOlhSSxeo3m0mwZlywCPYP4LQgbvll1RSSbbkOewCjJ_B_lDBGX5.4ZKVxxIKdzbNnIixq3TKnlru2F14XbWN2luonCKtScITQzPJWCn4W2U6cHwKV_vXAlHTzShA1jdpe0AsLkfiEz5.ayrRsUr8RqQbFEJhGBjaB6G9B_RDaFjv0RpOox3FozAWlnG09m2GhpkCydR.qio_Ikb4YV_OfistORTwxolFQ7_3n9tGDSZ8e96S523PwKe2bY4T_.7gBqhsRjlBI4B3XpuduqU0wcpT7UK9AAda9Ez_R3VrXve7WdXuyvv
Source: global traffic	HTTP traffic detected: GET /targeting/graphql?disableSetCookie=true HTTP/1.1Host: www.paypal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: l7_az=dcg01.phx
Source: global traffic	HTTP traffic detected: GET /pagead/1p-conversion/388644778/?random=1597635802&cv=11&fst=1736456184093&bg=ffffff&guid=ON&async=1&gtm=45be5190h2za200zb9103334271&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%3Fa%3D6812%26token%3D4df97f99b03e60bc03420f175bd3f509%26checkout%3D1%26sessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5&ref=https%3A%2F%2Fbuygoods.com%2F&top=https%3A%2F%2Fbuygoods.com%2F&label=4N6-CLaYgZMCEKr_qLkB&hn=www.googleadservices.com&frm=2&tiba=Pixels&gtm_ee=1&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbECIgEBOAFAAUoVZXZlbnQtc291cmNlLCB0cmlnZ2VyYgQKAgID&pscrd=CJfl2ZuIoLffyQEiEwiz8c2xw-mKAxU8i4MHHX7hKfwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICzICCBUyAggfMgIIEzICCBI6Fmh0dHBzOi8vZ28ubWF4d2ViLmNvbS8&is_vtc=1&cid=CAQSKQCa7L7dlg1z8sTVNQUYK5wt-v_0w2RHrwPXEVY8rWgEn0_IHo3SSbO4&random=951731852 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=PG722sbfvqV6KlnsNvt4kckHWxljIqmQAhvMZlsAlgxqeh-8Wm13XoliLu3G25e9Wz86t1KY5j3-ZGu9u9BPyCVOa82KW9U9aPxZ6SbGW9CqF64MPmvWQ36GmWGXeuG072J1Ie6_25YbYOzx7OlQSDm1qXiAZjeV9WfuHuh_fzRMniyrCGN0GHbolFbMZw8
Source: global traffic	HTTP traffic detected: GET /assets/checkout/img/favicon.ico HTTP/1.1Host: cdn.buygoods.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: spiaffid_6797=326; spisubid_6797=8802%7C6812_sessid20250109205426977; spireferrer_6797=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout; spisessid2_6797=sessid2025010920547110; sessid2=sessid2025010920547110; spi_funnel_codename=; aff_id=326; sid=8802%7C6812_sessid20250109205426977; referrer=8.46.123.189:visi-sharp.net:buygoods.com%2Fsecure%2Fcheckout
Source: global traffic	HTTP traffic detected: GET /xoplatform/logger/api/logger?disableSetCookie=true HTTP/1.1Host: www.paypal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: l7_az=dcg01.phx
Source: global traffic	HTTP traffic detected: GET /v1/r/d/b/w?f=f90ace7de996d798d0419f2ab4a0d6dd&s=BRAINTREE_SIGNIN&d=%7B%22rDT%22%3A%2242033%2C41621%2C41832%3A21052%2C20493%2C24630%3A41523%2C41019%2C41006%3A41501%2C41045%2C41002%3A5619%2C5205%2C5142%3A41463%2C41083%2C41003%3A41444%2C41094%2C40999%3A10693%2C10365%2C10285%3A20936%2C20613%2C20508%3A15811%2C15490%2C15501%3A36290%2C35982%2C35882%3A10648%2C10365%2C10280%3A31108%2C30856%2C30754%3A51567%2C51348%2C51246%3A31022%2C30857%2C30757%3A36130%2C35986%2C35875%3A10509%2C10373%2C10262%3A20737%2C20625%2C20518%3A15602%2C15505%2C15377%3A41208%2C41122%2C41002%3A18168%2C21%22%7D HTTP/1.1Host: c.paypal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://buygoods.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KHcl0EuY7AKSMgfvHl7J5E7hPtK=5yb3e7kLMljlp__GfoHY0QUWSqKtasQgBbjSlTaiKK38vQpZgCjVpEqkEvtZnzZ7YLoi-6aCZ5s4u9qh; l7_az=dcg01.phx; sc_f=R9c23A35etfgK6ZUlPyk-MzS1SVEIW1zOS1qXIkm9wJ2eneD7XPrzei51K_GbEt4Q-bHX5Mzn7elZ604joCIHxqm5j7jgu_SE8JSQm
Source: global traffic	HTTP traffic detected: GET /youtubei/v1/log_event?alt=json HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=ai9MQ_IsTqk; VISITOR_INFO1_LIVE=rtLrPOSmvLs; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgbg%3D%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: yomali.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: chromecache_514.1.dr	String found in binary or memory: <a class="u-icon-v3 u-icon-size--xs g-bg-white-opacity-0_1 g-bg-white-opacity-0_2--hover g-color-white-opacity-0_6 rounded" href="https://www.facebook.com/YomaliCo/"> equals www.facebook.com (Facebook)
Source: chromecache_481.1.dr	String found in binary or memory: src="https://www.facebook.com/tr?id=789222289013177&ev=PageView&noscript=1" equals www.facebook.com (Facebook)
Source: chromecache_481.1.dr	String found in binary or memory: <p>(i) How do we use General Information?  General Information gives us insights on how people use the Service, and helps us to maintain, modify, and enhance it. We use cookies to help us customize your experience when using the Service. We also use services provided by <a href="https://www.google.com/url?q=https://www.hotjar.com/&sa=D&ust=1585933040236000" target="_blank">Hotjar</a>, <a href="https://www.google.com/url?q=https://developers.google.com/analytics/devguides/collection/analyticsjs/cookies-user-id&sa=D&ust=1585933040237000" target="_blank">Google Analytics</a>, <a href="https://www.google.com/url?q=http://www.facebook.com/&sa=D&ust=1585933040237000" target=")blank">Facebook</a>, and <a href="https://www.google.com/url?q=https://www.zendesk.com/company/policies-procedures/&sa=D&ust=1585933040237000" target="_blank">ZenDesk</a>, which set cookies for each User when they visit our site or use our Service.  </p> equals www.facebook.com (Facebook)
Source: chromecache_329.1.dr	String found in binary or memory: (g.JE(V,"redirector.googlevideo.com"),N=V.toString()):V.T.match("rr?[1-9].*\\.c\\.youtube\\.com$")?(g.JE(V,"www.youtube.com"),N=V.toString()):(V=pQL(N),BU(V)&&(N=V));V=new g.l5(N);V.set("cmo=pf","1");H&&V.set("cmo=td","a1.googlevideo.com");return V}; equals www.youtube.com (Youtube)
Source: chromecache_329.1.dr	String found in binary or memory: 0?"http":"https";this.Vn=rt((C?C.customBaseYoutubeUrl:p.BASE_YT_URL)\|\|"")\|\|rt(this.iW)\|\|this.protocol+"://www.youtube.com/";d=C?C.eventLabel:p.el;N="detailpage";d==="adunit"?N=this.S?"embedded":"detailpage":d==="embedded"\|\|this.D?N=N5(N,d,eO1):d&&(N="embedded");this.Wr=N;Odj();d=null;N=C?C.playerStyle:p.ps;X=g.W5(Pnj,N);!N\|\|X&&!this.D\|\|(d=N);this.playerStyle=d;this.Y=g.W5(Pnj,this.playerStyle);this.houseBrandUserStatus=C==null?void 0:C.houseBrandUserStatus;this.b_=this.Y&&this.playerStyle!=="play"&& equals www.youtube.com (Youtube)
Source: chromecache_406.1.dr, chromecache_538.1.dr	String found in binary or memory: Math.round(q);t["gtm.videoElapsedTime"]=Math.round(f);t["gtm.videoPercent"]=r;t["gtm.videoVisible"]=u;return t},Mk:function(){e=nb()},Kd:function(){d()}}};var Vb=wa(["data-gtm-yt-inspected-"]),LE=["www.youtube.com","www.youtube-nocookie.com"],ME,NE=!1; equals www.youtube.com (Youtube)
Source: chromecache_329.1.dr	String found in binary or memory: bu.prototype.If=function(){return this.w7.l()};var rxH=(new Date).getTime();var CZe="://secure-...imrworldwide.com/ ://cdn.imrworldwide.com/ ://aksecure.imrworldwide.com/ ://[^.]*.moatads.com ://youtube[0-9]+.moatpixel.com ://pm.adsafeprotected.com/youtube ://pm.test-adsafeprotected.com/youtube ://e[0-9]+.yt.srs.doubleverify.com www.google.com/pagead/xsul www.youtube.com/pagead/slav".split(" "),joQ=/\bocr\b/;var NTY=/(?:\[\|%5B)([a-zA-Z0-9_]+)(?:\]\|%5D)/g;var vcy=0,mke=0,FgV=0;var xI=null,YI=!1,t1a=1,nX=Symbol("SIGNAL"),e0={version:0,Qn$:0,mL:!1,TU:void 0,W9:void 0,Y$:void 0,G5:0,GS:void 0,vn:void 0,Qq:!1,Oa:!1,kind:"unknown",i9_:function(){return!1}, equals www.youtube.com (Youtube)
Source: chromecache_406.1.dr, chromecache_538.1.dr	String found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var k=qC(a,c,e);T(121);if(k["gtm.elementUrl"]==="https://www.facebook.com/tr/")return T(122),!0;if(d&&f){for(var m=yb(b,g.length),n=0;n<g.length;++n)g[n](k,m);return m.done}for(var p=0;p<g.length;++p)g[p](k,function(){});return!0},tC=function(){var a=[],b=function(c){return bb(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
Source: chromecache_575.1.dr	String found in binary or memory: function X(a,b){this.v={};this.playerInfo={};this.videoTitle="";this.j=this.g=null;this.h=0;this.m=!1;this.l=[];this.i=null;this.A={};this.options=null;if(!a)throw Error("YouTube player element ID required.");this.id=qa(this);b=Object.assign({title:"video player",videoId:"",width:640,height:360},b\|\|{});var c=document;if(a=typeof a==="string"?c.getElementById(a):a){W.yt_embedsEnableRsaforFromIframeApi&&tb();c=a.tagName.toLowerCase()==="iframe";b.host\|\|(b.host=c?mb(a.src):"https://www.youtube.com");this.options= equals www.youtube.com (Youtube)
Source: chromecache_575.1.dr	String found in binary or memory: function tb(){var a=new rb,b=["https://www.youtube.com"];b=b===void 0?qb:b;oa(function(c){switch(c.g){case 1:return C(c,sb(),2);case 2:if(!c.m){c.g=3;break}return C(c,Promise.all(b.map(function(d){var g;return oa(function(k){if(k.g==1)return k.l=2,C(k,navigator.permissions.query({name:"top-level-storage-access",requestedOrigin:d}),4);k.g!=2?(g=k.m,g.state==="prompt"&&a.g.push(d),k.g=0,k.l=0):(k.l=0,k.i=null,k.g=0)})})),4); equals www.youtube.com (Youtube)
Source: chromecache_329.1.dr	String found in binary or memory: g.LI=function(p){var C=g.bL(p);p0V.includes(C)&&(C="www.youtube.com");return p.protocol+"://"+C}; equals www.youtube.com (Youtube)
Source: chromecache_329.1.dr	String found in binary or memory: g.bL=function(p){p=fI(p.Vn);return p==="www.youtube-nocookie.com"?"www.youtube.com":p}; equals www.youtube.com (Youtube)
Source: chromecache_329.1.dr	String found in binary or memory: g.h.getVideoUrl=function(p,C,V,N,H,X,d){C={list:C};V&&(H?C.time_continue=V:C.t=V);V=d?"music.youtube.com":g.bL(this);H=V==="www.youtube.com";!X&&N&&H?X="https://youtu.be/"+p:g.DW(this)?(X="https://"+V+"/fire",C.v=p):(X&&H?(X=this.protocol+"://"+V+"/shorts/"+p,N&&(C.feature="share")):(X=this.protocol+"://"+V+"/watch",C.v=p),L3&&(p=RUQ())&&(C.ebc=p));return g.LJ(X,C)}; equals www.youtube.com (Youtube)
Source: chromecache_329.1.dr	String found in binary or memory: gP9=function(p,C){if(!p.T["0"]){var V=new Rr("0","fakesb",{video:new kZ(0,0,0,void 0,void 0,"auto")});p.T["0"]=C?new bw(new g.l5("http://www.youtube.com/videoplayback"),V,"fake"):new rz(new g.l5("http://www.youtube.com/videoplayback"),V,new JW(0,0),new JW(0,0))}}; equals www.youtube.com (Youtube)
Source: chromecache_406.1.dr, chromecache_538.1.dr	String found in binary or memory: if(!(e\|\|f\|\|g\|\|k.length\|\|m.length))return;var p={Lh:e,Jh:f,Kh:g,si:k,ui:m,af:n,Kb:b},q=A.YT;if(q)return q.ready&&q.ready(d),b;var r=A.onYouTubeIframeAPIReady;A.onYouTubeIframeAPIReady=function(){r&&r();d()};H(function(){for(var u=E.getElementsByTagName("script"),v=u.length,t=0;t<v;t++){var w=u[t].getAttribute("src");if(WE(w,"iframe_api")\|\|WE(w,"player_api"))return b}for(var x=E.getElementsByTagName("iframe"),y=x.length,B=0;B<y;B++)if(!NE&&UE(x[B],p.af))return lc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: chromecache_329.1.dr	String found in binary or memory: new Set;this.deviceIsAudioOnly=!(C==null\|\|!C.deviceIsAudioOnly);this.xt=Hw(this.xt,p.ismb);this.uL?(M=p.vss_host\|\|"s.youtube.com",M==="s.youtube.com"&&(M=fI(this.Vn)\|\|"www.youtube.com")):M="video.google.com";this.kz=M;Oe(this,p,!0);this.vr=new Wb;g.R(this,this.vr);T=C?C.innertubeApiKey:XW("",p.innertube_api_key);c=C?C.innertubeApiVersion:XW("",p.innertube_api_version);M=C?C.innertubeContextClientVersion:XW("",p.innertube_context_client_version);T=g.W6("INNERTUBE_API_KEY")\|\|T;c=g.W6("INNERTUBE_API_VERSION")\|\| equals www.youtube.com (Youtube)
Source: chromecache_408.1.dr, chromecache_328.1.dr, chromecache_411.1.dr, chromecache_550.1.dr, chromecache_412.1.dr, chromecache_288.1.dr, chromecache_587.1.dr, chromecache_416.1.dr, chromecache_302.1.dr, chromecache_530.1.dr, chromecache_571.1.dr	String found in binary or memory: return b}JE.F="internal.enableAutoEventOnTimer";var Vb=wa(["data-gtm-yt-inspected-"]),LE=["www.youtube.com","www.youtube-nocookie.com"],ME,NE=!1; equals www.youtube.com (Youtube)
Source: chromecache_367.1.dr	String found in binary or memory: return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var b=f.getFbeventsModules("signalsFBEventsGetTier"),c=d();function d(){try{if(a.trustedTypes&&a.trustedTypes.createPolicy){var b=a.trustedTypes;return b.createPolicy("facebook.com/signals/iwl",{createScriptURL:function(b){var c=typeof a.URL==="function"?a.URL:a.webkitURL;c=new c(b);c=c.hostname.endsWith(".facebook.com")&&c.pathname=="/signals/iwl.js";if(!c)throw new Error("Disallowed script URL");return b}})}}catch(a){}return null}e.exports=function(a,d){d=b(d);d=d==null?"www.facebook.com":"www."+d+".facebook.com";d="https://"+d+"/signals/iwl.js?pixel_id="+a;if(c!=null)return c.createScriptURL(d);else return d}})();return e.exports}(a,b,c,d)}); equals www.facebook.com (Facebook)
Source: chromecache_367.1.dr	String found in binary or memory: return function(f,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=/^https:\/\/www\.([A-Za-z0-9\.]+)\.facebook\.com\/tr\/?$/,b=["https://www.facebook.com/tr","https://www.facebook.com/tr/"];e.exports=function(c){if(b.indexOf(c)!==-1)return null;var d=a.exec(c);if(d==null)throw new Error("Malformed tier: "+c);return d[1]}})();return e.exports}(a,b,c,d)}); equals www.facebook.com (Facebook)
Source: chromecache_367.1.dr	String found in binary or memory: return function(f,g,h,i){var j={exports:{}};j.exports;(function(){"use strict";var a={ENDPOINT:"https://www.facebook.com/tr/",INSTAGRAM_TRIGGER_ATTRIBUTION:"https://www.instagram.com/tr/",AEM_ENDPOINT:"https://www.facebook.com/.well-known/aggregated-event-measurement/",GPS_ENDPOINT:"https://www.facebook.com/privacy_sandbox/pixel/register/trigger/",TOPICS_API_ENDPOINT:"https://www.facebook.com/privacy_sandbox/topics/registration/"};j.exports=a})();return j.exports}(a,b,c,d)}); equals www.facebook.com (Facebook)
Source: chromecache_329.1.dr	String found in binary or memory: this.yn.sY&&(p.authuser=this.yn.sY);this.yn.pageId&&(p.pageid=this.yn.pageId);isNaN(this.cryptoPeriodIndex)\|\|(p.cpi=this.cryptoPeriodIndex.toString());var H=(H=/_(TV\|STB\|GAME\|OTT\|ATV\|BDP)_/.exec(g.f0()))?H[1]:"";H==="ATV"&&(p.cdt=H);this.W=p;this.W.session_id=N;this.a$=!0;this.C.flavor==="widevine"&&(this.W.hdr="1");this.C.flavor==="playready"&&(C=Number(eO(C.experiments,"playready_first_play_expiration")),!isNaN(C)&&C>=0&&(this.W.mfpe=""+C),this.a$=!1);C="";g.O6(this.C)?fb(this.C)?(N=V.C)&&(C="https://www.youtube.com/api/drm/fps?ek="+ equals www.youtube.com (Youtube)
Source: chromecache_406.1.dr, chromecache_538.1.dr	String found in binary or memory: var YD=function(a,b,c,d,e){var f=OB("fsl",c?"nv.mwt":"mwt",0),g;g=c?OB("fsl","nv.ids",[]):OB("fsl","ids",[]);if(!g.length)return!0;var k=TB(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);T(121);if(m==="https://www.facebook.com/tr/")return T(122),!0;k["gtm.elementUrl"]=m;k["gtm.formCanceled"]=c;a.getAttribute("name")!=null&&(k["gtm.interactedFormName"]=a.getAttribute("name"));e&&(k["gtm.formSubmitElement"]=e,k["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!xA(k,zA(b, equals www.facebook.com (Facebook)
Source: chromecache_531.1.dr	String found in binary or memory: var scriptUrl = 'https:\/\/www.youtube.com\/s\/player\/3ede36f2\/www-widgetapi.vflset\/www-widgetapi.js';try{var ttPolicy=window.trustedTypes.createPolicy("youtube-widget-api",{createScriptURL:function(x){return x}});scriptUrl=ttPolicy.createScriptURL(scriptUrl)}catch(e){}var YT;if(!window["YT"])YT={loading:0,loaded:0};var YTConfig;if(!window["YTConfig"])YTConfig={"host":"https://www.youtube.com"}; equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: www.oneroguereporter.com
Source: global traffic	DNS traffic detected: DNS query: mwebexplorerpro.com
Source: global traffic	DNS traffic detected: DNS query: visi-sharp.net
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: dev.visualwebsiteoptimizer.com
Source: global traffic	DNS traffic detected: DNS query: dashboard.heatmap.com
Source: global traffic	DNS traffic detected: DNS query: connect.facebook.net
Source: global traffic	DNS traffic detected: DNS query: tracking.buygoods.com
Source: global traffic	DNS traffic detected: DNS query: www.youtube.com
Source: global traffic	DNS traffic detected: DNS query: api-js.mixpanel.com
Source: global traffic	DNS traffic detected: DNS query: i.ytimg.com
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: static.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: yt3.ggpht.com
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: rr3---sn-t0aedn7l.googlevideo.com
Source: global traffic	DNS traffic detected: DNS query: www.buygoods.com
Source: global traffic	DNS traffic detected: DNS query: rr3---sn-a5mekn6k.googlevideo.com
Source: global traffic	DNS traffic detected: DNS query: buygoods.com
Source: global traffic	DNS traffic detected: DNS query: cdn.buygoods.com
Source: global traffic	DNS traffic detected: DNS query: js.braintreegateway.com
Source: global traffic	DNS traffic detected: DNS query: display.buygoods.com
Source: global traffic	DNS traffic detected: DNS query: pay.buygoods.com
Source: global traffic	DNS traffic detected: DNS query: songbird.cardinalcommerce.com
Source: global traffic	DNS traffic detected: DNS query: static.cloudflareinsights.com
Source: global traffic	DNS traffic detected: DNS query: ka-f.fontawesome.com
Source: global traffic	DNS traffic detected: DNS query: www.datadoghq-browser-agent.com
Source: global traffic	DNS traffic detected: DNS query: yomali.com
Source: global traffic	DNS traffic detected: DNS query: includes.ccdc02.com
Source: global traffic	DNS traffic detected: DNS query: payments.braintree-api.com
Source: global traffic	DNS traffic detected: DNS query: browser-intake-datadoghq.com
Source: global traffic	DNS traffic detected: DNS query: go.maxweb.com
Source: global traffic	DNS traffic detected: DNS query: ssl.kaptcha.com
Source: global traffic	DNS traffic detected: DNS query: client-analytics.braintreegateway.com
Source: global traffic	DNS traffic detected: DNS query: checkout.paypal.com
Source: global traffic	DNS traffic detected: DNS query: c.paypal.com
Source: global traffic	DNS traffic detected: DNS query: www.paypal.com
Source: global traffic	DNS traffic detected: DNS query: assets.braintreegateway.com
Source: global traffic	DNS traffic detected: DNS query: trends.revcontent.com
Source: global traffic	DNS traffic detected: DNS query: golink.fun
Source: global traffic	DNS traffic detected: DNS query: business.newsbreak.com
Source: global traffic	DNS traffic detected: DNS query: www.softwareprojects.com
Source: global traffic	DNS traffic detected: DNS query: stun.kaptcha.com
Source: global traffic	DNS traffic detected: DNS query: stun1.l.google.com
Source: global traffic	DNS traffic detected: DNS query: c6.paypal.com
Source: global traffic	DNS traffic detected: DNS query: b.stats.paypal.com
Source: global traffic	DNS traffic detected: DNS query: td.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: lhr.stats.paypal.com
Source: global traffic	DNS traffic detected: DNS query: www.paypalobjects.com
Source: global traffic	DNS traffic detected: DNS query: t.paypal.com

Source: unknown

HTTP traffic detected: POST /track/?verbose=1&ip=1&_=1736456090572 HTTP/1.1Host: api-js.mixpanel.comConnection: keep-aliveContent-Length: 1304sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: */*Origin: https://visi-sharp.netSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://visi-sharp.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic

HTTP traffic detected: HTTP/1.1 403 ForbiddenConnection: closeContent-Length: 27Accept-Ch: Sec-CH-UA-FullCache-Control: max-age=0, no-cache, no-store, must-revalidateContent-Type: text/html; charset=utf-8Etag: W/"1b-t3Pfl4FRsGq0mO4t1UhagLO9mUw"Origin-Trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==Paypal-Debug-Id: f892426788d42Traceparent: 00-0000000000000000000f892426788d42-040c2acd7f70cdda-01DC: ccg11-origin-www-1.paypal.comAccept-Ranges: bytesVia: 1.1 varnish, 1.1 varnish, 1.1 varnishDate: Thu, 09 Jan 2025 20:56:29 GMTStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Served-By: cache-iad-kcgs7200032-IAD, cache-nyc-kteb1890032-NYC, cache-nyc-kteb1890032-NYCX-Cache: MISS, MISS, MISSX-Cache-Hits: 0, 0, 0X-Timer: S1736456190.721126,VS0,VE113Server-Timing: content-encoding;desc="",x-cdn;desc="fastly"

Source: chromecache_267.1.dr	String found in binary or memory: http://business.newsbreak.com/tracking/attribute?callback=
Source: chromecache_595.1.dr, chromecache_473.1.dr	String found in binary or memory: http://feross.org
Source: chromecache_345.1.dr, chromecache_532.1.dr	String found in binary or memory: http://g.co/dev/maps-no-account
Source: chromecache_514.1.dr	String found in binary or memory: http://instagram.com/yomaliofficial
Source: chromecache_389.1.dr, chromecache_521.1.dr, chromecache_329.1.dr	String found in binary or memory: http://tools.ietf.org/html/rfc1950
Source: chromecache_473.1.dr	String found in binary or memory: http://www-cs-students.stanford.edu/~tjw/jsbn/
Source: chromecache_345.1.dr, chromecache_532.1.dr	String found in binary or memory: http://www.broofa.com
Source: chromecache_329.1.dr	String found in binary or memory: http://www.youtube.com/videoplayback
Source: chromecache_329.1.dr	String found in binary or memory: http://youtube.com/drm/2012/10/10
Source: chromecache_329.1.dr	String found in binary or memory: http://youtube.com/streaming/metadata/segment/102015
Source: chromecache_329.1.dr	String found in binary or memory: http://youtube.com/streaming/otf/durations/112015
Source: chromecache_329.1.dr	String found in binary or memory: http://youtube.com/yt/2012/10/10
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://abandonedcart.buygoods.com/t5fmq0vJBdGrmLDP
Source: chromecache_329.1.dr	String found in binary or memory: https://admin.youtube.com
Source: chromecache_571.1.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_583.1.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_329.1.dr	String found in binary or memory: https://angular.dev/license
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://buygoods.com
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://buygoods.com/abuse
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://buygoods.com/affiliates/go/conversion/iframe/bg?a=
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://buygoods.com/secure/checkout/iframe?a=
Source: chromecache_408.1.dr, chromecache_328.1.dr, chromecache_411.1.dr, chromecache_550.1.dr, chromecache_406.1.dr, chromecache_412.1.dr, chromecache_288.1.dr, chromecache_587.1.dr, chromecache_416.1.dr, chromecache_302.1.dr, chromecache_538.1.dr, chromecache_530.1.dr, chromecache_571.1.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/assets/checkout/img/badge-14-day.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/assets/checkout/img/badge-180-day-fr.webp
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/assets/checkout/img/badge-180-day.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/assets/checkout/img/badge-30-day.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/assets/checkout/img/badge-365-day.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/assets/checkout/img/badge-60-day-de.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/assets/checkout/img/badge-60-day.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/assets/checkout/img/badge-90-day.png
Source: chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/assets/checkout/img/default-product.webp
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/assets/checkout/img/digitalDownload.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/7533/sc-1-bottle.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/7533/sc-3-bottle.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/7533/sc-6-bottle.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/7533/sc-desktop-header.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/7533/sc-mobile-header.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/8117/FS_header-desktop.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/8117/FS_header-mobile.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/8117/footer-desktop-de.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/8117/footer-desktop-es.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/8117/fs-1-Bottle-With-Guarantee-Recovered.jpg
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/8117/fs-3-Bottle-With-Guarantee-Recovered.jpg
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/8117/fs-6-Bottle-With-Guaranteee-Recovered.jpg
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/8117/header-desktop-de.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/8117/header-desktop-es.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/8999/seroburn-header-desktop-ar.jpg
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/8999/seroburn-header-mobile-ar.jpg
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/9103/pd-form-banner.jpeg
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/9348/nb-OTP-banner.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/9410/ps-1-Bottle-With-Guarantee.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/9410/ps-3-Bottle-With-Guarantee.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/9410/ps-6-Bottle-With-Guaranteee.png
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/9410/ps-Desktop-Header-2.jpg
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/9410/ps-Mobile-Header-2.jpg
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://cdn.buygoods.com/buygoods/checkout/9915/tc24-OTP-Mobile_desktop.png
Source: chromecache_514.1.dr	String found in binary or memory: https://cdn.buygoods.com/js/cookie-consent/jquery.cookieMessage_dev_0.0.12.min.js
Source: chromecache_514.1.dr	String found in binary or memory: https://cdn.yomali.com/assets/img/1920x1080/img1.jpg);
Source: chromecache_514.1.dr	String found in binary or memory: https://cdn.yomali.com/assets/img/200x100/img1.png
Source: chromecache_514.1.dr	String found in binary or memory: https://cdn.yomali.com/assets/img/200x100/img10.png
Source: chromecache_514.1.dr	String found in binary or memory: https://cdn.yomali.com/assets/img/200x100/img11.png
Source: chromecache_514.1.dr	String found in binary or memory: https://cdn.yomali.com/assets/img/200x100/img12.png
Source: chromecache_514.1.dr	String found in binary or memory: https://cdn.yomali.com/assets/img/200x100/img13.png
Source: chromecache_514.1.dr	String found in binary or memory: https://cdn.yomali.com/assets/img/200x100/img14.png
Source: chromecache_514.1.dr	String found in binary or memory: https://cdn.yomali.com/assets/img/200x100/img2.png
Source: chromecache_514.1.dr	String found in binary or memory: https://cdn.yomali.com/assets/img/200x100/img3.png
Source: chromecache_514.1.dr	String found in binary or memory: https://cdn.yomali.com/assets/img/200x100/img4.png
Source: chromecache_514.1.dr	String found in binary or memory: https://cdn.yomali.com/assets/img/200x100/img5.png
Source: chromecache_514.1.dr	String found in binary or memory: https://cdn.yomali.com/assets/img/200x100/img6.png
Source: chromecache_514.1.dr	String found in binary or memory: https://cdn.yomali.com/assets/img/200x100/img7.png
Source: chromecache_514.1.dr	String found in binary or memory: https://cdn.yomali.com/assets/img/200x100/img8.png
Source: chromecache_514.1.dr	String found in binary or memory: https://cdn.yomali.com/assets/img/200x100/img9.png
Source: chromecache_514.1.dr	String found in binary or memory: https://cdn.yomali.com/assets/img/500x600/partnerlogos.png
Source: chromecache_514.1.dr	String found in binary or memory: https://cdn.yomali.com/assets/img/logo/yomali_logo.png
Source: chromecache_514.1.dr	String found in binary or memory: https://cdn.yomali.com/images/yomali_favicon.ico
Source: chromecache_595.1.dr, chromecache_473.1.dr	String found in binary or memory: https://code.google.com/p/crypto-js/issues/detail?id=84
Source: chromecache_367.1.dr	String found in binary or memory: https://connect.facebook.net/
Source: chromecache_481.1.dr	String found in binary or memory: https://connect.facebook.net/en_US/fbevents.js
Source: chromecache_367.1.dr	String found in binary or memory: https://connect.facebook.net/log/fbevents_telemetry/
Source: chromecache_595.1.dr, chromecache_473.1.dr	String found in binary or memory: https://crypto-js.googlecode.com/svn-history/r667/branches/3.x/src/core.js
Source: chromecache_481.1.dr	String found in binary or memory: https://dashboard.heatmap.com/conversions.js?siteId=567
Source: chromecache_481.1.dr	String found in binary or memory: https://dev.visualwebsiteoptimizer.com
Source: chromecache_481.1.dr	String found in binary or memory: https://dev.visualwebsiteoptimizer.com/ee.gif?a=
Source: chromecache_481.1.dr	String found in binary or memory: https://dev.visualwebsiteoptimizer.com/j.php?a=
Source: chromecache_532.1.dr	String found in binary or memory: https://developer.mozilla.org/docs/Web/API/EventTarget/addEventListener
Source: chromecache_345.1.dr, chromecache_532.1.dr	String found in binary or memory: https://developers.google.com/maps/deprecations
Source: chromecache_345.1.dr, chromecache_532.1.dr	String found in binary or memory: https://developers.google.com/maps/documentation/javascript/advanced-markers/migration
Source: chromecache_526.1.dr, chromecache_395.1.dr, chromecache_317.1.dr, chromecache_365.1.dr	String found in binary or memory: https://developers.google.com/maps/documentation/javascript/error-messages#
Source: chromecache_532.1.dr	String found in binary or memory: https://developers.google.com/maps/documentation/javascript/error-messages#unsupported-browsers
Source: chromecache_345.1.dr, chromecache_532.1.dr	String found in binary or memory: https://developers.google.com/maps/documentation/javascript/libraries
Source: chromecache_532.1.dr	String found in binary or memory: https://developers.google.com/maps/documentation/javascript/styling#cloud_tooling
Source: chromecache_316.1.dr	String found in binary or memory: https://developers.google.com/maps/documentation/javascript/versions#beta-channel
Source: chromecache_575.1.dr	String found in binary or memory: https://developers.google.com/youtube/iframe_api_reference#Events
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://display.buygoods.com/v1/terms?id=terms
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://display.buygoods.com/v1/terms?id=terms&lang=ar
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://display.buygoods.com/v1/terms?id=terms&lang=de
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://display.buygoods.com/v1/terms?id=terms&lang=es
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://display.buygoods.com/v1/terms?id=terms&lang=fr
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://display.buygoods.com/v1/terms?id=terms&lang=pt
Source: chromecache_329.1.dr	String found in binary or memory: https://docs.google.com/get_video_info
Source: chromecache_450.1.dr	String found in binary or memory: https://fontawesome.com
Source: chromecache_450.1.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: chromecache_507.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2)
Source: chromecache_507.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459WRhyzbi.woff2)
Source: chromecache_507.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2)
Source: chromecache_507.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2)
Source: chromecache_507.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2)
Source: chromecache_557.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmQiArmlw.wo
Source: chromecache_557.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2
Source: chromecache_557.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmXiArmlw.wo
Source: chromecache_557.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmYiArmlw.wo
Source: chromecache_557.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmZiArmlw.wo
Source: chromecache_557.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmaiArmlw.wo
Source: chromecache_557.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmbiArmlw.wo
Source: chromecache_557.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVn6iArmlw.wo
Source: chromecache_557.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVnoiArmlw.wo
Source: chromecache_390.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sacramento/v15/buEzpo6gcdjy0EiZMBUG4C0f_Q.woff2)
Source: chromecache_390.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sacramento/v15/buEzpo6gcdjy0EiZMBUG4CMf_exL.woff2)
Source: chromecache_320.1.dr, chromecache_455.1.dr, chromecache_494.1.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_595.1.dr, chromecache_473.1.dr	String found in binary or memory: https://github.com/bitcoinjs/bitcoinjs-lib
Source: chromecache_389.1.dr, chromecache_521.1.dr, chromecache_329.1.dr	String found in binary or memory: https://github.com/madler/zlib/blob/master/zlib.h
Source: chromecache_588.1.dr, chromecache_551.1.dr	String found in binary or memory: https://github.com/nosir/
Source: chromecache_588.1.dr, chromecache_551.1.dr	String found in binary or memory: https://github.com/nosir/cleave.js
Source: chromecache_320.1.dr, chromecache_455.1.dr, chromecache_494.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_320.1.dr, chromecache_455.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://go.maxweb.com/conversion/iframe?a=
Source: chromecache_267.1.dr	String found in binary or memory: https://golink.fun/click.php?event8=1
Source: chromecache_345.1.dr, chromecache_532.1.dr	String found in binary or memory: https://goo.gle/js-api-loading
Source: chromecache_316.1.dr	String found in binary or memory: https://goo.gle/js-open-now
Source: chromecache_316.1.dr	String found in binary or memory: https://goo.gle/js-open-now.
Source: chromecache_571.1.dr	String found in binary or memory: https://google.com
Source: chromecache_571.1.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_299.1.dr, chromecache_354.1.dr	String found in binary or memory: https://includes.ccdc02.com/cardinalcruise/v1/b109e0c6fd2a5b6b93b2/
Source: chromecache_481.1.dr	String found in binary or memory: https://iovs.arvojournals.org/article.aspx?articleid=2354130
Source: chromecache_329.1.dr	String found in binary or memory: https://jnn-pa.googleapis.com
Source: chromecache_481.1.dr	String found in binary or memory: https://journals.lww.com/ijo/Fulltext/2021/03000/A_systematic_review_of_gut_microbiome_and_ocular.12
Source: chromecache_481.1.dr	String found in binary or memory: https://journals.physiology.org/doi/full/10.1152/ajpgi.00304.2019
Source: chromecache_561.1.dr, chromecache_373.1.dr	String found in binary or memory: https://ka-f.fontawesome.com
Source: chromecache_561.1.dr, chromecache_373.1.dr	String found in binary or memory: https://kit.fontawesome.com
Source: chromecache_514.1.dr	String found in binary or memory: https://linkedin.com/company/yomali
Source: chromecache_458.1.dr	String found in binary or memory: https://maps.googleapis.com/maps-api-v3/api/js/59/4a/main.js
Source: chromecache_458.1.dr	String found in binary or memory: https://maps.googleapis.com/maps-api-v3/api/js/59/4a/places.js
Source: chromecache_316.1.dr	String found in binary or memory: https://maps.googleapis.com/maps/api/staticmap
Source: chromecache_329.1.dr	String found in binary or memory: https://music.youtube.com
Source: chromecache_571.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_408.1.dr, chromecache_328.1.dr, chromecache_411.1.dr, chromecache_550.1.dr, chromecache_406.1.dr, chromecache_412.1.dr, chromecache_288.1.dr, chromecache_587.1.dr, chromecache_416.1.dr, chromecache_302.1.dr, chromecache_538.1.dr, chromecache_530.1.dr, chromecache_571.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_316.1.dr	String found in binary or memory: https://places.googleapis.com/v1/places/$
Source: chromecache_329.1.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_481.1.dr	String found in binary or memory: https://pubmed.ncbi.nlm.nih.gov/31782132/
Source: chromecache_595.1.dr, chromecache_473.1.dr	String found in binary or memory: https://raw.githubusercontent.com/tildeio/rsvp.js/master/LICENSE
Source: chromecache_329.1.dr	String found in binary or memory: https://redux.js.org/api/store#subscribelistener
Source: chromecache_329.1.dr	String found in binary or memory: https://redux.js.org/tutorials/fundamentals/part-4-store#creating-a-store-with-enhancers
Source: chromecache_329.1.dr	String found in binary or memory: https://redux.js.org/tutorials/fundamentals/part-4-store#middleware
Source: chromecache_329.1.dr	String found in binary or memory: https://redux.js.org/tutorials/fundamentals/part-6-async-logic#using-the-redux-thunk-middleware
Source: chromecache_556.1.dr	String found in binary or memory: https://rr3---sn-a5mekn6k.googlevideo.com/videoplayback?expire=1736477696&ei=oDeAZ4C1Hra16dsPva6GiQQ
Source: chromecache_481.1.dr	String found in binary or memory: https://sci-hub.se/10.1016/j.biopha.2018.08.031
Source: chromecache_481.1.dr	String found in binary or memory: https://sci-hub.se/https://doi.org/10.3109/09637486.2014.886184
Source: chromecache_560.1.dr, chromecache_350.1.dr, chromecache_552.1.dr, chromecache_540.1.dr	String found in binary or memory: https://sketch.com
Source: chromecache_525.1.dr	String found in binary or memory: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Source: chromecache_406.1.dr, chromecache_412.1.dr, chromecache_288.1.dr, chromecache_538.1.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_583.1.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_481.1.dr	String found in binary or memory: https://storage.googleapis.com/offerimages/visisharp/images/custom/offer-ebook-image-0a4bb6892-9dc2-
Source: chromecache_481.1.dr	String found in binary or memory: https://storage.googleapis.com/offerimages/visisharp/images/custom/offer-ebook-image-1ae9afaec-4846-
Source: chromecache_481.1.dr	String found in binary or memory: https://storage.googleapis.com/offerimages/visisharp/images/custom/offer-scientific-reference-09be18
Source: chromecache_481.1.dr	String found in binary or memory: https://storage.googleapis.com/offerimages/visisharp/images/custom/offer-scientific-reference-11ab4c
Source: chromecache_481.1.dr	String found in binary or memory: https://storage.googleapis.com/offerimages/visisharp/images/custom/offer-scientific-reference-2651ea
Source: chromecache_481.1.dr	String found in binary or memory: https://storage.googleapis.com/offerimages/visisharp/images/custom/offer-scientific-reference-3ca498
Source: chromecache_481.1.dr	String found in binary or memory: https://storage.googleapis.com/offerimages/visisharp/images/custom/offer-scientific-reference-43e3a3
Source: chromecache_481.1.dr	String found in binary or memory: https://storage.googleapis.com/offerimagesbeep/visisharp/images/custom/exit-popup.png
Source: chromecache_481.1.dr	String found in binary or memory: https://storage.googleapis.com/offerimagesbeep/visisharp/images/custom/shortcut-icon.png
Source: chromecache_481.1.dr	String found in binary or memory: https://storage.googleapis.com/offerimagesbeep/visisharp/images/products/prod11/6-bottles.png
Source: chromecache_481.1.dr	String found in binary or memory: https://storage.googleapis.com/offerimagesbeep/visisharp/images/products/prod7/1-bottle.png
Source: chromecache_481.1.dr	String found in binary or memory: https://storage.googleapis.com/offerimagesbeep/visisharp/images/products/prod8/3-bottles.png
Source: chromecache_481.1.dr	String found in binary or memory: https://storage.googleapis.com/offerimagesbeep/visisharp/images/products/prod9/6-bottles.png
Source: chromecache_316.1.dr	String found in binary or memory: https://support.google.com/contributionpolicy/answer/7422880
Source: chromecache_345.1.dr, chromecache_532.1.dr	String found in binary or memory: https://support.google.com/fusiontables/answer/9185417).
Source: chromecache_316.1.dr	String found in binary or memory: https://support.google.com/maps/answer/3092445
Source: chromecache_329.1.dr	String found in binary or memory: https://support.google.com/youtube/?p=noaudio
Source: chromecache_329.1.dr	String found in binary or memory: https://support.google.com/youtube/answer/3037019#check_ad_blockers&zippy=%2Ccheck-your-extensions-i
Source: chromecache_583.1.dr	String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_408.1.dr, chromecache_328.1.dr, chromecache_411.1.dr, chromecache_550.1.dr, chromecache_406.1.dr, chromecache_412.1.dr, chromecache_288.1.dr, chromecache_587.1.dr, chromecache_416.1.dr, chromecache_302.1.dr, chromecache_538.1.dr, chromecache_530.1.dr, chromecache_571.1.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_441.1.dr, chromecache_393.1.dr	String found in binary or memory: https://tracking.buygoods
Source: chromecache_481.1.dr	String found in binary or memory: https://tracking.buygoods.com/track/?a=6797&firstcookie=0
Source: chromecache_514.1.dr	String found in binary or memory: https://twitter.com/yomalico
Source: chromecache_329.1.dr	String found in binary or memory: https://viacon.corp.google.com
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net/form/affiliates
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net/form/contact
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net/images/100-natural.svg
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net/images/Delaware.png
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net/images/FDA_2.svg
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net/images/GMP_stars.svg
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net/images/USA.svg
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net/images/V3.png
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net/images/app/buygoods.png
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net/images/best_value_v2.png
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net/images/female/30-40/t-3.jpg
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net/images/female/30-40/t-7.jpg
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net/images/female/40-60/t-1.jpg
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net/images/male/30-40/t-2.jpg
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net/images/male/30-40/t-6.jpg
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net/images/male/40-60/t-0.jpg
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net/images/male/40-60/t-4.jpg
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net/images/male/40-60/t-5.jpg
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net/images/most_popular_v2.png
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net/images/verified_purchase.png
Source: chromecache_481.1.dr	String found in binary or memory: https://visi-sharp.net/pixels/e71ec514527769916ab2b5748eef670b?
Source: chromecache_481.1.dr	String found in binary or memory: https://www.buygoods.com/secure/checkout.html?account_id=6797&product_codename=prod11&redire
Source: chromecache_481.1.dr	String found in binary or memory: https://www.buygoods.com/secure/checkout.html?account_id=6797&product_codename=prod7&redirec
Source: chromecache_481.1.dr	String found in binary or memory: https://www.buygoods.com/secure/checkout.html?account_id=6797&product_codename=prod8&redirec
Source: chromecache_481.1.dr	String found in binary or memory: https://www.buygoods.com/secure/checkout.html?account_id=6797&product_codename=prod9&redirec
Source: chromecache_481.1.dr	String found in binary or memory: https://www.cera.org.au/research/uveitis-research/
Source: chromecache_514.1.dr	String found in binary or memory: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Source: chromecache_530.1.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_583.1.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_583.1.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_583.1.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_571.1.dr, chromecache_365.1.dr	String found in binary or memory: https://www.google.com
Source: chromecache_583.1.dr	String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_316.1.dr	String found in binary or memory: https://www.google.com/maps/dir/
Source: chromecache_481.1.dr	String found in binary or memory: https://www.google.com/url?q=https://aws.amazon.com/privacy/&sa=D&ust=1585933040238000
Source: chromecache_481.1.dr	String found in binary or memory: https://www.google.com/url?q=https://aws.amazon.com/privacy/&sa=D&ust=1585933040239000
Source: chromecache_481.1.dr	String found in binary or memory: https://www.google.com/url?q=https://aws.amazon.com/privacy/&sa=D&ust=1585933040240000
Source: chromecache_481.1.dr	String found in binary or memory: https://www.google.com/url?q=https://developers.google.com/analytics/devguides/collection/analyticsj
Source: chromecache_481.1.dr	String found in binary or memory: https://www.google.com/url?q=https://support.google.com/analytics/topic/2919631?hl%3Den%26ref_topic%
Source: chromecache_481.1.dr	String found in binary or memory: https://www.google.com/url?q=https://www.hotjar.com/&sa=D&ust=1585933040236000
Source: chromecache_481.1.dr	String found in binary or memory: https://www.google.com/url?q=https://www.hotjar.com/legal/policies/privacy&sa=D&ust=15859330
Source: chromecache_481.1.dr	String found in binary or memory: https://www.google.com/url?q=https://www.zendesk.com/company/policies-procedures/&sa=D&ust=1
Source: chromecache_571.1.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_329.1.dr	String found in binary or memory: https://www.googleapis.com/certificateprovisioning/v1/devicecertificates/create?key=AIzaSyB-5OLKTx2i
Source: chromecache_571.1.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_408.1.dr, chromecache_328.1.dr, chromecache_411.1.dr, chromecache_550.1.dr, chromecache_587.1.dr, chromecache_416.1.dr, chromecache_302.1.dr, chromecache_571.1.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_583.1.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_267.1.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=AW-10780050324
Source: chromecache_267.1.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=AW-11101953222
Source: chromecache_267.1.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=AW-388275037
Source: chromecache_267.1.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=AW-388644778
Source: chromecache_267.1.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=AW-601533754
Source: chromecache_481.1.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=UA-62785402-66
Source: chromecache_481.1.dr	String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-53H4JQQ
Source: chromecache_408.1.dr, chromecache_328.1.dr, chromecache_411.1.dr, chromecache_550.1.dr, chromecache_587.1.dr, chromecache_416.1.dr, chromecache_302.1.dr, chromecache_571.1.dr	String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: chromecache_406.1.dr, chromecache_412.1.dr, chromecache_288.1.dr, chromecache_538.1.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_481.1.dr	String found in binary or memory: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4808895/
Source: chromecache_481.1.dr	String found in binary or memory: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7941169/
Source: chromecache_481.1.dr	String found in binary or memory: https://www.researchgate.net/publication/266387824_The_Potential_Hazards_of_Aspergillus_sp_in_Foods_
Source: chromecache_575.1.dr	String found in binary or memory: https://www.youtube.com
Source: chromecache_329.1.dr	String found in binary or memory: https://www.youtube.com/api/drm/fps?ek=
Source: chromecache_406.1.dr, chromecache_538.1.dr	String found in binary or memory: https://www.youtube.com/iframe_api
Source: chromecache_329.1.dr	String found in binary or memory: https://youtu.be/
Source: chromecache_329.1.dr	String found in binary or memory: https://youtube.com/api/drm/fps?ek=uninitialized
Source: chromecache_329.1.dr	String found in binary or memory: https://youtubei.googleapis.com/youtubei/
Source: chromecache_329.1.dr	String found in binary or memory: https://yurt.corp.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50211 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 50177 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50257 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 50085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 50165 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 50189 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50269 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 50280 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50153 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 50235 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 50061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 50026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50301 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50270 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 50282 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50247 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50095 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50155 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 50038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 50143 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50208 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50259 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 50083 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown	Network traffic detected: HTTP traffic on port 50121 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49993
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50199 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 50277 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50106
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50108
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50109
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50100
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50101
Source: unknown	Network traffic detected: HTTP traffic on port 50243 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50289 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50197 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50117
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50119
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50118
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50111
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50113
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50112
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50115
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50213 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50128
Source: unknown	Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50129
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50120
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 50093 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50121
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50124
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50106 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50267 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50300
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50301
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50141 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50233 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50279 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50163 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50296
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50053
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50295
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50056
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50055
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50299
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50059
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50061
Source: unknown	Network traffic detected: HTTP traffic on port 50286 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50062
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50065
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50064
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50066
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50068
Source: unknown	Network traffic detected: HTTP traffic on port 50205 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50240 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50227 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50252 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50195 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50078
Source: unknown	Network traffic detected: HTTP traffic on port 50057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50077
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50079
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50081
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50080
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50083
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50082
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50085
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50084
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50087
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50086
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50089
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50088
Source: unknown	Network traffic detected: HTTP traffic on port 50079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50090
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50091
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50094
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50093
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50096
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50095
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown	Network traffic detected: HTTP traffic on port 50193 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50259
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50252
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50251
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50254
Source: unknown	Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50253
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 50090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50256
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50257
Source: unknown	Network traffic detected: HTTP traffic on port 50161 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50261
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50260
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50215 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50029
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50263
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50262
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50265
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50264
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50025
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50267
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50266
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50269
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50026
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50268
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50264 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50270
Source: unknown	Network traffic detected: HTTP traffic on port 50021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50272
Source: unknown	Network traffic detected: HTTP traffic on port 50138 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50271
Source: unknown	Network traffic detected: HTTP traffic on port 49995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50274
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50031
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50273
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50276
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50278
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50277
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50038
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50037
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50279
Source: unknown	Network traffic detected: HTTP traffic on port 50242 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50281
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50280
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50283
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50282
Source: unknown	Network traffic detected: HTTP traffic on port 50089 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50203 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50276 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50171 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50043
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50285
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50042
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50284
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50287
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50044
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50286
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50289
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50288
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50049
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50048
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50290
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50050
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50291
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50294
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50051
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50293
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50168 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50260 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50219 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50134 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50156 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50272 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50100 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50207 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50294 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50181 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50065 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50229 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50296 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50097
Source: unknown	Network traffic detected: HTTP traffic on port 49691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50099
Source: unknown	Network traffic detected: HTTP traffic on port 50112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50158 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 50087 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 50250 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 50063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50124 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50191 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50262 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50217 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50146 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50284 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50097 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50239 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 49993 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 50154 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50234 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 50268 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 50120 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840

Source: classification engine

Classification label: mal52.phis.win@31/514@195/59

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1924,i,7523114714375834015,5707204102508674468,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.oneroguereporter.com/gks"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4104 --field-trial-handle=1924,i,7523114714375834015,5707204102508674468,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5508 --field-trial-handle=1924,i,7523114714375834015,5707204102508674468,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1924,i,7523114714375834015,5707204102508674468,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5508 --field-trial-handle=1924,i,7523114714375834015,5707204102508674468,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4104 --field-trial-handle=1924,i,7523114714375834015,5707204102508674468,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5508 --field-trial-handle=1924,i,7523114714375834015,5707204102508674468,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	1 Drive-by Compromise	Windows Management Instrumentation	2 Browser Extensions	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	1 Registry Run Keys / Startup Folder	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
http://www.oneroguereporter.com/gks	0%	Avira URL Cloud	safe

Source	Detection	Scanner	Label
https://visi-sharp.net/pixels/e71ec514527769916ab2b5748eef670b?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802&key=66taBl5rn79UTO5JGFaAqZivQP7PL3UU	0%	Avira URL Cloud	safe
https://yomali.com/	0%	Avira URL Cloud	safe
https://visi-sharp.net/images/most_popular_v2.png	0%	Avira URL Cloud	safe
https://cdn.buygoods.com/buygoods/checkout/9103/pd-form-banner.jpeg	0%	Avira URL Cloud	safe
https://cdn.buygoods.com/buygoods/checkout/8117/header-desktop-es.png	0%	Avira URL Cloud	safe
https://cdn.buygoods.com/productimages/6797/42/6_bo_les_1_g0pjc_p_g_resized333.png	0%	Avira URL Cloud	safe
https://cdn.yomali.com/assets/img/500x600/partnerlogos.png	0%	Avira URL Cloud	safe
https://cdn.buygoods.com/assets/checkout/img/trust-guard.png	0%	Avira URL Cloud	safe
https://visi-sharp.net/images/male/40-60/t-4.jpg	0%	Avira URL Cloud	safe
https://cdn.buygoods.com/assets/checkout/img/badge-365-day.png	0%	Avira URL Cloud	safe
https://visi-sharp.net/form/affiliates	0%	Avira URL Cloud	safe
http://yomali.com/	0%	Avira URL Cloud	safe
https://cdn.buygoods.com/buygoods/checkout/9410/ps-Desktop-Header-2.jpg	0%	Avira URL Cloud	safe
https://pay.buygoods.com/lib/v1/js/vaultFrame.js?v=65	0%	Avira URL Cloud	safe
https://cdn.yomali.com/assets/img/200x100/img12.png	0%	Avira URL Cloud	safe
https://cdn.buygoods.com/buygoods/checkout/7533/sc-desktop-header.png	0%	Avira URL Cloud	safe
https://visi-sharp.net/images/USA.svg	0%	Avira URL Cloud	safe
https://pay.buygoods.com/js/cleave.min.js	0%	Avira URL Cloud	safe
https://cdn.yomali.com/assets/img/200x100/img7.png	0%	Avira URL Cloud	safe
https://visi-sharp.net/images/male/40-60/t-0.jpg	0%	Avira URL Cloud	safe
https://cdn.buygoods.com/buygoods/checkout/8117/fs-6-Bottle-With-Guaranteee-Recovered.jpg	0%	Avira URL Cloud	safe
https://cdn.yomali.com/assets/img/200x100/img3.png	0%	Avira URL Cloud	safe
https://visi-sharp.net/images/0.png	0%	Avira URL Cloud	safe
https://pay.buygoods.com/img/jcb.svg	0%	Avira URL Cloud	safe
https://pay.buygoods.com/css/bootstrap.min.css	0%	Avira URL Cloud	safe
https://cdn.buygoods.com/assets/checkout/img/visa-cvv.jpg	0%	Avira URL Cloud	safe
https://visi-sharp.net/images/app/buygoods.png	0%	Avira URL Cloud	safe
https://cdn.buygoods.com/assets/checkout/img/badge-30-day.png	0%	Avira URL Cloud	safe
https://cdn.buygoods.com/buygoods/checkout/9348/nb-OTP-banner.png	0%	Avira URL Cloud	safe
https://visi-sharp.net/images/female/40-60/t-1.jpg	0%	Avira URL Cloud	safe
https://www.cera.org.au/research/uveitis-research/	0%	Avira URL Cloud	safe
https://pay.buygoods.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	0%	Avira URL Cloud	safe
https://cdn.buygoods.com/assets/checkout/img/badge-90-day.png	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
paypal.map.fastly.net	151.101.2.133	true	false	high
static.cloudflareinsights.com	104.16.79.73	true	false	high
dualstack.paypal-dynamic-2.map.fastly.net	151.101.65.35	true	false	high
buygoodslb.clickcrm.com	172.66.40.234	true	false	unknown
cdn.buygoods.com	172.66.40.141	true	false	high
paypal-dynamic.map.fastly.net	151.101.1.21	true	false	high
i.ytimg.com	216.58.206.86	true	false	high
dev.visualwebsiteoptimizer.com	34.107.218.251	true	false	high
stun1.l.google.com	74.125.250.129	true	false	high
colle-elast-1xnsxgci0b78j-8180b06a6c06d9d4.elb.us-west-2.amazonaws.com	35.81.31.24	true	false	high
www.softwareprojects.com	172.66.40.147	true	false	high
gateway-prod-eu-central-1.production.braintree-api.com	35.156.167.229	true	false	high
scontent.xx.fbcdn.net	157.240.0.6	true	false	high
yomali.com	172.66.40.234	true	false	high
www.oneroguereporter.com	104.21.62.118	true	false	high
photos-ugc.l.googleusercontent.com	172.217.16.193	true	false	high
www.google.com	142.250.185.68	true	false	high
origin-analytics-prod.production.braintree-api.com	35.156.78.69	true	false	high
stats.glb.paypal.com	34.147.177.40	true	false	high
browser-intake-datadoghq.com	3.233.158.25	true	false	high
includes.ccdc02.com	198.217.251.238	true	false	high
mwebexplorerpro.com	188.114.97.3	true	false	high
business.newsbreak.com	52.42.49.72	true	false	high
paypal-dynamic-cdn.map.fastly.net	151.101.67.1	true	false	high
api-js.mixpanel.com	35.186.241.51	true	false	high
buygoods.com	172.66.40.234	true	false	high
trends.revcontent.com	52.209.42.67	true	false	high
dashboard.heatmap.com	18.245.86.64	true	false	high
visi-sharp.net	104.21.80.1	true	false	high
lhr.stats.paypal.com	34.147.177.40	true	false	high
static.doubleclick.net	142.250.185.102	true	false	high
ax-0001.ax-msedge.net	150.171.27.10	true	false	high
tracking.buygoods.com	172.66.40.141	true	false	high
youtube-ui.l.google.com	216.58.206.46	true	false	high
rr3.sn-t0aedn7l.googlevideo.com	74.125.174.168	true	false	unknown
googleads.g.doubleclick.net	142.250.185.194	true	false	high
play.google.com	142.250.185.238	true	false	high
devic-elast-1eoivwyi136bb-007d6743299a5175.elb.us-west-2.amazonaws.com	100.20.121.79	true	false	unknown
pay.buygoods.com	172.66.40.141	true	false	high
www.datadoghq-browser-agent.com	13.33.219.205	true	false	high
go.maxweb.com	172.66.40.143	true	false	high
td.doubleclick.net	172.217.16.194	true	false	high
songbird.cardinalcommerce.com	198.217.251.251	true	false	high
rr3.sn-a5mekn6k.googlevideo.com	173.194.8.232	true	false	high
ka-f.fontawesome.com	unknown	unknown	false	high
display.buygoods.com	unknown	unknown	false	high
ssl.kaptcha.com	unknown	unknown	false	high
rr3---sn-a5mekn6k.googlevideo.com	unknown	unknown	false	high
checkout.paypal.com	unknown	unknown	false	high
www.youtube.com	unknown	unknown	false	high
t.paypal.com	unknown	unknown	false	high
c6.paypal.com	unknown	unknown	false	high
b.stats.paypal.com	unknown	unknown	false	high
rr3---sn-t0aedn7l.googlevideo.com	unknown	unknown	false	high
www.buygoods.com	unknown	unknown	false	high
golink.fun	unknown	unknown	false	unknown
connect.facebook.net	unknown	unknown	false	high
js.braintreegateway.com	unknown	unknown	false	high
stun.kaptcha.com	unknown	unknown	false	high
payments.braintree-api.com	unknown	unknown	false	high
www.paypalobjects.com	unknown	unknown	false	high
yt3.ggpht.com	unknown	unknown	false	high
www.paypal.com	unknown	unknown	false	high
assets.braintreegateway.com	unknown	unknown	false	high
c.paypal.com	unknown	unknown	false	high
client-analytics.braintreegateway.com	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://cdn.buygoods.com/assets/checkout/img/trust-guard.png	false	Avira URL Cloud: safe	unknown
https://buygoods.com/secure/checkout/assets/js/places.js?v=2	false		high
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	false		high
https://yomali.com/	false	Avira URL Cloud: safe	unknown
https://www.paypalobjects.com/muse/muse.js	false		high
https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.35.0%2Capi%3Afetch%2Cenv%3Acheckout%2Cservice%3Abuygoods.com&dd-api-key=pub3a9917d7973cf90e0652b4e3d037fedd&dd-evp-origin-version=5.35.0&dd-evp-origin=browser&dd-request-id=972f92f1-8c88-45f7-a4d6-761e63d6fdb5&batch_time=1736456184285	false		high
https://visi-sharp.net/pixels/e71ec514527769916ab2b5748eef670b?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802&key=66taBl5rn79UTO5JGFaAqZivQP7PL3UU	false	Avira URL Cloud: safe	unknown
https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.35.0%2Capi%3Abeacon%2Cenv%3Acheckout%2Cservice%3Abuygoods.com&dd-api-key=pub3a9917d7973cf90e0652b4e3d037fedd&dd-evp-origin-version=5.35.0&dd-evp-origin=browser&dd-request-id=8bd23123-56c4-4d7b-bf6b-a0482b5449ce&batch_time=1736456183229	false		high
https://cdn.buygoods.com/productimages/6797/42/6_bo_les_1_g0pjc_p_g_resized333.png	false	Avira URL Cloud: safe	unknown
https://client-analytics.braintreegateway.com/8xnhgfcmq7d3k99b	false		high
https://lhr.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=f90ace7de996d798d0419f2ab4a0d6dd&t=1736456181.951&a=14	false		high
https://www.youtube.com/s/player/3ede36f2/player_ias.vflset/en_US/endscreen.js	false		high
https://js.braintreegateway.com/web/3.97.2/js/paypal-checkout.min.js	false		high
https://www.youtube.com/s/player/3ede36f2/www-embed-player.vflset/www-embed-player.js	false		high
https://display.buygoods.com/v1/terms?id=terms	false		high
https://checkout.paypal.com/web/3.97.2/html/dispatch-frame.min.html	false		high
https://www.google.com/js/th/bTS-krGMW8fDflzgOBqs4RfQ289v88xjeZzvxqf94UM.js	false		high
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	false		high
https://connect.facebook.net/signals/config/789222289013177?v=2.9.179&r=stable&domain=visi-sharp.net&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113	false		high
https://c.paypal.com/v1/r/d/b/p1	false		high
https://c.paypal.com/v1/r/d/b/p2	false		high
https://visi-sharp.net/images/most_popular_v2.png	false	Avira URL Cloud: safe	unknown
https://visi-sharp.net/images/male/40-60/t-4.jpg	false	Avira URL Cloud: safe	unknown
https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.35.0%2Capi%3Afetch%2Cenv%3Acheckout%2Cservice%3Abuygoods.com&dd-api-key=pub3a9917d7973cf90e0652b4e3d037fedd&dd-evp-origin-version=5.35.0&dd-evp-origin=browser&dd-request-id=dcb0b81b-40e2-4402-9f52-e546e08a365f&batch_time=1736456181858	false		high
https://pay.buygoods.com/lib/v1/js/vaultFrame.js?v=65	false	Avira URL Cloud: safe	unknown
http://yomali.com/	false	Avira URL Cloud: safe	unknown
https://buygoods.com/secure/checkout/assets/js/paypal-cs-conversion.js?v=7	false		high
https://js.braintreegateway.com/web/3.97.2/js/client.min.js	false		high
https://visi-sharp.net/images/USA.svg	false	Avira URL Cloud: safe	unknown
https://pay.buygoods.com/js/cleave.min.js	false	Avira URL Cloud: safe	unknown
https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	false		high
https://songbird.cardinalcommerce.com/cardinalcruise/v1/songbird.js	false		high
https://visi-sharp.net/images/male/40-60/t-0.jpg	false	Avira URL Cloud: safe	unknown
https://pay.buygoods.com/css/bootstrap.min.css	false	Avira URL Cloud: safe	unknown
https://browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A5.35.0%2Capi%3Abeacon%2Cenv%3Acheckout%2Cservice%3Abuygoods.com&dd-api-key=pub3a9917d7973cf90e0652b4e3d037fedd&dd-evp-origin-version=5.35.0&dd-evp-origin=browser&dd-request-id=b49314ba-8841-4a4d-92f7-d85785c952ad	false		high
https://pay.buygoods.com/img/jcb.svg	false	Avira URL Cloud: safe	unknown
https://browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A5.35.0%2Capi%3Abeacon%2Cenv%3Acheckout%2Cservice%3Abuygoods.com&dd-api-key=pub3a9917d7973cf90e0652b4e3d037fedd&dd-evp-origin-version=5.35.0&dd-evp-origin=browser&dd-request-id=72d77647-ac73-44fc-8775-5626369f2951	false		high
https://visi-sharp.net/images/0.png	false	Avira URL Cloud: safe	unknown
https://cdn.buygoods.com/assets/checkout/img/visa-cvv.jpg	false	Avira URL Cloud: safe	unknown
https://visi-sharp.net/images/app/buygoods.png	false	Avira URL Cloud: safe	unknown
https://visi-sharp.net/images/female/40-60/t-1.jpg	false	Avira URL Cloud: safe	unknown
https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.35.0%2Capi%3Abeacon%2Cenv%3Acheckout%2Cservice%3Abuygoods.com&dd-api-key=pub3a9917d7973cf90e0652b4e3d037fedd&dd-evp-origin-version=5.35.0&dd-evp-origin=browser&dd-request-id=3687b13f-d10d-4c32-9627-8ae9a890df10&batch_time=1736456184409	false		high
https://buygoods.com/secure/checkout/assets/js/dictionary.js?v=29	false		high
https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.35.0%2Capi%3Abeacon%2Cenv%3Acheckout%2Cservice%3Abuygoods.com&dd-api-key=pub3a9917d7973cf90e0652b4e3d037fedd&dd-evp-origin-version=5.35.0&dd-evp-origin=browser&dd-request-id=de12fdb2-faaa-46c8-88ed-ee87dd0b3bbe&batch_time=1736456185170	false		high
https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.35.0%2Capi%3Abeacon%2Cenv%3Acheckout%2Cservice%3Abuygoods.com&dd-api-key=pub3a9917d7973cf90e0652b4e3d037fedd&dd-evp-origin-version=5.35.0&dd-evp-origin=browser&dd-request-id=b39c9596-9e71-4298-853a-e44cf9ffb62c&batch_time=1736456184548	false		high
https://tracking.buygoods.com/track/?a=6797&firstcookie=0&tracking_redirect=&referrer=https%3A%2F%2Fvisi-sharp.net%2F&sessid2=sessid2025010920547110&product=prod11&is_checkout=1&caller_url=https%3A%2F%2Fbuygoods.com%2Fsecure%2Fcheckout.html%3Fsessid2%3Dsessid2025010920547110%26aff_id%3D326%26sid%3D8802%26sid2%3D6812_sessid20250109205426977%26account_id%3D6797%26product_codename%3Dprod11%26redirect%3DaHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%253D%26lang%3Den%26subid5%3D%2524device%253A1944cd9204625e5-00b6992a5f1275-26031e51-140000-1944cd9204625e5	false		high
https://dashboard.heatmap.com/conversions.php?siteId=567&dataLayer=populate	false		high
https://pay.buygoods.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	false	Avira URL Cloud: safe	unknown
https://www.paypal.com/targeting/graphql?disableSetCookie=true	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://stats.g.doubleclick.net/g/collect	chromecache_406.1.dr, chromecache_412.1.dr, chromecache_288.1.dr, chromecache_538.1.dr	false		high
https://redux.js.org/tutorials/fundamentals/part-4-store#creating-a-store-with-enhancers	chromecache_329.1.dr	false		high
https://www.google.com/url?q=https://developers.google.com/analytics/devguides/collection/analyticsj	chromecache_481.1.dr	false		high
http://g.co/dev/maps-no-account	chromecache_345.1.dr, chromecache_532.1.dr	false		high
https://cdn.yomali.com/assets/img/500x600/partnerlogos.png	chromecache_514.1.dr	false	Avira URL Cloud: safe	unknown
https://www.google.com/url?q=https://aws.amazon.com/privacy/&sa=D&ust=1585933040239000	chromecache_481.1.dr	false		high
https://sci-hub.se/10.1016/j.biopha.2018.08.031	chromecache_481.1.dr	false		high
https://ampcid.google.com/v1/publisher:getClientId	chromecache_583.1.dr	false		high
https://cdn.buygoods.com/buygoods/checkout/8117/header-desktop-es.png	chromecache_441.1.dr, chromecache_393.1.dr	false	Avira URL Cloud: safe	unknown
https://www.youtube.com	chromecache_575.1.dr	false		high
https://fontawesome.com	chromecache_450.1.dr	false		high
https://cdn.buygoods.com/buygoods/checkout/9103/pd-form-banner.jpeg	chromecache_441.1.dr, chromecache_393.1.dr	false	Avira URL Cloud: safe	unknown
https://github.com/twbs/bootstrap/graphs/contributors)	chromecache_320.1.dr, chromecache_455.1.dr	false		high
https://admin.youtube.com	chromecache_329.1.dr	false		high
https://goo.gle/js-api-loading	chromecache_345.1.dr, chromecache_532.1.dr	false		high
https://redux.js.org/tutorials/fundamentals/part-4-store#middleware	chromecache_329.1.dr	false		high
https://support.google.com/maps/answer/3092445	chromecache_316.1.dr	false		high
https://www.google.com/url?q=https://aws.amazon.com/privacy/&sa=D&ust=1585933040240000	chromecache_481.1.dr	false		high
https://stats.g.doubleclick.net/j/collect	chromecache_583.1.dr	false		high
https://developers.google.com/maps/documentation/javascript/styling#cloud_tooling	chromecache_532.1.dr	false		high
https://yurt.corp.google.com	chromecache_329.1.dr	false		high
https://support.google.com/fusiontables/answer/9185417).	chromecache_345.1.dr, chromecache_532.1.dr	false		high
https://developers.google.com/maps/deprecations	chromecache_345.1.dr, chromecache_532.1.dr	false		high
https://cdn.buygoods.com/assets/checkout/img/badge-365-day.png	chromecache_441.1.dr, chromecache_393.1.dr	false	Avira URL Cloud: safe	unknown
https://cdn.buygoods.com/buygoods/checkout/9410/ps-Desktop-Header-2.jpg	chromecache_441.1.dr, chromecache_393.1.dr	false	Avira URL Cloud: safe	unknown
https://visi-sharp.net/form/affiliates	chromecache_481.1.dr	false	Avira URL Cloud: safe	unknown
https://cdn.yomali.com/assets/img/200x100/img12.png	chromecache_514.1.dr	false	Avira URL Cloud: safe	unknown
https://cdn.buygoods.com/buygoods/checkout/7533/sc-desktop-header.png	chromecache_441.1.dr, chromecache_393.1.dr	false	Avira URL Cloud: safe	unknown
https://cdn.yomali.com/assets/img/200x100/img7.png	chromecache_514.1.dr	false	Avira URL Cloud: safe	unknown
https://connect.facebook.net/	chromecache_367.1.dr	false		high
https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js	chromecache_514.1.dr	false		high
https://cdn.yomali.com/assets/img/200x100/img3.png	chromecache_514.1.dr	false	Avira URL Cloud: safe	unknown
http://tools.ietf.org/html/rfc1950	chromecache_389.1.dr, chromecache_521.1.dr, chromecache_329.1.dr	false		high
https://developers.google.com/maps/documentation/javascript/versions#beta-channel	chromecache_316.1.dr	false		high
https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7941169/	chromecache_481.1.dr	false		high
https://cdn.buygoods.com/buygoods/checkout/8117/fs-6-Bottle-With-Guaranteee-Recovered.jpg	chromecache_441.1.dr, chromecache_393.1.dr	false	Avira URL Cloud: safe	unknown
https://code.google.com/p/crypto-js/issues/detail?id=84	chromecache_595.1.dr, chromecache_473.1.dr	false		high
https://developers.google.com/maps/documentation/javascript/advanced-markers/migration	chromecache_345.1.dr, chromecache_532.1.dr	false		high
https://www.google.com/url?q=https://www.hotjar.com/legal/policies/privacy&sa=D&ust=15859330	chromecache_481.1.dr	false		high
https://cdn.buygoods.com/buygoods/checkout/9348/nb-OTP-banner.png	chromecache_441.1.dr, chromecache_393.1.dr	false	Avira URL Cloud: safe	unknown
https://cdn.buygoods.com/assets/checkout/img/badge-30-day.png	chromecache_441.1.dr, chromecache_393.1.dr	false	Avira URL Cloud: safe	unknown
https://display.buygoods.com/v1/terms?id=terms&lang=de	chromecache_441.1.dr, chromecache_393.1.dr	false		high
https://ka-f.fontawesome.com	chromecache_561.1.dr, chromecache_373.1.dr	false		high
https://sketch.com	chromecache_560.1.dr, chromecache_350.1.dr, chromecache_552.1.dr, chromecache_540.1.dr	false		high
https://developers.google.com/maps/documentation/javascript/error-messages#unsupported-browsers	chromecache_532.1.dr	false		high
https://tracking.buygoods.com/track/?a=6797&firstcookie=0	chromecache_481.1.dr	false		high
https://angular.dev/license	chromecache_329.1.dr	false		high
https://developers.google.com/youtube/iframe_api_reference#Events	chromecache_575.1.dr	false		high
https://cdn.buygoods.com/assets/checkout/img/badge-90-day.png	chromecache_441.1.dr, chromecache_393.1.dr	false	Avira URL Cloud: safe	unknown
https://www.cera.org.au/research/uveitis-research/	chromecache_481.1.dr	false	Avira URL Cloud: safe	unknown
http://youtube.com/streaming/metadata/segment/102015	chromecache_329.1.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
18.245.86.64	dashboard.heatmap.com	United States	16509	AMAZON-02US	false
35.186.241.51	api-js.mixpanel.com	United States	15169	GOOGLEUS	false
74.125.174.168	rr3.sn-t0aedn7l.googlevideo.com	United States	15169	GOOGLEUS	false
3.233.158.25	browser-intake-datadoghq.com	United States	14618	AMAZON-AESUS	false
142.250.185.102	static.doubleclick.net	United States	15169	GOOGLEUS	false
198.217.251.238	includes.ccdc02.com	United States	13335	CLOUDFLARENETUS	false
142.250.185.100	unknown	United States	15169	GOOGLEUS	false
52.42.49.72	business.newsbreak.com	United States	16509	AMAZON-02US	false
104.21.80.1	visi-sharp.net	United States	13335	CLOUDFLARENETUS	false
198.217.251.239	unknown	United States	13335	CLOUDFLARENETUS	false
104.16.80.73	unknown	United States	13335	CLOUDFLARENETUS	false
172.66.40.147	www.softwareprojects.com	United States	13335	CLOUDFLARENETUS	false
151.101.65.35	dualstack.paypal-dynamic-2.map.fastly.net	United States	54113	FASTLYUS	false
142.250.185.142	unknown	United States	15169	GOOGLEUS	false
172.66.40.143	go.maxweb.com	United States	13335	CLOUDFLARENETUS	false
172.66.40.141	cdn.buygoods.com	United States	13335	CLOUDFLARENETUS	false
34.147.177.40	stats.glb.paypal.com	United States	2686	ATGS-MMD-ASUS	false
34.107.218.251	dev.visualwebsiteoptimizer.com	United States	15169	GOOGLEUS	false
151.101.193.21	unknown	United States	54113	FASTLYUS	false
142.250.185.68	www.google.com	United States	15169	GOOGLEUS	false
142.250.186.36	unknown	United States	15169	GOOGLEUS	false
104.21.32.1	unknown	United States	13335	CLOUDFLARENETUS	false
18.245.86.96	unknown	United States	16509	AMAZON-02US	false
216.58.206.86	i.ytimg.com	United States	15169	GOOGLEUS	false
198.217.251.251	songbird.cardinalcommerce.com	United States	13335	CLOUDFLARENETUS	false
172.66.40.234	buygoodslb.clickcrm.com	United States	13335	CLOUDFLARENETUS	false
173.194.8.232	rr3.sn-a5mekn6k.googlevideo.com	United States	15169	GOOGLEUS	false
151.101.129.21	unknown	United States	54113	FASTLYUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
188.114.97.3	mwebexplorerpro.com	European Union	13335	CLOUDFLARENETUS	false
151.101.131.1	unknown	United States	54113	FASTLYUS	false
142.250.185.194	googleads.g.doubleclick.net	United States	15169	GOOGLEUS	false
151.101.67.1	paypal-dynamic-cdn.map.fastly.net	United States	54113	FASTLYUS	false
35.156.167.229	gateway-prod-eu-central-1.production.braintree-api.com	United States	16509	AMAZON-02US	false
172.217.16.194	td.doubleclick.net	United States	15169	GOOGLEUS	false
172.217.16.193	photos-ugc.l.googleusercontent.com	United States	15169	GOOGLEUS	false
142.250.185.129	unknown	United States	15169	GOOGLEUS	false
151.101.193.35	unknown	United States	54113	FASTLYUS	false
142.250.186.174	unknown	United States	15169	GOOGLEUS	false
157.240.0.6	scontent.xx.fbcdn.net	United States	32934	FACEBOOKUS	false
142.250.74.194	unknown	United States	15169	GOOGLEUS	false
216.58.212.130	unknown	United States	15169	GOOGLEUS	false
104.16.79.73	static.cloudflareinsights.com	United States	13335	CLOUDFLARENETUS	false
52.209.42.67	trends.revcontent.com	United States	16509	AMAZON-02US	false
74.125.250.129	stun1.l.google.com	United States	15169	GOOGLEUS	false
35.156.78.69	origin-analytics-prod.production.braintree-api.com	United States	16509	AMAZON-02US	false
216.58.212.132	unknown	United States	15169	GOOGLEUS	false
18.158.52.92	unknown	United States	16509	AMAZON-02US	false
104.21.62.118	www.oneroguereporter.com	United States	13335	CLOUDFLARENETUS	false
151.101.1.21	paypal-dynamic.map.fastly.net	United States	54113	FASTLYUS	false
35.81.31.24	colle-elast-1xnsxgci0b78j-8180b06a6c06d9d4.elb.us-west-2.amazonaws.com	United States	237	MERIT-AS-14US	false
151.101.195.1	unknown	United States	54113	FASTLYUS	false
151.101.2.133	paypal.map.fastly.net	United States	54113	FASTLYUS	false
142.250.185.130	unknown	United States	15169	GOOGLEUS	false
13.33.219.205	www.datadoghq-browser-agent.com	United States	16509	AMAZON-02US	false
54.148.115.137	unknown	United States	16509	AMAZON-02US	false
151.101.65.21	unknown	United States	54113	FASTLYUS	false

Private

IP
192.168.2.4
192.168.2.17

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1587042
Start date and time:	2025-01-09 21:54:06 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 5m 22s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	http://www.oneroguereporter.com/gks
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	23
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal52.phis.win@31/514@195/59
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, audiodg.exe, SIHClient.exe, SgrmBroker.exe, backgroundTaskHost.exe, conhost.exe, TextInputHost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.185.131, 142.250.185.238, 142.251.168.84, 172.217.16.206, 142.250.185.174, 142.250.181.238, 142.250.185.168, 172.217.18.27, 172.217.16.219, 216.58.206.91, 142.250.185.187, 142.250.185.91, 142.250.185.251, 142.250.185.123, 216.58.212.187, 172.217.18.123, 142.250.185.219, 142.250.186.59, 142.250.186.187, 142.250.185.155, 142.250.186.91, 142.250.186.155, 142.250.184.251, 142.250.186.170, 142.250.185.136, 142.250.181.251, 142.250.184.219, 142.250.74.219, 216.58.206.59, 216.58.212.155, 172.217.16.155, 142.250.185.163, 142.250.185.138, 142.250.184.202, 216.58.206.74, 142.250.185.74, 216.58.206.42, 142.250.185.106, 172.217.18.10, 142.250.185.202, 142.250.74.202, 142.250.186.138, 142.250.186.74, 142.250.185.234, 142.250.186.106, 142.250.181.234, 142.250.186.42, 216.58.206.46, 142.250.74.206, 192.229.221.95, 199.232.214.172, 142.250.185.195, 142.250.185.78, 172.217.18.106, 142.250.185.170, 172.217.16.202, 172.217.23.106, 216.58.212.138, 172.217.16.138, 216.58.206.78, 1
Excluded domains from analysis (whitelisted): www.googleadservices.com, storage.googleapis.com, ka-f.fontawesome.com.cdn.cloudflare.net, slscr.update.microsoft.com, clientservices.googleapis.com, maps.googleapis.com, clients2.google.com, ocsp.digicert.com, redirector.gvt1.com, login.live.com, www.googletagmanager.com, update.googleapis.com, bat.bing.com, www.google-analytics.com, www.bing.com, clients1.google.com, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, fonts.gstatic.com, ctldl.windowsupdate.com, jnn-pa.googleapis.com, fe3cr.delivery.mp.microsoft.com, edgedl.me.gvt1.com, evoke-windowsservices-tas.msedge.net, clients.l.google.com, maps.gstatic.com
HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: http://www.oneroguereporter.com/gks

Input	Output
URL: http://www.oneroguereporter.com Model: Joe Sandbox AI	{ "typosquatting": false, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": false, "brand_spoofing_attempt": false, "third_party_hosting": false }
URL: http://www.oneroguereporter.com
URL: https://visi-sharp.net/report?aff_id=326&subid2=68... Model: Joe Sandbox AI	{ "risk_score": 5, "reasoning": "The script exhibits moderate-risk behaviors, including external data transmission to a third-party domain 'tracking.buygoods.com' and the use of cookies. While the script appears to be related to e-commerce tracking and analytics, the lack of transparency around the data being sent and the use of a potentially unfamiliar domain warrant further review." }
var mysrc = 'https://tracking.buygoods.com/track/?a=6797&firstcookie=0' + '&tracking_redirect=&referrer=' + encodeURIComponent(document.referrer) + '&sessid2=' + ReadCookie('sessid2') + '&product=prod7,prod8,prod9,prod11&caller_url=' + encodeURIComponent(window.location.href); if (typeof add_to_cart !== 'undefined') { mysrc = mysrc + '&add_to_cart=' + add_to_cart; } var newScript = document.createElement('script'); newScript.type = 'text/javascript'; newScript.defer = true; newScript.src = mysrc; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(newScript, s); function ReadCookie(name) { name += '='; var parts = document.cookie.split(/;s*/); for (var i = 0; i < parts.length; i++) { var part = parts[i]; if (part.indexOf(name) == 0) { return part.substring(name.length); } } return ''; }
URL: https://visi-sharp.net/report?aff_id=326&subid2=68... Model: Joe Sandbox AI	{ "risk_score": 1, "reasoning": "The provided JavaScript snippet appears to be a simple initialization of an 'App' object with a 'start' property set to the current performance timestamp, and an 'offer_name' property set to 'VisiSharp'. This behavior does not exhibit any high-risk indicators and is likely part of a legitimate application or website. The code is straightforward and does not contain any suspicious or malicious activities." }
window.App = { start: performance.now() }; window.App.offer_name = 'VisiSharp';
URL: https://visi-sharp.net/report?aff_id=326&subid2=68... Model: Joe Sandbox AI	{ "risk_score": 6, "reasoning": "The script exhibits moderate-risk behaviors, including sending user data to an external domain and using obfuscated query strings. While the intent is not immediately clear, the use of obfuscation and the interaction with an unfamiliar domain raise some concerns that require further investigation." }
setTimeout(function () { let query = new URLSearchParams(window.location.search); let params = Object.fromEntries(query.entries()); params.key = '66taBl5rn79UTO5JGFaAqZivQP7PL3UU'; let queryString = new URLSearchParams(params).toString(); document.getElementById('pixele71ec514527769916ab2b5748eef670b').src = 'https://visi-sharp.net/pixels/e71ec514527769916ab2b5748eef670b?'+queryString; }, 0);
URL: https://visi-sharp.net/report?aff_id=326&subid2=68... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be loading a third-party script from a known domain ('dashboard.heatmap.com') to implement a heatmap and conversion tracking functionality. While the use of dynamic script loading and the presence of a hardcoded site ID could be considered moderate-risk indicators, the overall behavior is consistent with typical analytics and tracking practices. No clear signs of malicious intent or high-risk activities are present, so the risk score is assessed as low." }
function heatmapLoadConversionsSDK(url) { var script = document.createElement('script'); script.type = 'text/javascript'; script.src = url; script.async = false; document.head.appendChild(script); } setTimeout(() => { var heatHeatmapSiteId = 567; heatmapLoadConversionsSDK('https://dashboard.heatmap.com/conversions.js?siteId=567'); }, 500);
URL: https://visi-sharp.net/report?aff_id=326&subid2=68... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The provided JavaScript snippet appears to be a benign script that saves a 'clickID' parameter from the URL into a cookie. This behavior is common for tracking user interactions and does not demonstrate any high-risk indicators. The script uses standard web development practices and does not exhibit any malicious or suspicious behavior." }
//save the clickID parameter in a cookie called clickID var urlParams = new URLSearchParams(window.location.search); var clickID = urlParams.get('clickID'); if (clickID) { var d = new Date(); d.setTime(d.getTime() + (30 * 24 * 60 * 60 * 1000)); var expires = "expires=" + d.toUTCString(); document.cookie = "clickID=" + clickID + ";" + expires + ";path=/"; }
URL: https://visi-sharp.net/report?aff_id=326&subid2=68... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The provided JavaScript snippet appears to be a legitimate script that handles analytics and tracking functionality. It retrieves a distinct user ID from the Mixpanel library, appends it to the 'buy' links on the page, and ensures that there is only a single instance of the distinct ID and transaction ID parameters in the URL. This behavior is consistent with common analytics and tracking practices, and there are no clear indicators of malicious intent or high-risk activities." }
window.addEventListener('DOMContentLoaded', function () { let distinctId = window.App.mixpanel.get_distinct_id(); let urlParams = new URLSearchParams(window.location.search); let transactionId = urlParams.get('transaction_id'); let buyLinks = document.querySelectorAll('[data-buy-button]'); buyLinks.forEach(item => { //append distinct id to the buy link item.href = item.href + '&subid5=' + distinctId; if (transactionId) { item.href = item.href + '&vid1=' + transactionId; } //check if item.href contains multiple distinct_id params if (item.href.includes('&subid5')) { let url = new URL(item.href); let params = new URLSearchParams(url.search); let distinctIds = params.getAll('subid5'); if (distinctIds.length > 1) { let distinctId = distinctIds[0]; params.delete('subid5'); params.append('subid5', distinctId); item.href = item.href.split('?')[0] + '?' + params.toString(); } } if (item.href.includes('&vid1')) { let url = new URL(item.href); let params = new URLSearchParams(url.search); let transactionIds = params.getAll('vid1'); if (transactionIds.length > 1) { let transactionId = transactionIds[0]; params.delete('vid1'); params.append('vid1', transactionId); item.href = item.href.split('?')[0] + '?' + params.toString(); } } }) })
URL: https://pay.buygoods.com/vault/v1/formframe-checko... Model: Joe Sandbox AI	{ "risk_score": 8, "reasoning": "This script demonstrates several high-risk behaviors, including dynamic code execution, data exfiltration, and redirects to potentially malicious domains. The use of an iframe to load additional scripts and the obfuscated nature of the code further increase the risk. While the script may have a legitimate purpose, such as implementing a security challenge, the overall behavior is highly suspicious and indicative of a potential attack vector." }
(function(){function c(){var b=a.contentDocument\|\|a.contentWindow.document;if(b){var d=b.createElement('script');d.innerHTML="window.__CF$cv$params={r:'8ff755600b5243c9',t:'MTczNjQ1NjE4Mi4wMDAwMDA='};var a=document.createElement('script');a.nonce='';a.src='/cdn-cgi/challenge-platform/scripts/jsd/main.js';document.getElementsByTagName('head')[0].appendChild(a);";b.getElementsByTagName('head')[0].appendChild(d)}}if(document.body){var a=document.createElement('iframe');a.height=1;a.width=1;a.style.position='absolute';a.style.top=0;a.style.left=0;a.style.border='none';a.style.visibility='hidden';document.body.appendChild(a);if('loading'!==document.readyState)c();else if(window.addEventListener)document.addEventListener('DOMContentLoaded',c);else{var e=document.onreadystatechange\|\|function(){};document.onreadystatechange=function(b){e(b);'loading'!==document.readyState&&(document.onreadystatechange=e,c())}}}})();
URL: https://visi-sharp.net/report?aff_id=326&subid2=68... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "This script appears to be tracking the user's video watching behavior, which is a common practice for analytics and telemetry purposes. It is storing the current video time in localStorage and sending it to Mixpanel, a legitimate analytics platform, when the user navigates away from the page. While the script uses some basic techniques like localStorage and Mixpanel tracking, it does not exhibit any high-risk behaviors and seems to be within the expected scope of a video tracking implementation." }
window.addEventListener('beforeunload', function () { if (window.localStorage.getItem('videoCurrentTime')) { let properties = { 'Offer': 'VisiSharp', 'Page': 'report', 'Time watched': window.localStorage.getItem('videoCurrentTime'), }; let eventName = 'Report' + ' video watched'; window.App.mixpanel.track(eventName, properties); } });
URL: https://visi-sharp.net/cdn-cgi/scripts/5c5dd728/cl... Model: Joe Sandbox AI	{ "risk_score": 5, "reasoning": "The script appears to be a common email obfuscation technique, which is a moderate-risk indicator. It decodes email addresses embedded in the HTML and replaces them with obfuscated versions. While this is a common practice to protect email addresses from spam, the script also performs aggressive DOM manipulation, which is another moderate-risk indicator. Overall, the script exhibits some potentially concerning behaviors, but it does not appear to be inherently malicious." }
!function(){"use strict";function e(e){try{if("undefined"==typeof console)return;"error"in console?console.error(e):console.log(e)}catch(e){}}function t(e){return d.innerHTML='<a href="'+e.replace(/"/g,""")+'"></a>',d.childNodes[0].getAttribute("href")\|\|""}function r(e,t){var r=e.substr(t,2);return parseInt(r,16)}function n(n,c){for(var o="",a=r(n,c),i=c+2;i<n.length;i+=2){var l=r(n,i)^a;o+=String.fromCharCode(l)}try{o=decodeURIComponent(escape(o))}catch(u){e(u)}return t(o)}function c(t){for(var r=t.querySelectorAll("a"),c=0;c<r.length;c++)try{var o=r[c],a=o.href.indexOf(l);a>-1&&(o.href="mailto:"+n(o.href,a+l.length))}catch(i){e(i)}}function o(t){for(var r=t.querySelectorAll(u),c=0;c<r.length;c++)try{var o=r[c],a=o.parentNode,i=o.getAttribute(f);if(i){var l=n(i,0),d=document.createTextNode(l);a.replaceChild(d,o)}}catch(h){e(h)}}function a(t){for(var r=t.querySelectorAll("template"),n=0;n<r.length;n++)try{i(r[n].content)}catch(c){e(c)}}function i(t){try{c(t),o(t),a(t)}catch(r){e(r)}}var l="/cdn-cgi/l/email-protection#",u=".__cf_email__",f="data-cfemail",d=document.createElement("div");i(document),function(){var e=document.currentScript\|\|document.scripts[document.scripts.length-1];e.parentNode.removeChild(e)}()}();
URL: https://visi-sharp.net/report?aff_id=326&subid2=68... Model: Joe Sandbox AI	{ "risk_score": 4, "reasoning": "The script appears to be a Visual Website Optimizer (VWO) code snippet, which is a legitimate web optimization and A/B testing tool. However, it exhibits some moderate-risk behaviors, such as external data transmission to the VWO domain and aggressive DOM manipulation. Additionally, the script uses a legacy `XDomainRequest` API, which poses a minor risk. Overall, the script requires further review due to its unclear or overly aggressive behavior, but it does not appear to be inherently malicious." }
window._vwo_code \|\| (function() { var account_id=791563, version=2.1, settings_tolerance=2000, hide_element='body', hide_element_style = 'opacity:0 !important;filter:alpha(opacity=0) !important;background:none !important', /* DO NOT EDIT BELOW THIS LINE */ f=false,w=window,d=document,v=d.querySelector('#vwoCode'),cK='_vwo_'+account_id+'_settings',cc={};try{var c=JSON.parse(localStorage.getItem('_vwo_'+account_id+'_config'));cc=c&&typeof c==='object'?c:{}}catch(e){}var stT=cc.stT==='session'?w.sessionStorage:w.localStorage;code={use_existing_jquery:function(){return typeof use_existing_jquery!=='undefined'?use_existing_jquery:undefined},library_tolerance:function(){return typeof library_tolerance!=='undefined'?library_tolerance:undefined},settings_tolerance:function(){return cc.sT\|\|settings_tolerance},hide_element_style:function(){return'{'+(cc.hES\|\|hide_element_style)+'}'},hide_element:function(){if(performance.getEntriesByName('first-contentful-paint')[0]){return''}return typeof cc.hE==='string'?cc.hE:hide_element},getVersion:function(){return version},finish:function(e){if(!f){f=true;var t=d.getElementById('_vis_opt_path_hides');if(t)t.parentNode.removeChild(t);if(e)(new Image).src='https://dev.visualwebsiteoptimizer.com/ee.gif?a='+account_id+e}},finished:function(){return f},addScript:function(e){var t=d.createElement('script');t.type='text/javascript';if(e.src){t.src=e.src}else{t.text=e.text}d.getElementsByTagName('head')[0].appendChild(t)},load:function(e,t){var i=this.getSettings(),n=d.createElement('script'),r=this;t=t\|\|{};if(i){n.textContent=i;d.getElementsByTagName('head')[0].appendChild(n);if(!w.VWO\|\|VWO.caE){stT.removeItem(cK);r.load(e)}}else{var o=new XMLHttpRequest;o.open('GET',e,true);o.withCredentials=!t.dSC;o.responseType=t.responseType\|\|'text';o.onload=function(){if(t.onloadCb){return t.onloadCb(o,e)}if(o.status===200){_vwo_code.addScript({text:o.responseText})}else{_vwo_code.finish('&e=loading_failure:'+e)}};o.onerror=function(){if(t.onerrorCb){return t.onerrorCb(e)}_vwo_code.finish('&e=loading_failure:'+e)};o.send()}},getSettings:function(){try{var e=stT.getItem(cK);if(!e){return}e=JSON.parse(e);if(Date.now()>e.e){stT.removeItem(cK);return}return e.s}catch(e){return}},init:function(){if(d.URL.indexOf('__vwo_disable__')>-1)return;var e=this.settings_tolerance();w._vwo_settings_timer=setTimeout(function(){_vwo_code.finish();stT.removeItem(cK)},e);var t;if(this.hide_element()!=='body'){t=d.createElement('style');var i=this.hide_element(),n=i?i+this.hide_element_style():'',r=d.getElementsByTagName('head')[0];t.setAttribute('id','_vis_opt_path_hides');v&&t.setAttribute('nonce',v.nonce);t.setAttribute('type','text/css');if(t.styleSheet)t.styleSheet.cssText=n;else t.appendChild(d.createTextNode(n));r.appendChild(t)}else{t=d.getElementsByTagName('head')[0];var n=d.createElement('div');n.style.cssText='z-index: 2147483647 !important;position: fixed !important;left: 0 !important;top: 0 !important;width: 100% !important;height: 100% !important;background: white !important;';n.setAttribute('id','_vis_opt_path_hides');n.classList.add('_vis_hide_layer');t.parentNode.insertBefore(n,t.nextSibling)}var o='https://dev.visualwebsiteoptimizer.com/j.php?a='+account_id+'&u='+encodeURIComponent(d.URL)+'&vn='+version;if(w.location.search.indexOf('_vwo_xhr')!==-1){this.addScript({src:o})}else{this.load(o+'&x=true')}}};w._vwo_code=code;code.init();})();
URL: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Ivy League Scientist Reveals The Secret To Make Your Eyes Repair Themselves And See 20/20 Again", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": true, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }
URL: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Ivy League Scientist Reveals The Secret To Make Your Eyes Repair Themselves And See 20/20 Again", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": true, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Prefer To Read? Click Here", "prominent_button_name": "Prefer To Read? Click Here", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }
URL: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }
URL: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Prefer To Read? Click Here", "prominent_button_name": "Prefer To Read? Click Here", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Model: Joe Sandbox AI	{ "brands": [ "NCBI", "Mathematical & Computational Ophthalmology", "Centre for Eye Research Australia" ] }

URL: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Ivy League Scientist Reveals The Secret To Make Your Eyes Repair Themselves And See 20/20 Again", "prominent_button_name": "CLICK TO PLAY SOUND", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": true, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Model: Joe Sandbox AI	{ "brands": [ "NCBI", "ResearchGate", "Mathematical & Computational Ophthalmology", "Centre for Eye Research Australia", "American Journal of Physiology - Renal Physiology" ] }

URL: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }
URL: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Ivy League Scientist Reveals The Secret To Make Your Eyes Repair Themselves And See 20/20 Again", "prominent_button_name": "YES! I WANT AN ADDITIONAL 10% OFF AND EXPRESS FREE SHIPPING", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": true, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Model: Joe Sandbox AI	{ "brands": [ "Ivy League Scientist", "Visisharp" ] }
	{ "brands": [ "Ivy League Scientist", "Visisharp" ] }
URL: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944c Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Buy Now", "text_input_field_labels": [ "Your Full Name", "Phone", "Email address", "Your billing address", "Zip Code", "City" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944c Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "VisiSharp - 6 Bottles (10% off)", "prominent_button_name": "Buy Now", "text_input_field_labels": [ "Your Full Name", "Phone", "Email address", "Your billing address", "Zip Code", "City" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944c Model: Joe Sandbox AI	{ "brands": [ "Buygoods" ] }
	{ "brands": [ "Buygoods" ] }
URL: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944c Model: Joe Sandbox AI	{ "brands": [ "Visisharp" ] }
	{ "brands": [ "Visisharp" ] }
URL: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944c Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "VisiSharp - 6 Bottles (10% off)", "prominent_button_name": "Buy Now", "text_input_field_labels": [ "Your Full Name", "Phone", "Email address", "Your billing address", "Zip Code", "City", "Credit Card Number", "Expiry Date (MM/YYYY)", "Security Code" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944c Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "VisiSharp - 6 Bottles (10% off)", "prominent_button_name": "Buy Now", "text_input_field_labels": [ "Your Full Name", "Phone", "Email address", "Your billing address", "Zip Code", "City", "Credit Card Number", "Expiry Date (MM/YYYY)", "Security Code" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944c Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "VisiSharp - 6 Bottles (10% off)", "prominent_button_name": "Buy Now", "text_input_field_labels": [ "Your Full Name", "Phone", "Email address", "Your billing address", "Zip Code", "City", "Credit Card Number", "Expiry Date (MM/YYYY)", "Security Code" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944c Model: Joe Sandbox AI	{ "brands": [ "Visisharp" ] }
	{ "brands": [ "Visisharp" ] }
URL: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944c Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "VisiSharp - 6 Bottles (10% off)", "prominent_button_name": "Buy Now", "text_input_field_labels": [ "Your Full Name", "Phone", "Email address", "Your billing address", "Zip Code", "City", "Credit Card Number", "Expiry Date (MM/YYYY)", "Security Code" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944c Model: Joe Sandbox AI	{ "brands": [ "Visisharp" ] }
	{ "brands": [ "Visisharp" ] }
URL: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944c Model: Joe Sandbox AI	{ "brands": [ "Visisharp" ] }
	{ "brands": [ "Visisharp" ] }
URL: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944c Model: Joe Sandbox AI	{ "brands": [ "VisiSharp" ] }
	{ "brands": [ "VisiSharp" ] }
URL: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944c Model: Joe Sandbox AI	```json{ "legit_domain": "unknown", "classification": "unknown", "reasons": [ "The brand 'Visisharp' is not widely recognized or associated with a well-known domain.", "The URL 'buygoods.com' does not directly relate to the brand 'Visisharp'.", "The domain 'buygoods.com' is generic and could be used for various purposes, making it difficult to associate with a specific brand.", "The presence of sensitive input fields such as 'Credit Card Number' and 'Security Code' raises concerns about potential phishing, especially if the brand is not well-known.", "No clear association between 'Visisharp' and 'buygoods.com' could be established." ], "riskscore": 7}
URL: buygoods.com Brands: Visisharp Input Fields: Your Full Name, Phone, Email address, Your billing address, Zip Code, City, Credit Card Number, Expiry Date (MM/YYYY), Security Code
URL: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944c Model: Joe Sandbox AI	```json{ "legit_domain": "unknown", "classification": "unknown", "reasons": [ "The brand 'Visisharp' is not widely recognized or associated with a well-known domain.", "The URL 'buygoods.com' does not directly match any well-known brand or the provided brand 'Visisharp'.", "The domain 'buygoods.com' is generic and could be used for various purposes, making it difficult to associate with a specific brand.", "The presence of sensitive input fields such as 'Credit Card Number' and 'Security Code' raises concerns about potential phishing, especially if the brand is not well-known.", "Without a clear association between the brand and a legitimate domain, the risk of phishing is higher." ], "riskscore": 7}
URL: buygoods.com Brands: Visisharp Input Fields: Your Full Name, Phone, Email address, Your billing address, Zip Code, City, Credit Card Number, Expiry Date (MM/YYYY), Security Code
URL: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944c Model: Joe Sandbox AI	```json{ "legit_domain": "unknown", "classification": "unknown", "reasons": [ "The brand 'VisiSharp' is not widely recognized or associated with a well-known domain.", "The URL 'buygoods.com' does not directly match any well-known brand associated with 'VisiSharp'.", "The domain 'buygoods.com' is generic and could be used for various purposes, making it difficult to associate with a specific brand.", "The presence of sensitive input fields such as 'Credit Card Number' and 'Security Code' raises suspicion, especially if the brand is not well-known.", "There is no clear indication that 'buygoods.com' is the legitimate domain for 'VisiSharp'." ], "riskscore": 7}
URL: buygoods.com Brands: VisiSharp Input Fields: Your Full Name, Phone, Email address, Your billing address, Zip Code, City, Credit Card Number, Expiry Date (MM/YYYY), Security Code
URL: https://buygoods.com/secure/checkout.html?sessid2=sessid2025010920547110&aff_id=326&sid=8802&sid2=6812_sessid20250109205426977&account_id=6797&product_codename=prod11&redirect=aHR0cHM6Ly92aXNpLXNoYXJwLm5ldC91cGdyYWRlLTE%3D&lang=en&subid5=%24device%3A1944c Model: Joe Sandbox AI	```json{ "legit_domain": "unknown", "classification": "unknown", "reasons": [ "The brand 'Visisharp' is not widely recognized or associated with a well-known domain.", "The URL 'buygoods.com' does not directly match any known domain associated with 'Visisharp'.", "The domain 'buygoods.com' is generic and could be used for various purposes, making it difficult to associate with a specific brand.", "The presence of sensitive input fields such as 'Credit Card Number' and 'Security Code' raises suspicion, especially if the brand is not well-known.", "There is no clear indication that 'buygoods.com' is a legitimate site for 'Visisharp'." ], "riskscore": 7}
URL: buygoods.com Brands: Visisharp Input Fields: Your Full Name, Phone, Email address, Your billing address, Zip Code, City, Credit Card Number, Expiry Date (MM/YYYY), Security Code

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 9 19:54:37 2025, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.995672247876004
Encrypted:	false
SSDEEP:	48:8qgdp4TIQ78FHMidAKZdA1JehwiZUklqehwy+3:8qtEELy
MD5:	C23B6C3A0A06B6E85B65CCAC11858994
SHA1:	83EA8C55BD1A745EA9A606FA07E761672F6A987D
SHA-256:	FF9A893AADBDA2F4D602CA35E54F0E91ABEBEBE8061243583972185E7E34D3BA
SHA-512:	95688AD8F8C06AA06675530B38376CC562D1195FF7108B90848DF05A9778E4CE589199C4729BE291235745721EF60AAD0A341DCA21D637842DB02631E44B1CA7
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....h..b......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I)Z.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V)Z.....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V)Z.....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V)Z............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V)Z............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........n..R.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Timestamp	Bytes transferred	Direction	Data
Jan 9, 2025 21:56:20.929658890 CET	263	OUT	GET / HTTP/1.1 Host: yomali.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 9, 2025 21:56:21.407275915 CET	829	IN	HTTP/1.1 301 Moved Permanently Date: Thu, 09 Jan 2025 20:56:21 GMT Content-Length: 0 Connection: keep-alive location: https://yomali.com/ Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 984 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YB5d5ptLOakmwl3Wf%2FICqGhyvSYzgVOZ5XXdiPSNeYoFr7v9RyyRXqnO%2BiW6ipAGm4SrCWhHcbyjXY9%2BJEgRYaGelHlU%2BhjYtsyQGs1NRLQWeQI3g3C9mCooc1ka"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 8ff7555d490c8ca5-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1791&min_rtt=1791&rtt_var=895&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=263&delivery_rate=0&cwnd=235&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:38 UTC	670	OUT	GET /gks HTTP/1.1 Host: www.oneroguereporter.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-09 20:54:38 UTC	961	IN	HTTP/1.1 302 Moved Temporarily Date: Thu, 09 Jan 2025 20:54:38 GMT Content-Type: text/html Content-Length: 143 Connection: close Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Thu, 01 Jan 1970 00:00:01 GMT Location: https://mwebexplorerpro.com/6812/8802/2/? Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=42X%2BMNv0loYhBn5yoRH2k8rFM0ao%2BC8b9Rs7ncs9%2BA4b0YgMLvXuYasGo3Fy1d3iNY4dq3QOEBG%2BHVNM8z3cYpQyO3zWY7LfWpbVkxJAcO5q3dVpPyoNjpVN0O6LpP0QYdWmzGkRJ2ZXeXo%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff752d8090d42e4-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1597&min_rtt=1588&rtt_var=602&sent=3&recv=6&lost=0&retrans=0&sent_bytes=2850&recv_bytes=1248&delivery_rate=1838790&cwnd=228&unsent_bytes=0&cid=fd9e46efe74556bc&ts=145&x=0"
2025-01-09 20:54:38 UTC	143	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>cloudflare</center></body></html>

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:39 UTC	675	OUT	GET /6812/8802/2/? HTTP/1.1 Host: mwebexplorerpro.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-09 20:54:39 UTC	884	IN	HTTP/1.1 302 Found Date: Thu, 09 Jan 2025 20:54:39 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close cache-control: max-age=3600 cache-control: private pragma: no-cache location: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid2025010920545836&subid=8802 expires: Thu, 09 Jan 2025 21:54:39 GMT access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-server: WEB_6 strict-transport-security: max-age=31536000; CF-Cache-Status: DYNAMIC Set-Cookie: __cflb=02DiuDvnJbjKdBkxKLVBqBrQP8wYzWkbVKEE9vgjXsHRe; SameSite=Lax; path=/; expires=Fri, 10-Jan-25 19:54:39 GMT; HttpOnly Server: cloudflare CF-RAY: 8ff752e06d4a15c3-EWR
2025-01-09 20:54:39 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:41 UTC	670	OUT	GET /gks HTTP/1.1 Host: www.oneroguereporter.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-09 20:54:41 UTC	959	IN	HTTP/1.1 302 Moved Temporarily Date: Thu, 09 Jan 2025 20:54:41 GMT Content-Type: text/html Content-Length: 143 Connection: close Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Thu, 01 Jan 1970 00:00:01 GMT Location: https://mwebexplorerpro.com/6812/8802/2/? Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tjY8gsfhRvOhB0wdfcnywH4hPyMdI4K715JllSBTjrynl%2F2sijQUwB15Vmmp%2FvxZwu4IP7e2zhsfTWfgnexLcSs3axVPpQRCPNsH6%2FlqLSLWC7UFGVjGcbCrtrYGcZchhh7UIH0bF07kgWU%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff752eaca024373-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1706&min_rtt=1696&rtt_var=657&sent=3&recv=6&lost=0&retrans=0&sent_bytes=2851&recv_bytes=1248&delivery_rate=1639528&cwnd=238&unsent_bytes=0&cid=1e1ac5df3e6980b0&ts=143&x=0"
2025-01-09 20:54:41 UTC	143	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>cloudflare</center></body></html>

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:42 UTC	737	OUT	GET /6812/8802/2/? HTTP/1.1 Host: mwebexplorerpro.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __cflb=02DiuDvnJbjKdBkxKLVBqBrQP8wYzWkbVKEE9vgjXsHRe
2025-01-09 20:54:42 UTC	750	IN	HTTP/1.1 302 Found Date: Thu, 09 Jan 2025 20:54:42 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close cache-control: max-age=3600 cache-control: private pragma: no-cache location: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 expires: Thu, 09 Jan 2025 21:54:42 GMT access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-server: WEB_6 strict-transport-security: max-age=31536000; CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 8ff752f17e8742c6-EWR
2025-01-09 20:54:42 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:42 UTC	721	OUT	GET /report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 HTTP/1.1 Host: visi-sharp.net Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-09 20:54:42 UTC	1063	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:42 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Cache-Control: no-cache, private Set-Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; expires=Sun, 19-Jan-2025 20:54:42 GMT; Max-Age=864000; path=/; samesite=lax Set-Cookie: _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; expires=Sun, 19-Jan-2025 20:54:42 GMT; Max-Age=864000; path=/; httponly; samesite=lax
2025-01-09 20:54:42 UTC	1506	IN	Data Raw: 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 72 65 66 65 72 72 65 72 3d 65 79 4a 70 64 69 49 36 49 6b 55 30 62 55 39 36 4d 58 5a 5a 52 6d 74 6e 62 56 46 79 61 58 5a 4a 52 32 4a 34 52 33 63 39 50 53 49 73 49 6e 5a 68 62 48 56 6c 49 6a 6f 69 62 46 42 35 57 46 42 70 57 58 68 46 65 57 68 6f 61 6e 6f 31 65 6b 39 42 64 6d 39 52 4f 45 31 36 62 32 39 6c 59 54 41 7a 51 54 52 78 4e 44 6c 44 55 45 68 70 65 45 63 32 62 48 51 77 59 6c 68 6a 65 44 52 43 53 6c 42 51 65 57 31 79 65 44 6b 34 52 6a 6b 30 55 33 68 6e 62 46 6c 77 65 6d 6f 76 53 6d 64 42 65 47 67 79 62 45 52 52 5a 54 68 71 56 48 63 39 50 53 49 73 49 6d 31 68 59 79 49 36 49 6d 55 32 4e 6d 49 7a 4d 54 59 31 59 7a 64 6a 4e 44 5a 6c 4d 6d 51 78 5a 6a 63 31 4d 6a 68 6b 5a 6a 49 35 4d 6a 59 34 4e 6a 4a 6c 5a 54 41 32 4d 6d Data Ascii: Set-Cookie: referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2Mm
2025-01-09 20:54:42 UTC	1261	IN	Data Raw: 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 70 69 78 65 6c 73 3d 65 79 4a 70 64 69 49 36 49 6c 42 76 63 55 63 76 5a 30 59 33 4f 48 42 6d 63 6b 30 30 56 47 68 69 52 6e 46 4c 51 6d 63 39 50 53 49 73 49 6e 5a 68 62 48 56 6c 49 6a 6f 69 64 48 5a 77 63 31 46 6b 54 43 39 4a 56 6d 31 4d 63 56 64 74 53 55 68 6d 4e 6b 6c 48 65 55 64 6d 55 30 4a 44 62 58 4e 6d 4e 6b 46 74 51 30 4a 43 5a 79 74 68 52 31 52 70 63 55 4a 46 4e 6d 46 57 4d 55 74 53 63 57 35 6e 61 32 35 51 53 32 52 35 4d 57 68 73 62 31 4d 79 63 46 42 56 52 31 70 53 62 55 59 7a 5a 55 4e 47 63 48 5a 74 65 6e 52 6c 4f 47 46 55 64 44 6b 76 55 47 52 49 56 33 45 76 61 7a 6b 72 53 7a 68 6d 54 58 5a 5a 54 53 39 50 52 45 64 44 61 45 64 49 63 57 64 7a 55 45 4e 44 53 6c 46 43 4e 6c 4e 57 4f 45 35 6b 4e 55 30 33 51 31 4a 49 Data Ascii: Set-Cookie: pixels=eyJpdiI6IlBvcUcvZ0Y3OHBmck00VGhiRnFLQmc9PSIsInZhbHVlIjoidHZwc1FkTC9JVm1McVdtSUhmNklHeUdmU0JDbXNmNkFtQ0JCZythR1RpcUJFNmFWMUtScW5na25QS2R5MWhsb1MycFBVR1pSbUYzZUNGcHZtenRlOGFUdDkvUGRIV3EvazkrSzhmTXZZTS9PREdDaEdIcWdzUENDSlFCNlNWOE5kNU03Q1JI
2025-01-09 20:54:42 UTC	1369	IN	Data Raw: 37 66 66 61 0d 0a 3c 21 2d 2d 20 68 65 61 74 6d 61 70 2e 63 6f 6d 20 73 6e 69 70 70 65 74 20 2d 2d 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 68 65 61 74 6d 61 70 4c 6f 61 64 43 6f 6e 76 65 72 73 69 6f 6e 73 53 44 4b 28 75 72 6c 29 20 7b 0a 20 20 20 20 20 20 20 20 76 61 72 20 73 63 72 69 70 74 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 73 63 72 69 70 74 27 29 3b 20 73 63 72 69 70 74 2e 74 79 70 65 20 3d 20 27 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 27 3b 0a 20 20 20 20 20 20 20 20 73 63 72 69 70 74 2e 73 72 63 20 3d 20 75 72 6c 3b 20 73 63 72 69 70 74 2e 61 73 79 6e 63 20 3d 20 66 61 6c 73 65 3b 20 64 6f 63 75 6d 65 6e 74 2e 68 65 61 64 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 73 63 72 Data Ascii: 7ffa... heatmap.com snippet --><script> function heatmapLoadConversionsSDK(url) { var script = document.createElement('script'); script.type = 'text/javascript'; script.src = url; script.async = false; document.head.appendChild(scr
2025-01-09 20:54:42 UTC	1369	IN	Data Raw: 3a 2f 2f 64 65 76 2e 76 69 73 75 61 6c 77 65 62 73 69 74 65 6f 70 74 69 6d 69 7a 65 72 2e 63 6f 6d 22 20 2f 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 27 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 27 20 69 64 3d 27 76 77 6f 43 6f 64 65 27 3e 0a 77 69 6e 64 6f 77 2e 5f 76 77 6f 5f 63 6f 64 65 20 7c 7c 20 28 66 75 6e 63 74 69 6f 6e 28 29 20 7b 0a 76 61 72 20 61 63 63 6f 75 6e 74 5f 69 64 3d 37 39 31 35 36 33 2c 0a 76 65 72 73 69 6f 6e 3d 32 2e 31 2c 0a 73 65 74 74 69 6e 67 73 5f 74 6f 6c 65 72 61 6e 63 65 3d 32 30 30 30 2c 0a 68 69 64 65 5f 65 6c 65 6d 65 6e 74 3d 27 62 6f 64 79 27 2c 0a 68 69 64 65 5f 65 6c 65 6d 65 6e 74 5f 73 74 79 6c 65 20 3d 20 27 6f 70 61 63 69 74 79 3a 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 66 69 6c 74 65 72 3a 61 6c 70 68 61 28 Data Ascii: ://dev.visualwebsiteoptimizer.com" /><script type='text/javascript' id='vwoCode'>window._vwo_code \|\| (function() {var account_id=791563,version=2.1,settings_tolerance=2000,hide_element='body',hide_element_style = 'opacity:0 !important;filter:alpha(
2025-01-09 20:54:42 UTC	1369	IN	Data Raw: 28 29 7b 72 65 74 75 72 6e 20 66 7d 2c 61 64 64 53 63 72 69 70 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 64 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 73 63 72 69 70 74 27 29 3b 74 2e 74 79 70 65 3d 27 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 27 3b 69 66 28 65 2e 73 72 63 29 7b 74 2e 73 72 63 3d 65 2e 73 72 63 7d 65 6c 73 65 7b 74 2e 74 65 78 74 3d 65 2e 74 65 78 74 7d 64 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 27 68 65 61 64 27 29 5b 30 5d 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 74 29 7d 2c 6c 6f 61 64 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 69 3d 74 68 69 73 2e 67 65 74 53 65 74 74 69 6e 67 73 28 29 2c 6e 3d 64 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 73 63 72 69 70 74 27 29 2c Data Ascii: (){return f},addScript:function(e){var t=d.createElement('script');t.type='text/javascript';if(e.src){t.src=e.src}else{t.text=e.text}d.getElementsByTagName('head')[0].appendChild(t)},load:function(e,t){var i=this.getSettings(),n=d.createElement('script'),
2025-01-09 20:54:42 UTC	1369	IN	Data Raw: 72 69 62 75 74 65 28 27 74 79 70 65 27 2c 27 74 65 78 74 2f 63 73 73 27 29 3b 69 66 28 74 2e 73 74 79 6c 65 53 68 65 65 74 29 74 2e 73 74 79 6c 65 53 68 65 65 74 2e 63 73 73 54 65 78 74 3d 6e 3b 65 6c 73 65 20 74 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 64 2e 63 72 65 61 74 65 54 65 78 74 4e 6f 64 65 28 6e 29 29 3b 72 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 74 29 7d 65 6c 73 65 7b 74 3d 64 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 27 68 65 61 64 27 29 5b 30 5d 3b 76 61 72 20 6e 3d 64 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 64 69 76 27 29 3b 6e 2e 73 74 79 6c 65 2e 63 73 73 54 65 78 74 3d 27 7a 2d 69 6e 64 65 78 3a 20 32 31 34 37 34 38 33 36 34 37 20 21 69 6d 70 6f 72 74 61 6e 74 3b 70 6f 73 69 74 69 6f 6e 3a 20 66 69 78 65 64 Data Ascii: ribute('type','text/css');if(t.styleSheet)t.styleSheet.cssText=n;else t.appendChild(d.createTextNode(n));r.appendChild(t)}else{t=d.getElementsByTagName('head')[0];var n=d.createElement('div');n.style.cssText='z-index: 2147483647 !important;position: fixed
2025-01-09 20:54:42 UTC	1369	IN	Data Raw: 74 27 2c 20 27 64 6f 6d 61 69 6e 27 2c 20 27 76 69 73 69 2d 73 68 61 72 70 2e 6e 65 74 27 29 3b 0a 20 20 20 20 67 74 61 67 28 27 65 76 65 6e 74 27 2c 20 27 61 66 66 69 6c 69 61 74 65 5f 69 64 27 2c 20 27 33 32 36 27 29 3b 0a 20 20 20 20 67 74 61 67 28 27 65 76 65 6e 74 27 2c 20 27 73 75 62 69 64 27 2c 20 27 38 38 30 32 27 29 3b 0a 20 20 20 20 67 74 61 67 28 27 65 76 65 6e 74 27 2c 20 27 6d 65 72 63 68 61 6e 74 27 2c 20 27 62 75 79 67 6f 6f 64 73 27 29 3b 0a 0a 20 20 20 20 0a 20 20 20 20 0a 20 20 20 20 3c 2f 73 63 72 69 70 74 3e 0a 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 63 6c 61 73 73 3d 22 22 3e 0a 3c 21 2d 2d 20 47 6f 6f 67 6c 65 20 54 61 67 20 4d 61 6e 61 67 65 72 20 28 6e 6f 73 63 72 69 70 74 29 20 2d 2d 3e 0a 3c 6e 6f 73 63 72 69 70 Data Ascii: t', 'domain', 'visi-sharp.net'); gtag('event', 'affiliate_id', '326'); gtag('event', 'subid', '8802'); gtag('event', 'merchant', 'buygoods'); </script> </head><body class="">... Google Tag Manager (noscript) --><noscrip
2025-01-09 20:54:42 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 3c 70 61 74 68 20 64 3d 22 4d 31 32 20 37 56 36 43 31 32 20 34 2e 33 34 33 31 35 20 31 30 2e 36 35 36 39 20 33 20 39 20 33 56 33 43 37 2e 33 34 33 31 35 20 33 20 36 20 34 2e 33 34 33 31 35 20 36 20 36 56 37 22 20 73 74 72 6f 6b 65 3d 22 23 32 66 62 33 63 35 22 20 73 74 72 6f 6b 65 2d 77 69 64 74 68 3d 22 32 22 20 73 74 72 6f 6b 65 2d 6c 69 6e 65 63 61 70 3d 22 72 6f 75 6e 64 22 20 73 74 72 6f 6b 65 2d 6c 69 6e 65 6a 6f 69 6e 3d 22 72 6f 75 6e 64 22 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 61 74 68 20 64 3d 22 4d 31 33 20 31 34 4c 31 33 20 31 35 43 31 33 20 31 36 2e 31 30 34 36 20 31 33 2e 38 39 35 34 20 31 37 20 31 35 20 31 37 56 31 37 43 31 36 2e 31 30 34 36 20 31 37 20 31 37 20 31 36 2e 31 30 34 36 20 31 37 20 31 Data Ascii: <path d="M12 7V6C12 4.34315 10.6569 3 9 3V3C7.34315 3 6 4.34315 6 6V7" stroke="#2fb3c5" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/> <path d="M13 14L13 15C13 16.1046 13.8954 17 15 17V17C16.1046 17 17 16.1046 17 1
2025-01-09 20:54:42 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 5f 57 46 45 72 66 65 37 79 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 5f 4c 50 67 35 30 55 48 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 56 69 73 69 6f 6e 20 52 65 6d 65 64 79 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 5f 4c 50 67 35 30 55 48 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 4a 61 6e 75 61 72 79 20 32 30 32 35 0a 20 20 20 20 20 20 20 20 Data Ascii: <div class="_WFErfe7y"> <div class="_LPg50UHr"> Vision Remedy </div> <div class="_LPg50UHr"> January 2025
2025-01-09 20:54:42 UTC	1369	IN	Data Raw: 20 20 20 20 20 3c 64 69 76 20 64 61 74 61 2d 70 6c 61 79 65 72 2d 73 75 62 74 69 74 6c 65 73 20 63 6c 61 73 73 3d 22 5f 6c 79 39 4c 72 58 43 4f 22 3e 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 64 61 74 61 2d 70 6c 61 79 65 72 2d 70 6c 61 79 20 63 6c 61 73 73 3d 22 5f 33 36 4d 76 73 37 58 55 20 5f 7a 68 7a 48 6b 49 6c 31 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 5f 41 57 4e 56 33 6b 70 53 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 5f 6a 39 67 52 66 77 Data Ascii: <div data-player-subtitles class="_ly9LrXCO"></div> </div> <div data-player-play class="_36Mvs7XU _zhzHkIl1"> <div class="_AWNV3kpS"> <div class="_j9gRfw

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:43 UTC	2842	OUT	GET /css/app-19.css?id=9cf94c61215466bf367f HTTP/1.1 Host: visi-sharp.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVG [TRUNCATED]
2025-01-09 20:54:43 UTC	998	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:43 GMT Content-Type: text/css Transfer-Encoding: chunked Connection: close Last-Modified: Tue, 21 May 2024 12:01:14 GMT Vary: Accept-Encoding ETag: W/"664c8d0a-e2af" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 6784 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YAiO47NhaJCFfRinusa6481vQ2oDylxwO3IJEptAqDSWXJ%2F1nh6RJPL5%2FX2d5itEH808Yaj13dWZbel65TQvfdW5upRnsvKBSk9BSCjzACUx503g4SxuBh43a8RRt1SgRA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff752fb3f8243ee-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1744&min_rtt=1743&rtt_var=657&sent=4&recv=8&lost=0&retrans=0&sent_bytes=2833&recv_bytes=3420&delivery_rate=1660978&cwnd=225&unsent_bytes=0&cid=c96d157763b847af&ts=116&x=0"
2025-01-09 20:54:43 UTC	371	IN	Data Raw: 37 63 39 32 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 4d 6f 6e 74 73 65 72 72 61 74 3a 77 67 68 74 40 34 30 30 3b 35 30 30 3b 36 30 30 3b 37 30 30 3b 39 30 30 22 29 3b 40 69 6d 70 6f 72 74 20 75 72 6c 28 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 4f 73 77 61 6c 64 3a 77 67 68 74 40 34 30 30 3b 35 30 30 3b 36 30 30 3b 37 30 30 3b 38 30 30 22 29 3b 40 69 6d 70 6f 72 74 20 75 72 6c 28 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 53 61 63 72 61 6d 65 6e 74 6f 22 29 3b 40 69 Data Ascii: 7c92@import url("https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;900");@import url("https://fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700;800");@import url("https://fonts.googleapis.com/css2?family=Sacramento");@i
2025-01-09 20:54:43 UTC	1369	IN	Data Raw: 2c 68 31 2c 68 32 2c 68 33 2c 68 34 2c 68 35 2c 68 36 2c 68 72 2c 68 74 6d 6c 2c 69 66 72 61 6d 65 2c 6c 65 67 65 6e 64 2c 6c 69 2c 6d 65 6e 75 2c 6f 6c 2c 70 72 65 2c 74 65 78 74 61 72 65 61 2c 75 6c 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 3b 7d 70 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 70 61 64 64 69 6e 67 3a 30 3b 7d 75 6c 7b 6c 69 73 74 2d 73 74 79 6c 65 2d 74 79 70 65 3a 6e 6f 6e 65 3b 7d 62 75 74 74 6f 6e 2c 69 6e 70 75 74 2c 73 65 6c 65 63 74 2c 74 65 78 74 61 72 65 61 7b 6d 61 72 67 69 6e 3a 30 3b 6f 75 74 6c 69 6e 65 3a 6e 6f 6e 65 3b 7d 62 75 74 74 6f 6e 2c 68 74 6d 6c 2c 69 6e 70 75 74 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 7d 2a 2c 3a 61 66 74 65 72 2c 3a 62 65 66 6f 72 65 7b 62 6f 78 2d 73 69 Data Ascii: ,h1,h2,h3,h4,h5,h6,hr,html,iframe,legend,li,menu,ol,pre,textarea,ul{margin:0;padding:0;}p{margin-top:0;padding:0;}ul{list-style-type:none;}button,input,select,textarea{margin:0;outline:none;}button,html,input{box-sizing:border-box;}*,:after,:before{box-si
2025-01-09 20:54:43 UTC	1369	IN	Data Raw: 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 2e 5f 33 34 6d 6c 5a 35 53 72 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 34 70 78 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 7d 2e 5f 70 76 37 54 4b 6a 52 35 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 2e 5f 70 76 37 54 4b 6a 52 35 3a 61 66 74 65 72 7b 68 65 69 67 68 74 3a 33 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 62 6f 74 74 6f 6d 3a 30 3b 6c 65 66 74 3a 30 3b 72 69 67 68 74 3a 30 3b 63 6f 6e 74 65 6e 74 3a 22 22 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 68 73 6c 61 28 30 2c 30 25 2c 31 30 30 25 2c 2e 37 35 29 3b 7d 2e 5f 78 67 5a 54 6b 59 50 55 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 34 70 78 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 7d 40 Data Ascii: een and (max-width:600px){._34mlZ5Sr{font-size:24px !important;}}._pv7TKjR5{position:relative;}._pv7TKjR5:after{height:3px;position:absolute;bottom:0;left:0;right:0;content:"";background:hsla(0,0%,100%,.75);}._xgZTkYPU{margin-top:24px;text-align:center;}@
2025-01-09 20:54:43 UTC	1369	IN	Data Raw: 2e 5f 51 52 32 75 54 63 6a 55 7b 70 61 64 64 69 6e 67 3a 31 36 30 70 78 3b 7d 2e 5f 7a 65 34 51 52 67 62 73 7b 77 69 64 74 68 3a 31 30 30 25 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 63 65 6e 74 65 72 3b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 70 61 64 64 69 6e 67 3a 34 30 70 78 3b 63 6f 6c 6f 72 3a 23 31 35 32 31 33 31 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 67 6f 6c 64 3b 7d 2e 5f 68 4a 56 57 75 61 4b 5a 7b 6d 61 78 2d 77 69 64 74 68 3a 39 30 30 70 78 3b 7d 2e 5f 68 4a 56 57 75 61 4b 5a 2c 2e 5f 6a 45 62 6a 74 57 48 39 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 6f 6c 75 6d 6e 3b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 63 65 6e 74 65 72 3b Data Ascii: ._QR2uTcjU{padding:160px;}._ze4QRgbs{width:100%;display:flex;justify-content:center;align-items:center;padding:40px;color:#152131;background:gold;}._hJVWuaKZ{max-width:900px;}._hJVWuaKZ,._jEbjtWH9{display:flex;flex-direction:column;justify-content:center;
2025-01-09 20:54:43 UTC	1369	IN	Data Raw: 73 70 6c 61 79 3a 66 6c 65 78 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 6f 6c 75 6d 6e 3b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 63 65 6e 74 65 72 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 31 34 70 78 3b 7d 2e 5f 67 48 76 38 44 33 32 59 20 2e 5f 65 6f 45 59 49 66 52 36 20 2e 5f 46 46 31 73 4c 46 50 4b 7b 63 6f 6c 6f 72 3a 23 31 36 35 36 34 62 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 3b 7d 2e 5f 71 7a 32 70 43 67 45 63 2c 2e 5f 55 34 68 56 4c 30 32 4b 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 30 3b 63 6f 6c 6f 72 3a 23 31 35 32 31 33 31 3b 7d 2e 5f 71 7a 32 70 43 67 45 63 2e 5f 6b 51 70 71 61 30 70 47 2c 2e 5f 55 34 68 56 4c 30 32 4b 2e 5f 6b 51 70 71 61 30 70 47 7b 77 69 64 74 68 3a 32 Data Ascii: splay:flex;flex-direction:column;justify-content:center;margin-left:14px;}._gHv8D32Y ._eoEYIfR6 ._FF1sLFPK{color:#16564b;font-weight:600;}._qz2pCgEc,._U4hVL02K{position:absolute;top:0;left:0;color:#152131;}._qz2pCgEc._kQpqa0pG,._U4hVL02K._kQpqa0pG{width:2
2025-01-09 20:54:43 UTC	1369	IN	Data Raw: 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 63 6f 76 65 72 3b 77 69 64 74 68 3a 31 30 30 25 3b 7d 2e 5f 4b 34 4e 6b 31 78 4f 66 2c 2e 5f 59 30 6f 35 33 37 6b 58 7b 68 65 69 67 68 74 3a 31 30 30 25 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 30 3b 7d 2e 5f 59 30 6f 35 33 37 6b 58 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 75 72 6c 28 22 2e 2e 2f 69 6d 61 67 65 73 2f 35 2e 70 6e 67 22 29 3b 77 69 64 74 68 3a 38 30 25 3b 7d 2e 5f 37 47 31 33 57 66 58 73 20 70 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 2e 5f 67 48 76 38 44 33 32 59 7b 61 6c 69 67 6e 2d 69 Data Ascii: ckground-size:cover;width:100%;}._K4Nk1xOf,._Y0o537kX{height:100%;position:absolute;top:0;left:0;}._Y0o537kX{background-image:url("../images/5.png");width:80%;}._7G13WfXs p{margin-bottom:0 !important;}@media screen and (max-width:600px){._gHv8D32Y{align-i
2025-01-09 20:54:43 UTC	1369	IN	Data Raw: 65 72 3b 7d 2e 5f 47 4b 55 44 30 49 63 76 7b 70 61 64 64 69 6e 67 3a 36 34 70 78 3b 63 6f 6c 6f 72 3a 23 31 35 32 31 33 31 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 7d 2e 5f 47 4b 55 44 30 49 63 76 20 2e 5f 6b 51 70 71 61 30 70 47 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 39 30 64 65 67 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 74 72 61 6e 73 66 6f 72 6d 20 2e 36 73 20 63 75 62 69 63 2d 62 65 7a 69 65 72 28 2e 36 38 2c 2d 2e 35 35 2c 2e 32 37 2c 31 2e 35 35 29 2c 73 63 61 6c 65 20 2e 36 73 20 65 61 73 65 3b 77 69 64 74 68 3a 34 30 70 78 3b 68 65 69 67 68 74 3a 34 30 70 78 3b 7d 5b 64 61 74 61 2d 61 63 74 69 76 65 5d 20 2e 5f 6b 51 70 71 61 30 70 47 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 64 65 67 29 20 73 63 61 6c 65 28 Data Ascii: er;}._GKUD0Icv{padding:64px;color:#152131;background:#fff;}._GKUD0Icv ._kQpqa0pG{transform:rotate(90deg);transition:transform .6s cubic-bezier(.68,-.55,.27,1.55),scale .6s ease;width:40px;height:40px;}[data-active] ._kQpqa0pG{transform:rotate(0deg) scale(
2025-01-09 20:54:43 UTC	1369	IN	Data Raw: 77 69 64 74 68 3a 39 30 30 70 78 3b 63 6f 75 6e 74 65 72 2d 72 65 73 65 74 3a 73 65 63 74 69 6f 6e 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 66 6c 65 78 2d 77 72 61 70 3a 77 72 61 70 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 35 70 78 3b 7d 2e 5f 37 63 6a 4f 38 31 67 5a 7b 77 69 64 74 68 3a 31 30 30 25 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 70 61 64 64 69 6e 67 3a 30 20 31 30 70 78 3b 66 6c 65 78 2d 62 61 73 69 73 3a 35 30 25 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 36 38 70 78 29 7b 2e 5f 37 63 6a 4f 38 31 67 5a 7b 66 6c 65 78 2d 62 61 73 69 73 3a 31 30 30 25 3b 7d 7d 2e 5f 37 63 6a Data Ascii: width:900px;counter-reset:section;display:flex;flex-wrap:wrap;margin-top:15px;}._7cjO81gZ{width:100%;font-size:14px;padding:0 10px;flex-basis:50%;overflow:hidden;box-sizing:border-box;}@media screen and (max-width:768px){._7cjO81gZ{flex-basis:100%;}}._7cj
2025-01-09 20:54:43 UTC	1369	IN	Data Raw: 49 44 34 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 35 70 78 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 35 70 78 3b 63 6f 6c 6f 72 3a 23 66 66 62 66 30 34 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 3b 7d 2e 5f 4b 66 62 38 4d 36 46 54 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 66 66 3b 77 69 64 74 68 3a 2d 6d 6f 7a 2d 66 69 74 2d 63 6f 6e 74 65 6e 74 3b 77 69 64 74 68 3a 66 69 74 2d 63 6f 6e 74 65 6e 74 3b 70 61 64 64 69 6e 67 3a 35 30 70 78 20 32 30 70 78 3b 6d 61 72 67 69 6e 3a 30 20 61 75 74 6f 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 32 34 70 78 3b 7d 2e 5f 4b 66 62 38 4d 36 46 54 20 2e 5f 66 71 4d 4c 39 68 32 51 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 34 30 70 78 3b 7d 2e 5f 4b Data Ascii: ID4{font-size:25px;margin-left:5px;color:#ffbf04;font-weight:600;}._Kfb8M6FT{background-color:#fff;width:-moz-fit-content;width:fit-content;padding:50px 20px;margin:0 auto;border-radius:24px;}._Kfb8M6FT ._fqML9h2Q{text-align:center;margin-bottom:40px;}._K
2025-01-09 20:54:43 UTC	1369	IN	Data Raw: 30 70 78 3b 62 6f 72 64 65 72 2d 72 69 67 68 74 3a 33 70 78 20 73 6f 6c 69 64 20 23 66 66 66 3b 74 72 61 6e 73 66 6f 72 6d 3a 6d 61 74 72 69 78 28 31 2c 30 2c 30 2c 31 2c 30 2c 30 29 3b 7d 2e 5f 4b 66 62 38 4d 36 46 54 20 2e 5f 49 51 41 74 6e 41 4c 76 20 2e 5f 4a 66 44 46 42 7a 56 6d 20 2e 5f 51 6c 72 70 68 53 67 53 7b 70 61 64 64 69 6e 67 3a 39 70 78 20 31 36 70 78 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 32 34 70 78 3b 62 6f 72 64 65 72 3a 33 70 78 20 73 6f 6c 69 64 20 23 66 66 66 3b 7d 2e 5f 4b 66 62 38 4d 36 46 54 20 2e 5f 49 51 41 74 6e 41 4c 76 20 2e 5f 4a 66 44 46 42 7a 56 6d 20 2e 5f 72 54 55 5a 54 4d 33 62 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 30 70 78 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 3b 7d 2e 5f 4b 66 62 38 4d 36 46 54 20 2e 5f Data Ascii: 0px;border-right:3px solid #fff;transform:matrix(1,0,0,1,0,0);}._Kfb8M6FT ._IQAtnALv ._JfDFBzVm ._QlrphSgS{padding:9px 16px;border-radius:24px;border:3px solid #fff;}._Kfb8M6FT ._IQAtnALv ._JfDFBzVm ._rTUZTM3b{font-size:20px;font-weight:600;}._Kfb8M6FT ._

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:43 UTC	2863	OUT	GET /images/V3.png HTTP/1.1 Host: visi-sharp.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVG [TRUNCATED]
2025-01-09 20:54:43 UTC	992	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:43 GMT Content-Type: image/png Content-Length: 5665 Connection: close Last-Modified: Tue, 21 May 2024 12:01:13 GMT ETag: "664c8d09-1621" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 4671 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dgu2oVsXe4%2Bso1YbDm5UGfLntx%2FKlT7DM%2B3oqXN9S2fgS8szQnNysmQbpzcbWpLJBIUf67I0tAcmiSvDoZ0s1aVKEFMnL2oRkPtOR2X8xpFcxEBP3D5JaS5btMSOP50Xbw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff752fb3b078c0f-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1992&min_rtt=1938&rtt_var=835&sent=4&recv=8&lost=0&retrans=0&sent_bytes=2832&recv_bytes=3441&delivery_rate=1230509&cwnd=223&unsent_bytes=0&cid=3c8b20ac7846cdd6&ts=122&x=0"
2025-01-09 20:54:43 UTC	377	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 20 00 00 00 df 08 06 00 00 00 56 30 0e f8 00 00 15 e8 49 44 41 54 78 9c ed 9d 4b 6c 5c d7 79 c7 8f 15 a7 b6 60 50 1c 1b 46 8c c4 21 34 06 b8 a0 bb 11 15 20 4e 90 20 d1 08 76 97 86 46 ed 2e 01 cc 61 bb 6a 93 d8 e3 4d 90 17 a0 11 1a 24 8e 37 22 f3 40 ba 28 2a 32 40 57 45 a3 21 ba 8c 0d 0f 77 96 bb 30 b9 a9 b8 20 90 19 d0 72 22 c5 88 39 64 02 3f 14 4b c5 99 fc 0f 75 35 9e c7 7d 9c f7 fd ff 80 01 15 44 a6 ee bc 7e f7 7b 9c f3 9d fb ee dc b9 23 88 73 aa 43 8f 8a 10 62 31 71 51 f2 cf b3 39 2e 72 5b 08 b1 8f 3f 77 f1 90 74 86 7e 12 e2 04 0a c8 2e 8b 78 48 c9 d4 f0 f3 a4 e3 6b ea 0b 21 b6 20 a7 ad c4 63 3f c5 7f 4b 48 21 28 20 73 28 c9 28 e9 9c 09 ec fa 7b 90 51 27 f1 93 10 ad 50 40 fa 50 c2 51 0f d7 91 8d Data Ascii: PNGIHDR V0IDATxKl\y`PF!4 N vF.ajM$7"@(*2@WE!w0 r"9d?Ku5}D~{#sCb1qQ9.r[?wt~.xHk! c?KH!( s(({Q'P@PQ
2025-01-09 20:54:43 UTC	1369	IN	Data Raw: 69 96 5b d6 85 10 2d 8a a8 bc 94 55 40 15 48 a7 c9 a2 b2 17 50 44 25 a5 8c 02 6a 51 3c de 42 11 95 8c 32 09 a8 81 0f 37 53 2d ff 59 c7 4d 82 c5 ea c8 29 83 80 6a 28 7a b2 b8 1c 16 aa 58 dd 2a fb 0b 11 33 31 0b a8 8a 0f f0 39 0f ae 85 e4 a7 87 68 a8 cd d7 30 3e 8e 45 fa bc 9a 58 f8 46 f9 84 8f 4c 99 af 40 40 d5 b2 bf 18 b1 11 5b 04 b4 88 f5 25 4c b7 e2 a4 8f 94 6c a5 ec 2f 44 2c c4 14 01 c9 0f e6 9b 94 4f d4 c8 ce e5 25 ec c0 67 34 14 01 31 08 68 11 e9 d6 05 0f ae 85 d8 e1 0c de f3 26 5f ef b0 09 3d 05 6b e2 8e 48 ca cb 26 a6 14 b0 65 1f 20 a1 0a a8 82 a2 64 68 63 4e 89 19 fa 58 e7 c5 4e 59 60 84 98 82 d5 b0 52 96 f2 21 8a 59 74 ca 58 9c 0e 8c d0 22 20 a6 5c 64 1a db b8 49 31 25 0b 80 50 22 a0 0a da eb 94 0f 99 c6 29 44 c8 8b 7c a5 fc 27 04 01 55 d1 76 e5 Data Ascii: i[-U@HPD%jQ<B27S-YM)j(zX*319h0>EXFL@@[%Ll/D,O%g41h&_=kH&e dhcNXNY`R!YtX" \dI1%P")D\|'Uv
2025-01-09 20:54:43 UTC	1369	IN	Data Raw: 67 7d 48 a8 e5 f2 85 1b 27 20 79 47 bd 6c ff 72 82 c1 47 01 29 aa f8 a0 33 7a f5 8b 6d 6c 42 fe 18 48 8b ea f8 de d9 5e 6e 21 3b ab ad b9 9d 5d 27 83 f5 c7 09 88 e9 d7 64 7c 16 90 82 63 3f fc e3 61 d4 ef c6 e2 30 2a 92 22 6a d8 9e 55 34 4e 40 5c 7c 38 99 10 04 a4 68 40 44 7c 3f dd b3 9c f6 08 1f 44 45 0d 07 b5 22 f9 d9 6e da da 85 3f 4a 40 f2 8b f5 9a 8d 7f 3c 60 42 12 90 e0 d8 0f 6f 58 cf 73 7c cf de c2 bc 2a 5a db 4c cf d6 21 22 a3 85 ea 51 6d 78 9e f2 18 1f c9 b1 1f 6c db bb 23 d7 d2 16 b9 bd 62 6e 67 57 1d 82 69 6b 6c cb 92 6a dd 9b fc 47 46 45 40 1c bd 31 9d d0 22 a0 61 38 f6 c3 1d a7 31 8a 35 37 68 e5 db 9c 2f 6e ac 3e 34 2a 02 a2 7c e2 47 9d e6 fa 22 b7 75 58 a7 f0 8d 6b 6e 67 b7 3b b7 b3 db 40 44 6b e3 20 4c 79 a3 7a 6d 6f 61 be 0d f9 69 63 58 40 Data Ascii: g}H' yGlrG)3zmlBH^n!;]'d\|c?a0"jU4N@\\|8h@D\|?DE"n?J@<`BoXs\|ZL!"Qmxl#bngWikljGFE@1"a8157h/n>4*\|G"uXkng;@Dk LyzmoaicX@
2025-01-09 20:54:43 UTC	1369	IN	Data Raw: 3d b5 7c 8e 3f fd 8c 89 f5 3f 5e 0b 08 29 97 ce ee 78 7f d4 ba a1 e4 56 8c 2e cf 88 27 29 08 7a 4c 86 ac f7 c8 b4 6b 52 bd 67 98 99 a5 65 13 97 92 7b 94 a9 49 50 68 6e 19 78 7f 5b c9 da 8f 22 29 a0 ad 90 d6 6a 10 eb 04 3f 26 23 cf fa 1e d9 fd 32 90 7e e5 1d e4 6e 0c ec eb 32 55 c7 93 a9 d7 c8 d6 7d 52 40 9d 90 d6 6c 10 ab 04 b3 7d 62 14 c3 5b 2a b2 f0 c8 4b 2f 9b b8 24 6f 0a d0 86 c5 23 50 da 19 bb 67 6c 38 02 22 24 49 0d bb d5 83 1d 93 91 27 e5 52 3c f0 f9 a7 4c 44 3f c2 87 ef 1a 16 14 36 0d 47 b4 b2 ee 53 97 63 37 c6 fd 85 a4 80 f6 11 1a 72 26 0b 09 7e 4c 46 d6 2e d7 28 0c 45 3f c2 65 fd c7 60 8d 67 18 29 9f da a8 ba 4f 92 e1 79 40 5b 14 50 a9 a9 e0 c3 59 64 9f 8f 73 de 7b e5 37 03 f9 e4 89 7a 14 27 be f9 bc c9 9d ef 56 23 20 b4 d3 eb 16 87 fb 2b f9 4c Data Ascii: =\|??^)xV.')zLkRge{IPhnx[")j?&#2~n2U}R@l}b[*K/$o#Pgl8"$I'R<LD?6GSc7r&~LF.(E?e`g)Oy@[PYds{7z'V# +L
2025-01-09 20:54:43 UTC	1181	IN	Data Raw: 66 fb 84 2d e4 d9 5e 72 b1 a2 fc e9 fb 94 41 59 68 7e ac fd 3f d3 22 a0 b3 3c d2 2a 3b 45 04 54 e6 89 89 4a 40 51 9c 32 ea 1a 59 ac 56 32 f2 75 05 b5 1c 60 ff f0 f7 7e 30 ae f0 ec cb 84 cc e0 28 22 20 01 e3 97 ae bb 83 0f dc 5a e8 63 32 7c 45 c9 48 9e 28 71 cb b3 15 d5 32 85 3c f1 ad e7 87 cf 8f 7f 22 ef 89 a7 65 a7 a8 80 e4 56 82 37 cb fe 22 12 73 c8 4d ad ef bd fa 1b f1 c1 d5 ab 03 31 f9 92 ae 25 44 b4 8a 28 98 e4 a0 a8 80 04 a2 80 d2 77 7b 88 1d 64 5b ff fd 37 5e ff 6b 94 f4 ea 2b ce 5f f5 63 33 33 3f b9 7d 78 f8 52 6c 9b 44 6d a1 43 40 15 84 9f 4c 45 88 75 3c 49 d7 fa 38 2b 9d 5d b0 8c e8 10 90 c0 38 09 6e d1 20 4e 91 e9 9a 14 92 c3 ee da 26 44 54 ca 8d a5 79 d0 25 20 51 e2 82 34 f1 14 d5 5d 73 50 3f 5a 87 88 98 96 4d 41 a7 80 aa 18 2d c0 54 8c 78 89 Data Ascii: f-^rAYh~?"<*;ETJ@Q2YV2u`~0(" Zc2\|EH(q2<"eV7"sM1%D(w{d[7^k+_c33?}xRlDmC@LEu<I8+]8n N&DTy% Q4]sP?ZMA-Tx

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:44 UTC	2564	OUT	GET /images/V3.png HTTP/1.1 Host: visi-sharp.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVG [TRUNCATED]
2025-01-09 20:54:44 UTC	996	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:44 GMT Content-Type: image/png Content-Length: 5665 Connection: close Last-Modified: Tue, 21 May 2024 12:01:13 GMT ETag: "664c8d09-1621" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 4672 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VmcvbM%2BLwPjv9DEwSlpkDQsMmPLY46hWOW7r7f7d6T1JD0u%2Bd9DalPA%2FFInKOdTdmtjyB%2BavuiMeLhJ3iQGCKxfb%2FXdRQIptyikceVYKD72N03R3ATQVHPoGTa7v5vt9TA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff753022b188cda-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1823&min_rtt=1823&rtt_var=683&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2832&recv_bytes=3142&delivery_rate=1601755&cwnd=242&unsent_bytes=0&cid=2c6c428ba01abf69&ts=129&x=0"
2025-01-09 20:54:44 UTC	373	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 20 00 00 00 df 08 06 00 00 00 56 30 0e f8 00 00 15 e8 49 44 41 54 78 9c ed 9d 4b 6c 5c d7 79 c7 8f 15 a7 b6 60 50 1c 1b 46 8c c4 21 34 06 b8 a0 bb 11 15 20 4e 90 20 d1 08 76 97 86 46 ed 2e 01 cc 61 bb 6a 93 d8 e3 4d 90 17 a0 11 1a 24 8e 37 22 f3 40 ba 28 2a 32 40 57 45 a3 21 ba 8c 0d 0f 77 96 bb 30 b9 a9 b8 20 90 19 d0 72 22 c5 88 39 64 02 3f 14 4b c5 99 fc 0f 75 35 9e c7 7d 9c f7 fd ff 80 01 15 44 a6 ee bc 7e f7 7b 9c f3 9d fb ee dc b9 23 88 73 aa 43 8f 8a 10 62 31 71 51 f2 cf b3 39 2e 72 5b 08 b1 8f 3f 77 f1 90 74 86 7e 12 e2 04 0a c8 2e 8b 78 48 c9 d4 f0 f3 a4 e3 6b ea 0b 21 b6 20 a7 ad c4 63 3f c5 7f 4b 48 21 28 20 73 28 c9 28 e9 9c 09 ec fa 7b 90 51 27 f1 93 10 ad 50 40 fa 50 c2 51 0f d7 91 8d Data Ascii: PNGIHDR V0IDATxKl\y`PF!4 N vF.ajM$7"@(*2@WE!w0 r"9d?Ku5}D~{#sCb1qQ9.r[?wt~.xHk! c?KH!( s(({Q'P@PQ
2025-01-09 20:54:44 UTC	1369	IN	Data Raw: 94 b2 0b 88 69 96 5b d6 85 10 2d 8a a8 bc 94 55 40 15 48 a7 c9 a2 b2 17 50 44 25 a5 8c 02 6a 51 3c de 42 11 95 8c 32 09 a8 81 0f 37 53 2d ff 59 c7 4d 82 c5 ea c8 29 83 80 6a 28 7a b2 b8 1c 16 aa 58 dd 2a fb 0b 11 33 31 0b a8 8a 0f f0 39 0f ae 85 e4 a7 87 68 a8 cd d7 30 3e 8e 45 fa bc 9a 58 f8 46 f9 84 8f 4c 99 af 40 40 d5 b2 bf 18 b1 11 5b 04 b4 88 f5 25 4c b7 e2 a4 8f 94 6c a5 ec 2f 44 2c c4 14 01 c9 0f e6 9b 94 4f d4 c8 ce e5 25 ec c0 67 34 14 01 31 08 68 11 e9 d6 05 0f ae 85 d8 e1 0c de f3 26 5f ef b0 09 3d 05 6b e2 8e 48 ca cb 26 a6 14 b0 65 1f 20 a1 0a a8 82 a2 64 68 63 4e 89 19 fa 58 e7 c5 4e 59 60 84 98 82 d5 b0 52 96 f2 21 8a 59 74 ca 58 9c 0e 8c d0 22 20 a6 5c 64 1a db b8 49 31 25 0b 80 50 22 a0 0a da eb 94 0f 99 c6 29 44 c8 8b 7c a5 fc 27 04 01 Data Ascii: i[-U@HPD%jQ<B27S-YM)j(zX*319h0>EXFL@@[%Ll/D,O%g41h&_=kH&e dhcNXNY`R!YtX" \dI1%P")D\|'
2025-01-09 20:54:44 UTC	1369	IN	Data Raw: 84 90 6c bf 67 7d 48 a8 e5 f2 85 1b 27 20 79 47 bd 6c ff 72 82 c1 47 01 29 aa f8 a0 33 7a f5 8b 6d 6c 42 fe 18 48 8b ea f8 de d9 5e 6e 21 3b ab ad b9 9d 5d 27 83 f5 c7 09 88 e9 d7 64 7c 16 90 82 63 3f fc e3 61 d4 ef c6 e2 30 2a 92 22 6a d8 9e 55 34 4e 40 5c 7c 38 99 10 04 a4 68 40 44 7c 3f dd b3 9c f6 08 1f 44 45 0d 07 b5 22 f9 d9 6e da da 85 3f 4a 40 f2 8b f5 9a 8d 7f 3c 60 42 12 90 e0 d8 0f 6f 58 cf 73 7c cf de c2 bc 2a 5a db 4c cf d6 21 22 a3 85 ea 51 6d 78 9e f2 18 1f c9 b1 1f 6c db bb 23 d7 d2 16 b9 bd 62 6e 67 57 1d 82 69 6b 6c cb 92 6a dd 9b fc 47 46 45 40 1c bd 31 9d d0 22 a0 61 38 f6 c3 1d a7 31 8a 35 37 68 e5 db 9c 2f 6e ac 3e 34 2a 02 a2 7c e2 47 9d e6 fa 22 b7 75 58 a7 f0 8d 6b 6e 67 b7 3b b7 b3 db 40 44 6b e3 20 4c 79 a3 7a 6d 6f 61 be 0d f9 Data Ascii: lg}H' yGlrG)3zmlBH^n!;]'d\|c?a0"jU4N@\\|8h@D\|?DE"n?J@<`BoXs\|ZL!"Qmxl#bngWikljGFE@1"a8157h/n>4*\|G"uXkng;@Dk Lyzmoa
2025-01-09 20:54:44 UTC	1369	IN	Data Raw: 7f ad f7 7c 3d b5 7c 8e 3f fd 8c 89 f5 3f 5e 0b 08 29 97 ce ee 78 7f d4 ba a1 e4 56 8c 2e cf 88 27 29 08 7a 4c 86 ac f7 c8 b4 6b 52 bd 67 98 99 a5 65 13 97 92 7b 94 a9 49 50 68 6e 19 78 7f 5b c9 da 8f 22 29 a0 ad 90 d6 6a 10 eb 04 3f 26 23 cf fa 1e d9 fd 32 90 7e e5 1d e4 6e 0c ec eb 32 55 c7 93 a9 d7 c8 d6 7d 52 40 9d 90 d6 6c 10 ab 04 b3 7d 62 14 c3 5b 2a b2 f0 c8 4b 2f 9b b8 24 6f 0a d0 86 c5 23 50 da 19 bb 67 6c 38 02 22 24 49 0d bb d5 83 1d 93 91 27 e5 52 3c f0 f9 a7 4c 44 3f c2 87 ef 1a 16 14 36 0d 47 b4 b2 ee 53 97 63 37 c6 fd 85 a4 80 f6 11 1a 72 26 0b 09 7e 4c 46 d6 2e d7 28 0c 45 3f c2 65 fd c7 60 8d 67 18 29 9f da a8 ba 4f 92 e1 79 40 5b 14 50 a9 a9 e0 c3 59 64 9f 8f 73 de 7b e5 37 03 f9 e4 89 7a 14 27 be f9 bc c9 9d ef 56 23 20 b4 d3 eb 16 87 Data Ascii: \|=\|??^)xV.')zLkRge{IPhnx[")j?&#2~n2U}R@l}b[*K/$o#Pgl8"$I'R<LD?6GSc7r&~LF.(E?e`g)Oy@[PYds{7z'V#
2025-01-09 20:54:44 UTC	1185	IN	Data Raw: 68 38 05 8b 66 fb 84 2d e4 d9 5e 72 b1 a2 fc e9 fb 94 41 59 68 7e ac fd 3f d3 22 a0 b3 3c d2 2a 3b 45 04 54 e6 89 89 4a 40 51 9c 32 ea 1a 59 ac 56 32 f2 75 05 b5 1c 60 ff f0 f7 7e 30 ae f0 ec cb 84 cc e0 28 22 20 01 e3 97 ae bb 83 0f dc 5a e8 63 32 7c 45 c9 48 9e 28 71 cb b3 15 d5 32 85 3c f1 ad e7 87 cf 8f 7f 22 ef 89 a7 65 a7 a8 80 e4 56 82 37 cb fe 22 12 73 c8 4d ad ef bd fa 1b f1 c1 d5 ab 03 31 f9 92 ae 25 44 b4 8a 28 98 e4 a0 a8 80 04 a2 80 d2 77 7b 88 1d 64 5b ff fd 37 5e ff 6b 94 f4 ea 2b ce 5f f5 63 33 33 3f b9 7d 78 f8 52 6c 9b 44 6d a1 43 40 15 84 9f 4c 45 88 75 3c 49 d7 fa 38 2b 9d 5d b0 8c e8 10 90 c0 38 09 6e d1 20 4e 91 e9 9a 14 92 c3 ee da 26 44 54 ca 8d a5 79 d0 25 20 51 e2 82 34 f1 14 d5 5d 73 50 3f 5a 87 88 98 96 4d 41 a7 80 aa 18 2d c0 Data Ascii: h8f-^rAYh~?"<*;ETJ@Q2YV2u`~0(" Zc2\|EH(q2<"eV7"sM1%D(w{d[7^k+_c33?}xRlDmC@LEu<I8+]8n N&DTy% Q4]sP?ZMA-

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:44 UTC	2874	OUT	GET /images/best_value_v2.png HTTP/1.1 Host: visi-sharp.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVG [TRUNCATED]
2025-01-09 20:54:44 UTC	995	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:44 GMT Content-Type: image/png Content-Length: 155991 Connection: close Last-Modified: Tue, 21 May 2024 12:01:13 GMT ETag: "664c8d09-26157" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 2268 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TntBqGhJcy36TEVhA4V07clqWEey5WMDqUXNrOmBb0yZxHJY%2BPcQHPOQQDUXZfKHEbVr9AGa2JUcS8eomE2eLymxGYJZKWHK1h%2FxtC7geYsnuUbH4VCv%2FHafQc233P3X6g%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff753022a0e43ee-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1754&min_rtt=1754&rtt_var=659&sent=5&recv=8&lost=0&retrans=0&sent_bytes=2832&recv_bytes=3452&delivery_rate=1658148&cwnd=225&unsent_bytes=0&cid=db0897a87da23f37&ts=134&x=0"
2025-01-09 20:54:44 UTC	374	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 ee 00 00 01 ab 08 06 00 00 00 06 82 74 89 00 00 20 00 49 44 41 54 78 9c ec 5d 05 9c 1c d5 fd ff be 99 dd bd 3d 97 e4 2e 76 f1 60 21 40 20 02 c4 f0 a0 81 e2 d2 02 29 12 20 58 5b 68 71 77 f7 e0 94 e2 10 a4 68 21 48 20 6e 24 90 d0 04 8d dc c5 fd ee 72 ba bb f3 fe 9f 99 79 f2 7b 33 7b 38 ed 3f e9 fc e0 b2 b3 33 cf e6 cd ec fb be 9f 33 ce 39 22 8a 28 a2 ff 2e 2d 1a 7f c6 a9 1c dc 86 fb 73 64 00 63 ac b9 fb 9e 0f ff e3 bf 39 a8 e5 d3 46 ef e9 70 de 1e ee a0 18 b8 65 c5 d2 1d 07 de ff 4a f4 aa 44 14 d1 7f 97 22 e0 8e 28 a2 ff 12 2d 1a 7f c6 3d 56 cc 3e 80 d9 6c eb 58 2c 06 3b 27 0e ef f7 e8 00 99 4c 0a 4e 2a 0d 27 e3 2c e0 0e 7f ab db 1e 0f ff ed 3f 31 ca a5 53 ce ba 02 0c 87 5a b6 d5 df 76 c7 14 b3 61 59 Data Ascii: PNGIHDRt IDATx]=.v`!@ ) X[hqwh!H n$ry{3{8?339"(.-sdc9FpeJD"(-=V>lX,;'LN*',?1SZvaY
2025-01-09 20:54:44 UTC	1369	IN	Data Raw: 09 2d 8d 2d 6b 19 70 59 87 81 0f 3c 12 bd 43 11 45 f4 9f a3 08 b8 23 8a e8 3f 48 8b 27 9c 35 27 96 13 eb 9b 2c 2a 82 1d 8b fb c0 88 ec bf 41 26 cf 33 20 dd 9c 46 63 6d 2d 32 a9 f4 ab dd 86 3d 7c e4 af 39 e2 ea 49 67 3c 6d c7 63 7f c8 2d 29 44 3c 1e 53 28 cd 68 21 26 be 33 80 73 e6 8d 2d 93 c9 a0 a1 a6 1e 4e 3a fd 5e 87 81 0f 1c 10 bd 47 11 45 f4 9f a1 08 b8 23 8a e8 3f 44 4b 26 9c f5 59 3c 3f b9 53 4e 41 21 2c 26 90 d0 65 68 19 07 e3 41 a4 f4 7f 97 8c 7e e3 1c f5 1b 36 20 d3 92 99 d1 75 e8 43 bb fe 1a a3 ae 9a 7c c6 27 b1 44 7c 58 61 59 31 c0 2c c1 f9 4b 94 e6 d0 10 ee b3 dd fe 11 17 32 01 17 be 1d 34 d6 35 20 d5 d8 1c 81 77 44 11 fd 87 c8 8a 26 3a a2 88 7e 7b 5a 3c e1 cc 89 f1 fc dc 9d 92 85 45 1e 43 2b b7 cb 5c 88 a2 c5 17 f1 e9 e8 f1 d0 7d 35 03 f2 4b Data Ascii: --kpY<CE#?H'5',*A&3 Fcm-2=\|9Ig<mc-)D<S(h!&3s-N:^GE#?DK&Y<?SNA!,&ehA~6 uC\|'D\|XaY1,K245 wD&:~{Z<EC+\}5K
2025-01-09 20:54:44 UTC	1369	IN	Data Raw: 2d d3 92 42 43 5d bd 1b fd ed df 0c b8 b7 fd 80 ef 0f d4 b2 72 e6 39 17 c1 b2 7e 1f 4b 24 76 c8 2d cc 83 65 d9 86 f4 5e 6d 18 a4 8e 9d cc 91 3f 66 df 49 c6 c9 64 d0 5c df 88 a6 4d 0d 97 55 ee 76 6f 14 dd 2d a2 2d 8e 22 e0 8e 68 8b a3 85 e3 cf 39 29 bf 24 f1 0f 3b b7 ad d0 63 f3 00 70 53 a0 96 dc ae 43 30 4d ba 46 f9 60 e0 a4 9b 91 69 69 44 a6 b9 d9 d5 ab ae 71 32 7c ae 07 ec a2 86 65 b1 5e cc 66 95 76 3c 1e 73 c5 d2 b1 44 ae 10 37 3b 84 2d a6 80 6d 69 97 2f c2 1c 7b 46 60 06 db ab c7 42 34 cd da d7 1a 3c 80 5f 12 84 83 fa 6a ea 9f 1d f8 bd 2b 7d 39 42 7e da fe ff 94 73 97 f7 42 ad cc c9 a6 c0 62 c4 07 1c 0a fc 53 8d 2d 48 b5 b4 20 d5 dc d2 c8 81 cf c0 f9 bf 2d c6 84 2c 81 b9 12 f7 dd 60 5b 7d 5c 51 7e 22 37 07 76 3c ae 74 f8 3c b4 e5 60 64 6f a3 6f 5e 97 Data Ascii: -BC]r9~K$v-e^m?fId\MUvo--"h9)$;cpSC0MF`iiDq2\|e^fv<sD7;-mi/{F`B4<_j+}9B~sBbS-H -,`[}\Q~"7v<t<`doo^
2025-01-09 20:54:44 UTC	1369	IN	Data Raw: 81 76 39 d1 63 93 53 ea 32 05 ae 80 65 37 11 bf cb b2 fa 7c 00 f8 04 08 1b 63 cb d6 5f 96 6b ad 73 fe a6 a8 9b 93 b1 84 8d e5 78 e8 5e 7c e6 5a 6e 3a 98 aa af fd bf b9 e6 a6 59 2b e3 24 dc 36 cd 8e 66 14 65 96 06 71 c5 5d 53 6b 73 29 0a 97 80 1e 34 50 23 58 2f ca e5 e4 17 22 a7 a0 e8 da a5 d3 fe 72 65 b6 51 45 14 d1 e6 42 91 1f 77 44 bf 29 55 4f bd f8 f4 dc 82 f8 c5 f1 04 eb cc 2c 27 0e c4 05 06 64 c0 78 0b d2 69 ab be b9 31 35 b3 a1 a6 f9 d4 9e fb dc bb f0 c7 8e e5 db 0f ce ed 5e 58 96 33 dd 4e d8 e5 3c 56 a0 38 2b e9 83 cc 39 13 01 50 cc c4 99 2e d0 30 e5 2f cc 15 97 28 ff 95 f1 45 74 9c 70 17 b8 6c 30 69 8d ae 02 a0 70 c2 69 32 22 5a 0f 3a 4a 67 47 da b0 97 35 42 a0 c7 42 d2 65 e9 73 ee e8 00 24 0c 64 2c dc 14 2d ab 60 29 90 5e cf ea 82 bc 0b 95 05 4c Data Ascii: v9cS2e7\|c_ksx^\|Zn:Y+$6feq]Sks)4P#X/"reQEBwD)UO,'dxi15^X3N<V8+9P.0/(Etpl0ipi2"Z:JgG5BBes$d,-`)^L
2025-01-09 20:54:44 UTC	1369	IN	Data Raw: c1 8c 7f 9d 8a 6e de 58 20 c4 d2 c1 b6 18 ca 77 b8 c3 eb 3b 16 f3 c1 ad 5d db 7c e4 e7 25 d0 b7 4f 3b 5c 76 fe 10 74 ab 2c d1 1c b7 05 b3 be c5 74 9a 4f c9 99 0b 71 b8 e4 be 35 77 6e 1e 1b 81 57 18 11 99 ab c7 6a ea af e5 9d 73 02 e4 fe 86 51 c4 88 57 cf c8 d2 1b 3a 8f 44 79 ce 94 9a a5 35 ee d9 fc 1e b8 c6 2c f1 10 6d b1 07 14 dc bc ac c7 63 48 37 37 62 d3 da 45 cf 77 ea ff d7 13 42 0f 25 a2 88 7e 06 c5 a2 49 8b e8 d7 a0 95 b3 2f bf a1 b8 2c d1 a7 d9 ee 0e 78 1c 87 a3 b8 58 16 12 5b c2 5b fc 38 5a c4 b1 09 da 12 f4 7d 0c 0e 72 8e 50 75 20 8c c7 34 98 73 a5 ff 0c ba 7d f9 8c b6 8e e9 6d 1a 97 f9 6d f8 98 ae fd b1 19 a8 a8 56 8e de 31 b4 bd c1 02 55 4b 37 60 e9 8a 3a 3c fb ca 5c 2c aa da 80 15 ab 37 61 f5 da 7a 64 32 1c a3 4e dc 05 d7 fe 6d 4f df 70 8e 4a Data Ascii: nX w;]\|%O;\vt,tOq5wnWjsQW:Dy5,mcH77bEwB%~I/,xX[[8Z}rPu 4s}mmV1UK7`:<\,7azd2NmOpJ
2025-01-09 20:54:44 UTC	1369	IN	Data Raw: 6b 8c 9f bc 18 d5 cb 36 90 b6 48 48 54 4e c6 4c 9a 1d d4 af d2 33 ea 5a f0 cd 1a 03 98 01 13 f8 4c ab 77 a0 63 bb 42 f3 3e 69 be 6b 23 a4 a9 a3 ae 1b 1b 81 10 78 07 b2 80 d1 b9 0b cd a7 aa e1 e9 b2 5b 2f ca f4 bf 1c 78 fc 8e 43 d0 d8 94 c6 3d 8f 4e 27 1b 01 a9 22 11 06 69 fa 26 f4 b8 89 9c df 00 ef e0 98 a8 8a 82 e8 c9 19 e1 c2 19 03 31 2c b3 0c 0b 78 ad 83 d6 d7 35 17 2e 23 b2 41 59 8e 4b c0 f5 eb db 81 d0 a9 02 84 85 c8 9c 29 cb 74 b1 61 55 f5 2c c1 b1 4b 1d b9 df b7 6b a5 9e 53 d0 7e 87 e0 ac 47 14 d1 4f a5 08 b8 23 fa 45 b4 6c c6 a5 a7 3a ac 90 70 c7 8e 5a b8 25 67 0c e1 5f ab 45 c3 10 a2 6b ae 74 dd 3a 51 86 65 8a b4 95 68 bb 15 b0 52 e4 a8 76 25 28 2a c0 57 ed 04 39 4e 75 d9 07 71 63 1c c0 a9 27 ec ec 7d 3e f6 dc 6c 91 78 83 86 27 75 02 f5 29 78 3b Data Ascii: k6HHTNL3ZLwcB>ik#x[/xC=N'"i&1,x5.#AYK)taU,KkS~GO#El:pZ%g_Ekt:QehRv%(*W9Nuqc'}>lx'u)x;
2025-01-09 20:54:44 UTC	1369	IN	Data Raw: 24 a9 c3 96 a4 16 bd 6c 16 eb 04 38 79 46 e9 b6 a5 c8 5d 6f 20 b8 91 b2 72 c4 f0 6d bc cf bd 87 76 47 db 36 f9 38 76 d4 58 cf 82 9c 4b 63 37 69 b9 ce 81 23 0f de ce e3 7c 5f 7d fb cb 70 bf ea 5e 82 3e e9 1c 03 fb 76 f4 16 f6 f7 3e fe 56 83 6a 50 57 8c b0 ce bd a2 4d 1e aa 57 d4 62 50 ff 4a 71 ca 21 65 78 96 fa 4e eb 00 1a e4 f6 b3 14 e2 9c ce 36 c7 e4 99 4b bd e0 2b fb 0c e9 4a fa 91 fc bd e3 db 17 06 c6 b0 70 c9 06 74 71 a3 b9 79 20 6c ea e0 95 0c 24 64 91 4f c4 c8 59 ac df 5f 78 f5 33 0f b4 f7 db 73 6b 7c 3b eb 52 0c 1b d4 33 24 6d e9 d6 a5 0d de 78 fe 2c 8c 7b f5 5c 7c 38 e1 2b 1c 7a fc 18 e2 fa 05 a1 e3 b6 08 30 53 70 b6 b5 65 b8 6a 59 96 b5 cd f7 8d 69 f1 b8 34 34 33 75 e6 fa 4f bd ee c2 60 4e 59 a2 4b a3 39 cf ba 3c 17 b9 a5 dd 6f c9 f2 c4 22 8a e8 Data Ascii: $l8yF]o rmvG68vXKc7i#\|_}p^>v>VjPWMWbPJq!exN6K+Jptqy l$dOY_x3sk\|;R3$mx,{\\|8+z0SpejYi443uO`NYK9<o"
2025-01-09 20:54:44 UTC	1369	IN	Data Raw: 57 ad f5 db fa ad f4 ad c2 8f fb e3 3d 38 e9 cc 07 c8 fb 6a 9b 00 cd 44 1a 4f 15 74 85 11 8e 9c a6 f8 84 01 ca ea 3b fd 64 94 2b f7 ff 2c 2b 86 44 5e 31 0a da f5 39 65 cd 82 67 16 54 4f bf a9 7f 2b 37 1d 51 44 06 45 56 e5 ff 23 b4 6c fa d5 27 5a f1 d8 c1 96 6d 77 d3 2b 9e c3 32 a9 d4 eb e9 96 d4 b3 5d 06 df b0 38 db 4c 2c 9d 7e f9 c8 64 7e f2 ba a2 36 79 95 2c 51 09 c4 cb 45 60 13 26 38 6b 6e 84 12 d5 82 cc 80 3e 5a 1a ad 41 0a a2 b9 06 57 a3 76 e0 ab 30 67 f6 d7 7e df e2 5c 72 6a 6e 58 4e 37 d0 c9 71 a3 5e c2 0b 8f 1c 8d 41 d2 0a 9b 70 de 46 16 30 22 a2 65 c8 60 bb ad da 60 ea a7 4b 49 87 dc b3 00 7f e1 a1 c3 71 de 65 ef a1 df fe 8f e1 be 1b f6 c7 a0 7e 9d b0 73 9f 76 98 38 bd 9a 80 1e 0f 8f d7 00 37 07 c7 1f be 9d e7 93 ed 1a 9b 75 16 69 34 8d cc 59 d2 Data Ascii: W=8jDOt;d+,+D^19egTO+7QDEV#l'Zmw+2]8L,~d~6y,QE`&8kn>ZAWv0g~\rjnXN7q^ApF0"e``KIqe~sv87ui4Y
2025-01-09 20:54:44 UTC	1369	IN	Data Raw: a2 78 8e d3 b6 92 73 54 02 6c 17 5f b4 6e 7b 65 38 6d 57 8c 45 49 a1 62 6d f3 e2 c9 b2 13 33 a9 c6 e3 57 ce 7d fc 9a f6 3b 9e 7a 3d 22 da e2 28 d2 71 6f 81 b4 6a ee ad f3 92 25 e5 e7 e7 94 ee 62 c5 0b b6 01 b3 72 0c 6e 06 06 ec f9 9f cc 4a c2 8a 95 80 c5 8a c0 62 85 02 b4 1d 9f 6b 96 b1 b9 b9 00 52 e5 82 e5 08 9d 9f 04 63 c9 7d 8b 70 a7 74 f1 87 a3 ad cf 55 3b 34 48 0b cb 92 ac 01 66 ca 45 45 01 71 a5 0b b2 ef 9d 86 82 fc 04 0e 3f 65 6c 40 af 4b 75 b9 da 12 dc 3d 76 c5 d7 ed 5d b7 30 25 2e e7 44 2f ee 97 7d e6 fe 11 d8 73 50 57 dc 78 ef 54 0f 84 e7 7c b1 ca d0 cf ca 6c 65 fa 3e 64 4b 7e 99 8f c7 1e 8f 9b 2e de 83 f4 8b 80 ae 9f 0e 8f 3c 15 1e bc 68 3e 35 1d c3 9d 82 9c 19 97 5c 57 71 0c 7d b9 fa d7 88 53 1e 98 2e 0e c3 8f 9b 07 1a a6 3e d9 c1 5c e5 46 ff Data Ascii: xsTl_n{e8mWEIbm3W};z="(qoj%brnJbkRc}ptU;4HfEEq?el@Ku=v]0%.D/}sPWxT\|le>dK~.<h>5\Wq}S.>\F
2025-01-09 20:54:44 UTC	1369	IN	Data Raw: 84 cd 34 91 90 1b 7f 5a d0 2d 0d a6 58 48 7f ad 39 6c 4b d7 f5 aa 49 37 ad 20 c7 0d 83 1b bf ef 91 f7 d1 79 c7 8b 71 ed 6d 6f 63 f6 e7 d5 de f9 87 9e 9c 84 ae 7d af c4 94 19 8b c8 d0 24 47 cf 48 7d b1 fe 2b bd 39 cc 3e 18 c3 b4 59 4b f1 c0 93 b3 3d ff e9 39 f3 56 e1 c4 73 5e 57 a0 a1 43 b1 d2 fb cf 60 db ad da 60 ce bf 57 07 c2 88 9a 63 97 e5 69 1e 6d 7f 6e a9 98 9b 72 bd 81 a8 66 82 63 54 3b 01 1e d6 77 1b 5c 6b 36 ae 97 7e 55 21 4d 49 7d 52 cc 0c e0 42 c1 3f a0 ef 56 e3 d2 1b 94 70 7f 92 3b 46 80 eb a5 a2 f2 2c 3b 05 43 ec ef 98 55 d4 3f e4 85 24 11 e0 1e bb fb 68 1c 7b f8 4e b8 ff b1 c9 d8 79 af 3b f1 c2 ab 9f 9a cd 73 e0 ce 07 3e 40 c7 ed 2e c2 ca d5 75 78 67 ec 79 c2 28 4d d8 65 04 72 79 bb ef eb 35 37 8f f5 8e ee bd f5 74 e2 da 65 13 e0 d4 46 69 8b Data Ascii: 4Z-XH9lKI7 yqmoc}$GH}+9>YK=9Vs^WC``WcimnrfcT;w\k6~U!MI}RB?Vp;F,;CU?$h{Ny;s>@.uxgy(Mery57teFi

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:44 UTC	694	OUT	GET /j.php?a=791563&u=https%3A%2F%2Fvisi-sharp.net%2Freport%3Faff_id%3D326%26subid2%3D6812_sessid20250109205426977%26subid%3D8802&vn=2.1&x=true HTTP/1.1 Host: dev.visualwebsiteoptimizer.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://visi-sharp.net Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://visi-sharp.net/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-09 20:54:45 UTC	434	IN	HTTP/1.1 200 OK date: Thu, 09 Jan 2025 20:54:44 GMT content-type: application/javascript; charset=UTF-8 access-control-allow-origin: https://visi-sharp.net access-control-allow-credentials: true server: gnv2 timing-allow-origin: * via: 1.1 google Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close Transfer-Encoding: chunked
2025-01-09 20:54:45 UTC	30	IN	Data Raw: 31 33 0d 0a 5f 76 77 6f 5f 63 6f 64 65 2e 66 69 6e 69 73 68 28 29 3b 0d 0a 30 0d 0a 0d 0a Data Ascii: 13_vwo_code.finish();0

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:45 UTC	2852	OUT	GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1 Host: visi-sharp.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVG [TRUNCATED]
2025-01-09 20:54:45 UTC	762	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:45 GMT Content-Type: application/javascript Content-Length: 1239 Connection: close Last-Modified: Tue, 07 Jan 2025 11:11:01 GMT ETag: "677d0bc5-4d7" Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GmTohuiEls3nyy%2FeaP7ypj0FFMnrFsJ88cJHlRktbbcjy%2F%2BUA3KB%2FOoZQ1sNr2Dfzn%2FuQWgGwfRV0wZcOpaWjB7TuC8yihAkoo%2BJ1CJIz9NP%2BDn%2BtuFfqoA8wu4tuG151A%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff7530408858c0f-EWR X-Frame-Options: DENY X-Content-Type-Options: nosniff Expires: Sat, 11 Jan 2025 20:54:45 GMT Cache-Control: max-age=172800 Cache-Control: public Accept-Ranges: bytes
2025-01-09 20:54:45 UTC	607	IN	Data Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 65 28 65 29 7b 74 72 79 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 63 6f 6e 73 6f 6c 65 29 72 65 74 75 72 6e 3b 22 65 72 72 6f 72 22 69 6e 20 63 6f 6e 73 6f 6c 65 3f 63 6f 6e 73 6f 6c 65 2e 65 72 72 6f 72 28 65 29 3a 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 65 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 66 75 6e 63 74 69 6f 6e 20 74 28 65 29 7b 72 65 74 75 72 6e 20 64 2e 69 6e 6e 65 72 48 54 4d 4c 3d 27 3c 61 20 68 72 65 66 3d 22 27 2b 65 2e 72 65 70 6c 61 63 65 28 2f 22 2f 67 2c 22 26 71 75 6f 74 3b 22 29 2b 27 22 3e 3c 2f 61 3e 27 2c 64 2e 63 68 69 6c 64 4e 6f 64 65 73 5b 30 5d 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 68 72 65 66 Data Ascii: !function(){"use strict";function e(e){try{if("undefined"==typeof console)return;"error"in console?console.error(e):console.log(e)}catch(e){}}function t(e){return d.innerHTML='<a href="'+e.replace(/"/g,""")+'"></a>',d.childNodes[0].getAttribute("href
2025-01-09 20:54:45 UTC	632	IN	Data Raw: 3a 22 2b 6e 28 6f 2e 68 72 65 66 2c 61 2b 6c 2e 6c 65 6e 67 74 68 29 29 7d 63 61 74 63 68 28 69 29 7b 65 28 69 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 6f 28 74 29 7b 66 6f 72 28 76 61 72 20 72 3d 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 75 29 2c 63 3d 30 3b 63 3c 72 2e 6c 65 6e 67 74 68 3b 63 2b 2b 29 74 72 79 7b 76 61 72 20 6f 3d 72 5b 63 5d 2c 61 3d 6f 2e 70 61 72 65 6e 74 4e 6f 64 65 2c 69 3d 6f 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 66 29 3b 69 66 28 69 29 7b 76 61 72 20 6c 3d 6e 28 69 2c 30 29 2c 64 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 54 65 78 74 4e 6f 64 65 28 6c 29 3b 61 2e 72 65 70 6c 61 63 65 43 68 69 6c 64 28 64 2c 6f 29 7d 7d 63 61 74 63 68 28 68 29 7b 65 28 68 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 61 28 74 29 7b 66 6f Data Ascii: :"+n(o.href,a+l.length))}catch(i){e(i)}}function o(t){for(var r=t.querySelectorAll(u),c=0;c<r.length;c++)try{var o=r[c],a=o.parentNode,i=o.getAttribute(f);if(i){var l=n(i,0),d=document.createTextNode(l);a.replaceChild(d,o)}}catch(h){e(h)}}function a(t){fo

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:45 UTC	2989	OUT	GET /pixels/e71ec514527769916ab2b5748eef670b?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802&key=66taBl5rn79UTO5JGFaAqZivQP7PL3UU HTTP/1.1 Host: visi-sharp.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVG [TRUNCATED]
2025-01-09 20:54:45 UTC	1063	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:45 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Cache-Control: no-cache, private Set-Cookie: XSRF-TOKEN=eyJpdiI6ImdMbDIvQUU0VTZSRzNWSmZjdWxlTUE9PSIsInZhbHVlIjoieHlvRzhmZW1sSlBXWW9TTkQvZC9uMzRDNHZXY0xzdzJyUVNVTGNzQTFtQ1ppQmoxMDVGalBETUROK1pqc1Z5aFU1aXVEVlBmWmp3cDVVeG9mczdDTFA0alA5L0hJVjVyckE1Vm5BMllyc28ySy9SM1ZZV1ltZzRaRFZVdWJlMmUiLCJtYWMiOiIxNzJiYmFlYTQ4ZmYzMzZiZDBlODUwY2QyN2IzZWI5YzNkMjhhODU0ZDc4NzVhMWNiNmRiMjE4NDZhMmM2Y2ZkIn0%3D; expires=Sun, 19-Jan-2025 20:54:45 GMT; Max-Age=864000; path=/; samesite=lax Set-Cookie: _=eyJpdiI6IjNHT1RhWG1LWjZwaTZpclJyYmZCb3c9PSIsInZhbHVlIjoiTkJOYmV2bmVoL2JwYWRMb1cyOTZQdDduU2UxaC8yVFNSemVwTGVtbmtFaHhBQTU0d3hJdC9pNzRRQnVRdWNRbnV4TXpuUFl5azY0STJxM2krZFBVUjVDcHhRc01Dckt4aGRaZG85djM4emFKQjB0RnhJdGJIbHptYTRtYng2ZGoiLCJtYWMiOiJmYzQyNzgzMmQyODUzOWUzY2U0OTBmODM5N2ZmN2Y1MTdkYjliYTU2OWQ4NWFmZDMwMmU2ZjAyMWVlNjczYTMwIn0%3D; expires=Sun, 19-Jan-2025 20:54:45 GMT; Max-Age=864000; path=/; httponly; samesite=lax
2025-01-09 20:54:45 UTC	1606	IN	Data Raw: 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 72 65 66 65 72 72 65 72 3d 65 79 4a 70 64 69 49 36 49 6b 4e 75 53 47 31 35 54 45 73 78 63 6e 4e 71 63 56 6f 78 5a 45 73 7a 64 47 31 76 5a 30 45 39 50 53 49 73 49 6e 5a 68 62 48 56 6c 49 6a 6f 69 55 44 5a 52 51 54 49 77 57 6c 64 50 56 55 68 6f 57 6b 49 33 4d 6a 52 73 63 45 39 77 59 31 64 35 4f 48 4a 45 56 45 52 55 53 6a 4e 57 61 30 6c 6d 64 54 41 31 52 6e 5a 55 65 56 52 78 53 7a 56 34 55 45 6c 5a 56 7a 52 76 4e 6d 59 77 63 30 5a 57 51 6b 78 30 63 6d 4e 43 5a 30 74 75 53 30 67 31 56 48 68 78 51 6e 42 6f 4d 32 49 72 5a 6e 63 31 64 31 45 39 50 53 49 73 49 6d 31 68 59 79 49 36 49 6a 59 79 4f 54 68 6d 4e 32 45 78 59 6a 42 6b 4e 57 5a 6c 5a 6a 6c 68 4f 47 59 32 4e 54 68 68 4f 54 49 78 5a 6a 59 33 4f 54 45 32 5a 44 63 30 4e 54 Data Ascii: Set-Cookie: referrer=eyJpdiI6IkNuSG15TEsxcnNqcVoxZEszdG1vZ0E9PSIsInZhbHVlIjoiUDZRQTIwWldPVUhoWkI3MjRscE9wY1d5OHJEVERUSjNWa0lmdTA1RnZUeVRxSzV4UElZVzRvNmYwc0ZWQkx0cmNCZ0tuS0g1VHhxQnBoM2IrZnc1d1E9PSIsIm1hYyI6IjYyOThmN2ExYjBkNWZlZjlhOGY2NThhOTIxZjY3OTE2ZDc0NT
2025-01-09 20:54:45 UTC	20	IN	Data Raw: 66 0d 0a 37 38 39 32 32 32 32 38 39 30 31 33 31 37 37 0d 0a Data Ascii: f789222289013177
2025-01-09 20:54:45 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:45 UTC	2823	OUT	GET /js/app.js?id=11d7149dd52495db050a HTTP/1.1 Host: visi-sharp.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVG [TRUNCATED]
2025-01-09 20:54:45 UTC	1026	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:45 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close Last-Modified: Tue, 21 May 2024 12:01:13 GMT Vary: Accept-Encoding ETag: W/"664c8d09-c29c2" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 4773 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ax2tfAnHuRpksj4nKUf5JOVuiOzPFziF7855F9OUf72u3zYe1e6LtPy1pqlbQdHEwnyNYcOgag6o6%2BlQRyGzWBtPVpX10PGPdIcusWfPKRjqxIptBVXdYonFK42DqaLY9Q%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff75308eb6c43ee-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1721&min_rtt=1721&rtt_var=647&sent=4&recv=8&lost=0&retrans=0&sent_bytes=2833&recv_bytes=3401&delivery_rate=1690793&cwnd=225&unsent_bytes=0&cid=ebf0171a9de13998&ts=122&x=0"
2025-01-09 20:54:45 UTC	343	IN	Data Raw: 37 63 37 35 0d 0a 2f 2a 21 20 46 6f 72 20 6c 69 63 65 6e 73 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 73 65 65 20 61 70 70 2e 6a 73 2e 4c 49 43 45 4e 53 45 2e 74 78 74 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 6e 28 72 29 7b 69 66 28 74 5b 72 5d 29 72 65 74 75 72 6e 20 74 5b 72 5d 2e 65 78 70 6f 72 74 73 3b 76 61 72 20 69 3d 74 5b 72 5d 3d 7b 69 3a 72 2c 6c 3a 21 31 2c 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 72 65 74 75 72 6e 20 65 5b 72 5d 2e 63 61 6c 6c 28 69 2e 65 78 70 6f 72 74 73 2c 69 2c 69 2e 65 78 70 6f 72 74 73 2c 6e 29 2c 69 2e 6c 3d 21 30 2c 69 2e 65 78 70 6f 72 74 73 7d 6e 2e 6d 3d 65 2c 6e 2e 63 3d 74 2c 6e 2e 64 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 72 29 7b Data Ascii: 7c75/! For license information please see app.js.LICENSE.txt /!function(e){var t={};function n(r){if(t[r])return t[r].exports;var i=t[r]={i:r,l:!1,exports:{}};return e[r].call(i.exports,i,i.exports,n),i.l=!0,i.exports}n.m=e,n.c=t,n.d=function(e,t,r){
2025-01-09 20:54:45 UTC	1369	IN	Data Raw: 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 26 26 53 79 6d 62 6f 6c 2e 74 6f 53 74 72 69 6e 67 54 61 67 26 26 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 65 2c 53 79 6d 62 6f 6c 2e 74 6f 53 74 72 69 6e 67 54 61 67 2c 7b 76 61 6c 75 65 3a 22 4d 6f 64 75 6c 65 22 7d 29 2c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 65 2c 22 5f 5f 65 73 4d 6f 64 75 6c 65 22 2c 7b 76 61 6c 75 65 3a 21 30 7d 29 7d 2c 6e 2e 74 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 66 28 31 26 74 26 26 28 65 3d 6e 28 65 29 29 2c 38 26 74 29 72 65 74 75 72 6e 20 65 3b 69 66 28 34 26 74 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 26 26 65 26 26 65 2e 5f 5f 65 73 4d 6f 64 75 6c 65 29 72 65 74 75 72 6e 20 65 3b 76 61 72 20 72 3d 4f Data Ascii: =typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=O
2025-01-09 20:54:45 UTC	1369	IN	Data Raw: 29 2c 6e 28 22 33 55 44 2b 22 29 28 65 29 29 7d 2c 22 2b 4b 69 62 22 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 6e 2e 64 28 74 2c 22 61 22 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 45 7d 29 29 2c 6e 2e 64 28 74 2c 22 62 22 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6b 7d 29 29 3b 76 61 72 20 72 2c 69 3d 6e 28 22 33 6d 62 58 22 29 2c 61 3d 28 6e 65 77 20 55 69 6e 74 38 41 72 72 61 79 28 5b 37 39 2c 31 31 32 2c 31 31 37 2c 31 31 35 2c 37 32 2c 31 30 31 2c 39 37 2c 31 30 30 5d 29 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 3f 4f 62 6a 65 63 74 28 69 2e 68 29 28 65 29 3a 65 7d 29 2c 73 3d 66 75 6e 63 74 69 6f 6e Data Ascii: ),n("3UD+")(e))},"+Kib":function(e,t,n){"use strict";n.d(t,"a",(function(){return E})),n.d(t,"b",(function(){return k}));var r,i=n("3mbX"),a=(new Uint8Array([79,112,117,115,72,101,97,100]),function(e){return"string"==typeof e?Object(i.h)(e):e}),s=function
2025-01-09 20:54:45 UTC	1369	IN	Data Raw: 6e 67 74 68 29 72 65 74 75 72 6e 20 73 3b 66 6f 72 28 76 61 72 20 6f 3d 30 3b 6f 3c 74 2e 6c 65 6e 67 74 68 3b 29 7b 76 61 72 20 75 3d 28 74 5b 6f 5d 3c 3c 32 34 7c 74 5b 6f 2b 31 5d 3c 3c 31 36 7c 74 5b 6f 2b 32 5d 3c 3c 38 7c 74 5b 6f 2b 33 5d 29 3e 3e 3e 30 2c 6c 3d 74 2e 73 75 62 61 72 72 61 79 28 6f 2b 34 2c 6f 2b 38 29 3b 69 66 28 30 3d 3d 3d 75 29 62 72 65 61 6b 3b 76 61 72 20 63 3d 6f 2b 75 3b 69 66 28 63 3e 74 2e 6c 65 6e 67 74 68 29 7b 69 66 28 72 29 62 72 65 61 6b 3b 63 3d 74 2e 6c 65 6e 67 74 68 7d 76 61 72 20 64 3d 74 2e 73 75 62 61 72 72 61 79 28 6f 2b 38 2c 63 29 3b 4f 62 6a 65 63 74 28 69 2e 61 29 28 6c 2c 6e 5b 30 5d 29 26 26 28 31 3d 3d 3d 6e 2e 6c 65 6e 67 74 68 3f 73 2e 70 75 73 68 28 64 29 3a 73 2e 70 75 73 68 2e 61 70 70 6c 79 28 73 Data Ascii: ngth)return s;for(var o=0;o<t.length;){var u=(t[o]<<24\|t[o+1]<<16\|t[o+2]<<8\|t[o+3])>>>0,l=t.subarray(o+4,o+8);if(0===u)break;var c=o+u;if(c>t.length){if(r)break;c=t.length}var d=t.subarray(o+8,c);Object(i.a)(l,n[0])&&(1===n.length?s.push(d):s.push.apply(s
2025-01-09 20:54:45 UTC	1369	IN	Data Raw: 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 65 28 74 29 7d 29 29 3a 22 6e 75 6d 62 65 72 22 3d 3d 74 79 70 65 6f 66 20 74 3f 4f 62 6a 65 63 74 28 69 2e 66 29 28 74 29 3a 74 7d 2c 68 3d 66 75 6e 63 74 69 6f 6e 20 65 28 74 2c 6e 2c 72 29 7b 69 66 28 72 3e 3d 6e 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 20 6e 2e 6c 65 6e 67 74 68 3b 76 61 72 20 61 3d 63 28 6e 2c 72 2c 21 31 29 3b 69 66 28 4f 62 6a 65 63 74 28 69 2e 61 29 28 74 2e 62 79 74 65 73 2c 61 2e 62 79 74 65 73 29 29 72 65 74 75 72 6e 20 72 3b 76 61 72 20 73 3d 63 28 6e 2c 72 2b 61 2e 6c 65 6e 67 74 68 29 3b 72 65 74 75 72 6e 20 65 28 74 2c 6e 2c 72 2b 73 2e 6c 65 6e 67 74 68 2b 73 2e 76 61 6c 75 65 2b 61 2e 6c 65 6e 67 74 68 29 7d 2c 70 3d 66 75 6e 63 74 69 6f 6e 20 65 28 74 2c 6e Data Ascii: ((function(t){return e(t)})):"number"==typeof t?Object(i.f)(t):t},h=function e(t,n,r){if(r>=n.length)return n.length;var a=c(n,r,!1);if(Object(i.a)(t.bytes,a.bytes))return r;var s=c(n,r+a.length);return e(t,n,r+s.length+s.value+a.length)},p=function e(t,n
2025-01-09 20:54:45 UTC	1369	IN	Data Raw: 73 2b 3d 75 2b 28 22 68 32 36 34 22 3d 3d 3d 74 3f 31 3a 32 29 7d 65 6c 73 65 20 73 2b 2b 7d 72 65 74 75 72 6e 20 65 2e 73 75 62 61 72 72 61 79 28 30 2c 30 29 7d 2c 62 3d 7b 77 65 62 6d 3a 4f 62 6a 65 63 74 28 69 2e 6b 29 28 5b 31 31 39 2c 31 30 31 2c 39 38 2c 31 30 39 5d 29 2c 6d 61 74 72 6f 73 6b 61 3a 4f 62 6a 65 63 74 28 69 2e 6b 29 28 5b 31 30 39 2c 39 37 2c 31 31 36 2c 31 31 34 2c 31 31 31 2c 31 31 35 2c 31 30 37 2c 39 37 5d 29 2c 66 6c 61 63 3a 4f 62 6a 65 63 74 28 69 2e 6b 29 28 5b 31 30 32 2c 37 36 2c 39 37 2c 36 37 5d 29 2c 6f 67 67 3a 4f 62 6a 65 63 74 28 69 2e 6b 29 28 5b 37 39 2c 31 30 33 2c 31 30 33 2c 38 33 5d 29 2c 61 63 33 3a 4f 62 6a 65 63 74 28 69 2e 6b 29 28 5b 31 31 2c 31 31 39 5d 29 2c 72 69 66 66 3a 4f 62 6a 65 63 74 28 69 2e 6b 29 Data Ascii: s+=u+("h264"===t?1:2)}else s++}return e.subarray(0,0)},b={webm:Object(i.k)([119,101,98,109]),matroska:Object(i.k)([109,97,116,114,111,115,107,97]),flac:Object(i.k)([102,76,97,67]),ogg:Object(i.k)([79,103,103,83]),ac3:Object(i.k)([11,119]),riff:Object(i.k)
2025-01-09 20:54:45 UTC	1369	IN	Data Raw: 30 5d 3b 66 6f 72 28 76 61 72 20 74 3d 30 3b 74 2b 31 38 38 3c 65 2e 6c 65 6e 67 74 68 26 26 74 3c 31 38 38 3b 29 7b 69 66 28 37 31 3d 3d 3d 65 5b 74 5d 26 26 37 31 3d 3d 3d 65 5b 74 2b 31 38 38 5d 29 72 65 74 75 72 6e 21 30 3b 74 2b 3d 31 7d 72 65 74 75 72 6e 21 31 7d 2c 66 6c 61 63 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 4f 62 6a 65 63 74 28 66 2e 61 29 28 65 29 3b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 28 69 2e 61 29 28 65 2c 62 2e 66 6c 61 63 2c 7b 6f 66 66 73 65 74 3a 74 7d 29 7d 2c 6f 67 67 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 28 69 2e 61 29 28 65 2c 62 2e 6f 67 67 29 7d 2c 61 76 69 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 28 69 2e 61 29 28 65 2c 62 2e 72 Data Ascii: 0];for(var t=0;t+188<e.length&&t<188;){if(71===e[t]&&71===e[t+188])return!0;t+=1}return!1},flac:function(e){var t=Object(f.a)(e);return Object(i.a)(e,b.flac,{offset:t})},ogg:function(e){return Object(i.a)(e,b.ogg)},avi:function(e){return Object(i.a)(e,b.r
2025-01-09 20:54:45 UTC	1369	IN	Data Raw: 72 70 65 72 22 2c 22 43 68 61 72 6c 6f 74 74 65 22 2c 22 41 6d 65 6c 69 61 22 2c 22 42 65 6e 6a 61 6d 69 6e 22 2c 22 57 69 6c 6c 69 61 6d 22 2c 22 4a 61 6d 65 73 22 2c 22 45 76 65 6c 79 6e 22 2c 22 41 62 69 67 61 69 6c 22 5d 2c 75 3d 5b 22 41 6c 61 62 61 6d 61 22 2c 22 41 6c 61 73 6b 61 22 2c 22 41 72 69 7a 6f 6e 61 22 2c 22 41 72 6b 61 6e 73 61 73 22 2c 22 43 61 6c 69 66 6f 72 6e 69 61 22 2c 22 43 6f 6c 6f 72 61 64 6f 22 2c 22 43 6f 6e 6e 65 63 74 69 63 75 74 22 2c 22 44 65 6c 61 77 61 72 65 22 2c 22 46 6c 6f 72 69 64 61 22 2c 22 47 65 6f 72 67 69 61 22 2c 22 48 61 77 61 69 69 22 2c 22 49 64 61 68 6f 22 2c 22 49 6c 6c 69 6e 6f 69 73 22 2c 22 49 6e 64 69 61 6e 61 22 2c 22 49 6f 77 61 22 2c 22 4b 61 6e 73 61 73 22 2c 22 4b 65 6e 74 75 63 6b 79 22 2c 22 4c Data Ascii: rper","Charlotte","Amelia","Benjamin","William","James","Evelyn","Abigail"],u=["Alabama","Alaska","Arizona","Arkansas","California","Colorado","Connecticut","Delaware","Florida","Georgia","Hawaii","Idaho","Illinois","Indiana","Iowa","Kansas","Kentucky","L
2025-01-09 20:54:45 UTC	1369	IN	Data Raw: 69 73 2c 7b 77 69 64 74 68 3a 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 7d 2c 73 65 74 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 69 66 28 21 72 28 74 29 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 57 69 64 74 68 20 6d 75 73 74 20 62 65 20 62 65 74 77 65 65 6e 20 30 20 61 6e 64 20 31 30 30 2e 22 29 3b 65 3d 74 7d 7d 2c 6c 69 6e 65 73 3a 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 7d 2c 73 65 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 22 6e 75 6d 62 65 72 22 21 3d 74 79 70 65 6f 66 20 65 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 4c 69 6e 65 73 20 6d 75 73 74 20 62 65 20 73 65 74 Data Ascii: is,{width:{enumerable:!0,get:function(){return e},set:function(t){if(!r(t))throw new Error("Width must be between 0 and 100.");e=t}},lines:{enumerable:!0,get:function(){return t},set:function(e){if("number"!=typeof e)throw new TypeError("Lines must be set
2025-01-09 20:54:45 UTC	1369	IN	Data Raw: 74 75 72 6e 20 61 7d 7d 29 2e 63 61 6c 6c 28 74 68 69 73 2c 6e 28 22 74 6a 6c 41 22 29 2e 42 75 66 66 65 72 29 7d 2c 30 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 6e 28 22 62 55 43 35 22 29 2c 6e 28 22 58 45 58 6b 22 29 2c 6e 28 22 4f 31 6e 2b 22 29 2c 6e 28 22 69 57 4b 58 22 29 2c 6e 28 22 58 61 69 55 22 29 2c 65 2e 65 78 70 6f 72 74 73 3d 6e 28 22 67 71 41 69 22 29 7d 2c 22 30 43 78 4f 22 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 3d 6e 28 22 37 7a 52 6a 22 29 2c 69 3d 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 7c 7c 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 7d 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 74 29 7b 69 66 28 31 21 3d 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 29 74 68 72 Data Ascii: turn a}}).call(this,n("tjlA").Buffer)},0:function(e,t,n){n("bUC5"),n("XEXk"),n("O1n+"),n("iWKX"),n("XaiU"),e.exports=n("gqAi")},"0CxO":function(e,t,n){var r=n("7zRj"),i=Object.create\|\|function(){function e(){}return function(t){if(1!==arguments.length)thr

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:46 UTC	544	OUT	GET /conversions.js?siteId=567 HTTP/1.1 Host: dashboard.heatmap.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://visi-sharp.net/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-09 20:54:46 UTC	564	IN	HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 33727 Connection: close Date: Thu, 09 Jan 2025 12:04:45 GMT Last-Modified: Thu, 19 Dec 2024 07:50:44 GMT ETag: "872b3f697ea7735c21ebfe6e56704e41" Server: AmazonS3 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P6 X-Amz-Cf-Id: uFe5Ze1e6NE5n9HZ5VdbD8tavvl5cruiAV8kjoWTvL279upWgtwJjA== Age: 31802 X-XSS-Protection: 1; mode=block Referrer-Policy: origin X-Content-Type-Options: nosniff
2025-01-09 20:54:46 UTC	16384	IN	Data Raw: 63 6c 61 73 73 20 43 6f 6e 76 65 72 73 69 6f 6e 73 48 61 6e 64 6c 65 72 7b 73 69 74 65 49 64 3d 30 3b 75 72 6c 50 61 72 61 6d 73 3d 6e 75 6c 6c 3b 68 65 61 74 6d 61 70 53 65 6e 74 54 72 61 6e 73 61 63 74 69 6f 6e 3d 21 31 3b 68 65 61 74 6d 61 70 54 68 61 6e 6b 59 6f 75 48 61 73 53 65 6e 74 54 72 78 3d 21 31 3b 68 65 61 74 6d 61 70 45 78 65 63 75 74 65 47 54 4d 44 61 74 61 4c 61 79 65 72 53 74 61 74 65 3d 21 31 3b 73 65 6e 64 4c 61 6d 62 64 61 44 61 74 61 4c 61 79 65 72 4f 62 6a 65 63 74 3d 21 31 3b 68 65 61 74 6d 61 70 55 70 53 65 6c 6c 43 6f 75 6e 74 3d 30 3b 74 65 6d 70 48 65 61 74 6d 61 70 53 69 74 65 49 64 3d 30 3b 74 65 6d 70 48 65 61 74 6d 61 70 54 72 61 63 6b 65 72 55 52 4c 3b 68 65 61 74 6d 61 70 4e 65 77 56 69 73 69 74 6f 72 3d 30 3b 68 65 61 74 Data Ascii: class ConversionsHandler{siteId=0;urlParams=null;heatmapSentTransaction=!1;heatmapThankYouHasSentTrx=!1;heatmapExecuteGTMDataLayerState=!1;sendLambdaDataLayerObject=!1;heatmapUpSellCount=0;tempHeatmapSiteId=0;tempHeatmapTrackerURL;heatmapNewVisitor=0;heat
2025-01-09 20:54:46 UTC	16384	IN	Data Raw: 3d 24 7b 74 68 69 73 2e 73 69 74 65 49 64 7d 26 69 64 6f 72 64 65 72 3d 24 7b 65 5a 2e 69 64 6f 72 64 65 72 7d 60 2c 65 5a 2c 74 68 69 73 2e 73 69 74 65 49 64 2c 65 5a 2e 69 64 6f 72 64 65 72 29 7d 7d 63 61 74 63 68 28 74 65 29 7b 7d 7d 23 42 28 29 7b 69 66 28 42 6f 6f 6c 65 61 6e 28 74 68 69 73 2e 68 65 61 74 6d 61 70 54 68 61 6e 6b 59 6f 75 48 61 73 53 65 6e 74 54 72 78 29 29 72 65 74 75 72 6e 3b 6c 65 74 20 74 74 3d 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 27 2e 63 61 72 74 5f 5f 73 75 62 6d 69 74 2d 63 6f 6e 74 72 6f 6c 73 20 69 6e 70 75 74 5b 6e 61 6d 65 3d 22 63 68 65 63 6b 6f 75 74 22 5d 27 29 3b 76 61 72 20 74 72 3d 6c 6f 63 61 6c 53 74 6f 72 61 67 65 2e 67 65 74 49 74 65 6d 28 22 6d 6f 64 69 66 79 48 65 61 6c 74 68 4f Data Ascii: =${this.siteId}&idorder=${eZ.idorder}`,eZ,this.siteId,eZ.idorder)}}catch(te){}}#B(){if(Boolean(this.heatmapThankYouHasSentTrx))return;let tt=document.querySelector('.cart__submit-controls input[name="checkout"]');var tr=localStorage.getItem("modifyHealthO
2025-01-09 20:54:46 UTC	959	IN	Data Raw: 6a 2e 61 70 69 50 61 74 68 73 29 7c 7c 28 63 6f 6e 76 4f 62 6a 3d 6e 65 77 20 43 6f 6e 76 65 72 73 69 6f 6e 73 48 61 6e 64 6c 65 72 29 2e 69 6e 69 74 28 29 3b 63 6f 6e 73 74 20 68 65 61 74 6d 61 70 52 61 77 43 6f 6e 76 65 72 73 69 6f 6e 54 72 61 6e 73 61 63 74 69 6f 6e 3d 28 65 2c 74 2c 72 29 3d 3e 7b 63 6f 6e 76 4f 62 6a 2e 68 65 61 74 6d 61 70 52 61 77 43 6f 6e 76 65 72 73 69 6f 6e 54 72 61 6e 73 61 63 74 69 6f 6e 28 72 29 7d 2c 70 72 6f 63 65 73 73 53 6b 69 6e 6e 79 72 78 3d 65 3d 3e 7b 63 6f 6e 76 4f 62 6a 2e 70 72 6f 63 65 73 73 53 6b 69 6e 6e 79 72 78 28 65 29 7d 2c 76 65 74 72 69 6e 65 78 6c 61 62 73 43 6f 6e 76 65 72 73 69 6f 6e 3d 65 3d 3e 7b 63 6f 6e 76 4f 62 6a 2e 76 65 74 72 69 6e 65 78 6c 61 62 73 43 6f 6e 76 65 72 73 69 6f 6e 28 65 29 7d 2c Data Ascii: j.apiPaths)\|\|(convObj=new ConversionsHandler).init();const heatmapRawConversionTransaction=(e,t,r)=>{convObj.heatmapRawConversionTransaction(r)},processSkinnyrx=e=>{convObj.processSkinnyrx(e)},vetrinexlabsConversion=e=>{convObj.vetrinexlabsConversion(e)},

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:46 UTC	2575	OUT	GET /images/best_value_v2.png HTTP/1.1 Host: visi-sharp.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVG [TRUNCATED]
2025-01-09 20:54:46 UTC	998	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:46 GMT Content-Type: image/png Content-Length: 155991 Connection: close Last-Modified: Tue, 21 May 2024 12:01:13 GMT ETag: "664c8d09-26157" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 2270 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5aQs6I0F6sjeZD%2B5WRqyu3%2FT0vWUS2%2Bvx0WQV5VkcdcNk8%2FUfz6ADL632ksNdXvvCB0i0OcKQAXq5V4Awcjntk9ZWng6CyILCDycRvortAC1GeKIrCtktEAka5X7QfZUJQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff7530a7e948cda-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=5571&min_rtt=1823&rtt_var=3091&sent=4&recv=8&lost=0&retrans=0&sent_bytes=2832&recv_bytes=3153&delivery_rate=1601755&cwnd=242&unsent_bytes=0&cid=7abf52087299c585&ts=114&x=0"
2025-01-09 20:54:46 UTC	371	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 ee 00 00 01 ab 08 06 00 00 00 06 82 74 89 00 00 20 00 49 44 41 54 78 9c ec 5d 05 9c 1c d5 fd ff be 99 dd bd 3d 97 e4 2e 76 f1 60 21 40 20 02 c4 f0 a0 81 e2 d2 02 29 12 20 58 5b 68 71 77 f7 e0 94 e2 10 a4 68 21 48 20 6e 24 90 d0 04 8d dc c5 fd ee 72 ba bb f3 fe 9f 99 79 f2 7b 33 7b 38 ed 3f e9 fc e0 b2 b3 33 cf e6 cd ec fb be 9f 33 ce 39 22 8a 28 a2 ff 2e 2d 1a 7f c6 a9 1c dc 86 fb 73 64 00 63 ac b9 fb 9e 0f ff e3 bf 39 a8 e5 d3 46 ef e9 70 de 1e ee a0 18 b8 65 c5 d2 1d 07 de ff 4a f4 aa 44 14 d1 7f 97 22 e0 8e 28 a2 ff 12 2d 1a 7f c6 3d 56 cc 3e 80 d9 6c eb 58 2c 06 3b 27 0e ef f7 e8 00 99 4c 0a 4e 2a 0d 27 e3 2c e0 0e 7f ab db 1e 0f ff ed 3f 31 ca a5 53 ce ba 02 0c 87 5a b6 d5 df 76 c7 14 b3 61 59 Data Ascii: PNGIHDRt IDATx]=.v`!@ ) X[hqwh!H n$ry{3{8?339"(.-sdc9FpeJD"(-=V>lX,;'LN*',?1SZvaY
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: a1 a5 b9 09 2d 8d 2d 6b 19 70 59 87 81 0f 3c 12 bd 43 11 45 f4 9f a3 08 b8 23 8a e8 3f 48 8b 27 9c 35 27 96 13 eb 9b 2c 2a 82 1d 8b fb c0 88 ec bf 41 26 cf 33 20 dd 9c 46 63 6d 2d 32 a9 f4 ab dd 86 3d 7c e4 af 39 e2 ea 49 67 3c 6d c7 63 7f c8 2d 29 44 3c 1e 53 28 cd 68 21 26 be 33 80 73 e6 8d 2d 93 c9 a0 a1 a6 1e 4e 3a fd 5e 87 81 0f 1c 10 bd 47 11 45 f4 9f a1 08 b8 23 8a e8 3f 44 4b 26 9c f5 59 3c 3f b9 53 4e 41 21 2c 26 90 d0 65 68 19 07 e3 41 a4 f4 7f 97 8c 7e e3 1c f5 1b 36 20 d3 92 99 d1 75 e8 43 bb fe 1a a3 ae 9a 7c c6 27 b1 44 7c 58 61 59 31 c0 2c c1 f9 4b 94 e6 d0 10 ee b3 dd fe 11 17 32 01 17 be 1d 34 d6 35 20 d5 d8 1c 81 77 44 11 fd 87 c8 8a 26 3a a2 88 7e 7b 5a 3c e1 cc 89 f1 fc dc 9d 92 85 45 1e 43 2b b7 cb 5c 88 a2 c5 17 f1 e9 e8 f1 d0 7d 35 Data Ascii: --kpY<CE#?H'5',*A&3 Fcm-2=\|9Ig<mc-)D<S(h!&3s-N:^GE#?DK&Y<?SNA!,&ehA~6 uC\|'D\|XaY1,K245 wD&:~{Z<EC+\}5
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 2d c3 a8 2d d3 92 42 43 5d bd 1b fd ed df 0c b8 b7 fd 80 ef 0f d4 b2 72 e6 39 17 c1 b2 7e 1f 4b 24 76 c8 2d cc 83 65 d9 86 f4 5e 6d 18 a4 8e 9d cc 91 3f 66 df 49 c6 c9 64 d0 5c df 88 a6 4d 0d 97 55 ee 76 6f 14 dd 2d a2 2d 8e 22 e0 8e 68 8b a3 85 e3 cf 39 29 bf 24 f1 0f 3b b7 ad d0 63 f3 00 70 53 a0 96 dc ae 43 30 4d ba 46 f9 60 e0 a4 9b 91 69 69 44 a6 b9 d9 d5 ab ae 71 32 7c ae 07 ec a2 86 65 b1 5e cc 66 95 76 3c 1e 73 c5 d2 b1 44 ae 10 37 3b 84 2d a6 80 6d 69 97 2f c2 1c 7b 46 60 06 db ab c7 42 34 cd da d7 1a 3c 80 5f 12 84 83 fa 6a ea 9f 1d f8 bd 2b 7d 39 42 7e da fe ff 94 73 97 f7 42 ad cc c9 a6 c0 62 c4 07 1c 0a fc 53 8d 2d 48 b5 b4 20 d5 dc d2 c8 81 cf c0 f9 bf 2d c6 84 2c 81 b9 12 f7 dd 60 5b 7d 5c 51 7e 22 37 07 76 3c ae 74 f8 3c b4 e5 60 64 6f a3 Data Ascii: --BC]r9~K$v-e^m?fId\MUvo--"h9)$;cpSC0MF`iiDq2\|e^fv<sD7;-mi/{F`B4<_j+}9B~sBbS-H -,`[}\Q~"7v<t<`do
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: c0 97 1b 81 76 39 d1 63 93 53 ea 32 05 ae 80 65 37 11 bf cb b2 fa 7c 00 f8 04 08 1b 63 cb d6 5f 96 6b ad 73 fe a6 a8 9b 93 b1 84 8d e5 78 e8 5e 7c e6 5a 6e 3a 98 aa af fd bf b9 e6 a6 59 2b e3 24 dc 36 cd 8e 66 14 65 96 06 71 c5 5d 53 6b 73 29 0a 97 80 1e 34 50 23 58 2f ca e5 e4 17 22 a7 a0 e8 da a5 d3 fe 72 65 b6 51 45 14 d1 e6 42 91 1f 77 44 bf 29 55 4f bd f8 f4 dc 82 f8 c5 f1 04 eb cc 2c 27 0e c4 05 06 64 c0 78 0b d2 69 ab be b9 31 35 b3 a1 a6 f9 d4 9e fb dc bb f0 c7 8e e5 db 0f ce ed 5e 58 96 33 dd 4e d8 e5 3c 56 a0 38 2b e9 83 cc 39 13 01 50 cc c4 99 2e d0 30 e5 2f cc 15 97 28 ff 95 f1 45 74 9c 70 17 b8 6c 30 69 8d ae 02 a0 70 c2 69 32 22 5a 0f 3a 4a 67 47 da b0 97 35 42 a0 c7 42 d2 65 e9 73 ee e8 00 24 0c 64 2c dc 14 2d ab 60 29 90 5e cf ea 82 bc 0b Data Ascii: v9cS2e7\|c_ksx^\|Zn:Y+$6feq]Sks)4P#X/"reQEBwD)UO,'dxi15^X3N<V8+9P.0/(Etpl0ipi2"Z:JgG5BBes$d,-`)^
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: a8 ab 6f c1 8c 7f 9d 8a 6e de 58 20 c4 d2 c1 b6 18 ca 77 b8 c3 eb 3b 16 f3 c1 ad 5d db 7c e4 e7 25 d0 b7 4f 3b 5c 76 fe 10 74 ab 2c d1 1c b7 05 b3 be c5 74 9a 4f c9 99 0b 71 b8 e4 be 35 77 6e 1e 1b 81 57 18 11 99 ab c7 6a ea af e5 9d 73 02 e4 fe 86 51 c4 88 57 cf c8 d2 1b 3a 8f 44 79 ce 94 9a a5 35 ee d9 fc 1e b8 c6 2c f1 10 6d b1 07 14 dc bc ac c7 63 48 37 37 62 d3 da 45 cf 77 ea ff d7 13 42 0f 25 a2 88 7e 06 c5 a2 49 8b e8 d7 a0 95 b3 2f bf a1 b8 2c d1 a7 d9 ee 0e 78 1c 87 a3 b8 58 16 12 5b c2 5b fc 38 5a c4 b1 09 da 12 f4 7d 0c 0e 72 8e 50 75 20 8c c7 34 98 73 a5 ff 0c ba 7d f9 8c b6 8e e9 6d 1a 97 f9 6d f8 98 ae fd b1 19 a8 a8 56 8e de 31 b4 bd c1 02 55 4b 37 60 e9 8a 3a 3c fb ca 5c 2c aa da 80 15 ab 37 61 f5 da 7a 64 32 1c a3 4e dc 05 d7 fe 6d 4f df Data Ascii: onX w;]\|%O;\vt,tOq5wnWjsQW:Dy5,mcH77bEwB%~I/,xX[[8Z}rPu 4s}mmV1UK7`:<\,7azd2NmO
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: bc 37 fe 6b 8c 9f bc 18 d5 cb 36 90 b6 48 48 54 4e c6 4c 9a 1d d4 af d2 33 ea 5a f0 cd 1a 03 98 01 13 f8 4c ab 77 a0 63 bb 42 f3 3e 69 be 6b 23 a4 a9 a3 ae 1b 1b 81 10 78 07 b2 80 d1 b9 0b cd a7 aa e1 e9 b2 5b 2f ca f4 bf 1c 78 fc 8e 43 d0 d8 94 c6 3d 8f 4e 27 1b 01 a9 22 11 06 69 fa 26 f4 b8 89 9c df 00 ef e0 98 a8 8a 82 e8 c9 19 e1 c2 19 03 31 2c b3 0c 0b 78 ad 83 d6 d7 35 17 2e 23 b2 41 59 8e 4b c0 f5 eb db 81 d0 a9 02 84 85 c8 9c 29 cb 74 b1 61 55 f5 2c c1 b1 4b 1d b9 df b7 6b a5 9e 53 d0 7e 87 e0 ac 47 14 d1 4f a5 08 b8 23 fa 45 b4 6c c6 a5 a7 3a ac 90 70 c7 8e 5a b8 25 67 0c e1 5f ab 45 c3 10 a2 6b ae 74 dd 3a 51 86 65 8a b4 95 68 bb 15 b0 52 e4 a8 76 25 28 2a c0 57 ed 04 39 4e 75 d9 07 71 63 1c c0 a9 27 ec ec 7d 3e f6 dc 6c 91 78 83 86 27 75 02 f5 Data Ascii: 7k6HHTNL3ZLwcB>ik#x[/xC=N'"i&1,x5.#AYK)taU,KkS~GO#El:pZ%g_Ekt:QehRv%(*W9Nuqc'}>lx'u
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 0d 13 a3 24 a9 c3 96 a4 16 bd 6c 16 eb 04 38 79 46 e9 b6 a5 c8 5d 6f 20 b8 91 b2 72 c4 f0 6d bc cf bd 87 76 47 db 36 f9 38 76 d4 58 cf 82 9c 4b 63 37 69 b9 ce 81 23 0f de ce e3 7c 5f 7d fb cb 70 bf ea 5e 82 3e e9 1c 03 fb 76 f4 16 f6 f7 3e fe 56 83 6a 50 57 8c b0 ce bd a2 4d 1e aa 57 d4 62 50 ff 4a 71 ca 21 65 78 96 fa 4e eb 00 1a e4 f6 b3 14 e2 9c ce 36 c7 e4 99 4b bd e0 2b fb 0c e9 4a fa 91 fc bd e3 db 17 06 c6 b0 70 c9 06 74 71 a3 b9 79 20 6c ea e0 95 0c 24 64 91 4f c4 c8 59 ac df 5f 78 f5 33 0f b4 f7 db 73 6b 7c 3b eb 52 0c 1b d4 33 24 6d e9 d6 a5 0d de 78 fe 2c 8c 7b f5 5c 7c 38 e1 2b 1c 7a fc 18 e2 fa 05 a1 e3 b6 08 30 53 70 b6 b5 65 b8 6a 59 96 b5 cd f7 8d 69 f1 b8 34 34 33 75 e6 fa 4f bd ee c2 60 4e 59 a2 4b a3 39 cf ba 3c 17 b9 a5 dd 6f c9 f2 c4 Data Ascii: $l8yF]o rmvG68vXKc7i#\|_}p^>v>VjPWMWbPJq!exN6K+Jptqy l$dOY_x3sk\|;R3$mx,{\\|8+z0SpejYi443uO`NYK9<o
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: ca d7 44 57 ad f5 db fa ad f4 ad c2 8f fb e3 3d 38 e9 cc 07 c8 fb 6a 9b 00 cd 44 1a 4f 15 74 85 11 8e 9c a6 f8 84 01 ca ea 3b fd 64 94 2b f7 ff 2c 2b 86 44 5e 31 0a da f5 39 65 cd 82 67 16 54 4f bf a9 7f 2b 37 1d 51 44 06 45 56 e5 ff 23 b4 6c fa d5 27 5a f1 d8 c1 96 6d 77 d3 2b 9e c3 32 a9 d4 eb e9 96 d4 b3 5d 06 df b0 38 db 4c 2c 9d 7e f9 c8 64 7e f2 ba a2 36 79 95 2c 51 09 c4 cb 45 60 13 26 38 6b 6e 84 12 d5 82 cc 80 3e 5a 1a ad 41 0a a2 b9 06 57 a3 76 e0 ab 30 67 f6 d7 7e df e2 5c 72 6a 6e 58 4e 37 d0 c9 71 a3 5e c2 0b 8f 1c 8d 41 d2 0a 9b 70 de 46 16 30 22 a2 65 c8 60 bb ad da 60 ea a7 4b 49 87 dc b3 00 7f e1 a1 c3 71 de 65 ef a1 df fe 8f e1 be 1b f6 c7 a0 7e 9d b0 73 9f 76 98 38 bd 9a 80 1e 0f 8f d7 00 37 07 c7 1f be 9d e7 93 ed 1a 9b 75 16 69 34 8d Data Ascii: DW=8jDOt;d+,+D^19egTO+7QDEV#l'Zmw+2]8L,~d~6y,QE`&8kn>ZAWv0g~\rjnXN7q^ApF0"e``KIqe~sv87ui4
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 17 f1 dc a2 78 8e d3 b6 92 73 54 02 6c 17 5f b4 6e 7b 65 38 6d 57 8c 45 49 a1 62 6d f3 e2 c9 b2 13 33 a9 c6 e3 57 ce 7d fc 9a f6 3b 9e 7a 3d 22 da e2 28 d2 71 6f 81 b4 6a ee ad f3 92 25 e5 e7 e7 94 ee 62 c5 0b b6 01 b3 72 0c 6e 06 06 ec f9 9f cc 4a c2 8a 95 80 c5 8a c0 62 85 02 b4 1d 9f 6b 96 b1 b9 b9 00 52 e5 82 e5 08 9d 9f 04 63 c9 7d 8b 70 a7 74 f1 87 a3 ad cf 55 3b 34 48 0b cb 92 ac 01 66 ca 45 45 01 71 a5 0b b2 ef 9d 86 82 fc 04 0e 3f 65 6c 40 af 4b 75 b9 da 12 dc 3d 76 c5 d7 ed 5d b7 30 25 2e e7 44 2f ee 97 7d e6 fe 11 d8 73 50 57 dc 78 ef 54 0f 84 e7 7c b1 ca d0 cf ca 6c 65 fa 3e 64 4b 7e 99 8f c7 1e 8f 9b 2e de 83 f4 8b 80 ae 9f 0e 8f 3c 15 1e bc 68 3e 35 1d c3 9d 82 9c 19 97 5c 57 71 0c 7d b9 fa d7 88 53 1e 98 2e 0e c3 8f 9b 07 1a a6 3e d9 c1 5c Data Ascii: xsTl_n{e8mWEIbm3W};z="(qoj%brnJbkRc}ptU;4HfEEq?el@Ku=v]0%.D/}sPWxT\|le>dK~.<h>5\Wq}S.>\
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: cc 1b 0a 84 cd 34 91 90 1b 7f 5a d0 2d 0d a6 58 48 7f ad 39 6c 4b d7 f5 aa 49 37 ad 20 c7 0d 83 1b bf ef 91 f7 d1 79 c7 8b 71 ed 6d 6f 63 f6 e7 d5 de f9 87 9e 9c 84 ae 7d af c4 94 19 8b c8 d0 24 47 cf 48 7d b1 fe 2b bd 39 cc 3e 18 c3 b4 59 4b f1 c0 93 b3 3d ff e9 39 f3 56 e1 c4 73 5e 57 a0 a1 43 b1 d2 fb cf 60 db ad da 60 ce bf 57 07 c2 88 9a 63 97 e5 69 1e 6d 7f 6e a9 98 9b 72 bd 81 a8 66 82 63 54 3b 01 1e d6 77 1b 5c 6b 36 ae 97 7e 55 21 4d 49 7d 52 cc 0c e0 42 c1 3f a0 ef 56 e3 d2 1b 94 70 7f 92 3b 46 80 eb a5 a2 f2 2c 3b 05 43 ec ef 98 55 d4 3f e4 85 24 11 e0 1e bb fb 68 1c 7b f8 4e b8 ff b1 c9 d8 79 af 3b f1 c2 ab 9f 9a cd 73 e0 ce 07 3e 40 c7 ed 2e c2 ca d5 75 78 67 ec 79 c2 28 4d d8 65 04 72 79 bb ef eb 35 37 8f f5 8e ee bd f5 74 e2 da 65 13 e0 d4 Data Ascii: 4Z-XH9lKI7 yqmoc}$GH}+9>YK=9Vs^WC``WcimnrfcT;w\k6~U!MI}RB?Vp;F,;CU?$h{Ny;s>@.uxgy(Mery57te

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:46 UTC	2869	OUT	GET /images/Delaware.png HTTP/1.1 Host: visi-sharp.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVG [TRUNCATED]
2025-01-09 20:54:46 UTC	994	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:46 GMT Content-Type: image/png Content-Length: 4565 Connection: close Last-Modified: Tue, 21 May 2024 12:01:13 GMT ETag: "664c8d09-11d5" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 1236 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UoiU4bBe63s%2Bap4dqU8Bs9hoPsCMfXCEJIjg%2FhTgjiNIFyHfCkMnTwXHa9jp9Wkzz1I%2BTQnzfYkXIZhvHxn5p3QVyA5P3rY3YbdsCHixj8AM7XQX4A46zt%2F2V9tAhbpiYA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff7530acbd142d2-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1568&min_rtt=1555&rtt_var=610&sent=4&recv=8&lost=0&retrans=0&sent_bytes=2833&recv_bytes=3447&delivery_rate=1754807&cwnd=229&unsent_bytes=0&cid=8e4db57bf5cb655a&ts=119&x=0"
2025-01-09 20:54:46 UTC	375	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 3f 00 00 00 3d 08 06 00 00 00 1a 97 b1 d4 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 09 70 48 59 73 00 00 0e c3 00 00 0e c3 01 c7 6f a8 64 00 00 11 6a 49 44 41 54 68 43 d5 9b 7b 70 5c 57 7d c7 7f bb ab 7d 4b fb 92 b4 7a bf ac 87 1f 8a 1f 91 e3 34 4e 30 0e cf 0c 4d c0 10 02 81 02 cd 04 18 1e 2d b4 cc 94 fe 41 a6 74 98 52 a6 7f 94 4e a1 9d 14 02 04 08 99 b6 0e 81 40 18 20 31 30 0d ce 24 b1 1d bf e2 87 6c 47 96 f5 5e ad 64 69 1f 5a 69 5f da 95 b6 e7 fb bb f7 ec de bd bb 2b cb 21 b1 9d 8f e6 cc de 7b f6 6a f7 fe ce f9 9d df eb dc 35 7c f6 1f bf 9e eb ee d9 40 60 db ae ad d4 d5 d4 4e 4f ff ea 37 14 4f 24 e8 95 a3 af d0 47 3f 79 3f 3d 77 e0 20 e1 9a 7d Data Ascii: PNGIHDR?=sRGBgAMAapHYsodjIDAThC{p\W}}Kz4N0M-AtRN@ 10$lG^diZi_+!{j5\|@`NO7O$G?y?=w }
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 1d 0e 7a ff 7d f7 d0 b3 bf 3c a0 f6 10 99 8c 85 cb 3f f2 89 0f d3 89 97 4f 50 28 14 e6 f3 e5 d5 2c bf 56 c2 67 75 51 8b a3 81 5c e2 66 24 56 a3 95 9b cb 62 e7 66 36 9a 08 7f 72 80 f0 2a 91 ff 07 c1 4d 06 03 3d f6 d3 47 b9 e1 f8 cc 93 c7 a9 a3 ee 22 35 b6 0c 52 ab db 4e dd ae 76 1e 28 bf bd 36 2f 38 b0 55 59 d5 23 05 23 66 f4 ad 77 ed e1 e6 f1 79 8a 04 dc 3c d0 4f 56 bb 8d 46 87 47 d5 9e 02 5e 9f 97 06 6e 1d a0 93 47 4f aa 3d 95 81 10 5e ab 87 bf bc c6 ec a4 2a 31 23 ce 2a 07 f9 ec 6e 72 98 ed 14 9d 8e f0 20 74 99 5a c4 b9 2d af 19 78 c5 60 00 bb 49 b9 71 cc f8 a7 bf f0 49 b2 88 cf 40 c3 f1 e1 17 5f 26 9f b8 77 f9 1d 7a 56 73 ab ac 51 c3 a1 a8 da a3 60 c4 ec fd e8 e1 c7 b8 9d 3f 31 a8 76 17 f8 c0 47 f7 91 dd 6e e7 e3 95 d5 55 ca e4 56 f8 18 bc e7 9e 77 53 Data Ascii: z}<?OP(,VguQ\f$Vbf6rM=G"5RNv(6/8UY##fwy<OVFG^nGO=^1#*nr tZ-x`IqI@_&wzVsQ`?1vGnUVwS
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: b3 da 49 9d 5d bd 22 ef 2f cc b7 e1 cb fb 1f ce 99 ab ad f9 9b d2 22 93 98 d9 d1 20 35 74 35 e5 d3 d6 98 98 f1 f9 f1 39 aa eb a8 a7 06 87 8f 66 13 61 3e 07 5e e4 d5 a2 e1 9a 8b d1 71 5e df e0 d2 d9 11 1a 18 d8 c1 df 01 83 05 6b 5d 4e 70 00 6d 0a 26 2e 17 55 72 24 e5 04 07 fa f0 f6 dc f4 2a c5 12 b9 fc a0 00 7d 78 6b ba fb 2b 0f 7c 6d 79 69 59 ac e5 1a 32 5b 95 50 53 e2 11 01 47 48 08 f5 f0 7f 3c 42 8d fe 7a 6a 6b 6b 23 93 30 7c 07 9f 7d 9e 9e fc 9f 9f d3 e6 8d 9b c8 5f 5f 27 72 e5 09 7a fc 07 ff 4d 97 67 e7 e8 a5 83 87 84 8a a5 c5 7b 7d 42 c5 4d ac 05 c0 28 ec 94 cf ab dc 74 60 6a 88 dc 36 91 11 3a 8b cb 59 98 f1 09 c4 ec c2 ab 5c 8d e0 20 2d c6 58 89 e7 95 86 73 a0 ed 9b 5b cc d1 ae 0d ba d8 7e 73 4f 2f 07 15 c8 98 b4 c8 74 15 3e f2 e8 e1 e3 94 11 41 0a Data Ascii: I]"/" 5t59fa>^q^k]Npm&.Ur$*}xk+\|myiY2[PSGH<Bzjkk#0\|}__'rzMg{}BM(t`j6:Y\ -Xs[~sO/t>A
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 24 24 92 3a ec 85 99 3d e7 a8 ca 39 ca ae 0a 35 39 b8 ad d5 94 9f e6 82 a7 28 b9 92 a6 e6 86 46 de e4 84 16 00 18 4f 78 83 78 aa 50 b3 43 f6 05 a1 d6 33 7b 57 8b 76 d3 a2 ec cc 23 22 83 e0 10 16 46 4d 6e 17 5d fa e3 10 c7 e8 30 66 52 f0 cb e1 5a ce d3 57 96 95 f2 57 26 ba 85 e3 70 c9 f3 67 6a 45 0c 7d 99 bd 43 67 4f 27 1b 3d b8 31 78 03 78 05 80 f7 36 6c 76 f3 ec c9 19 7d 23 04 d7 53 32 f3 d8 28 40 4d 1c 82 4f c7 95 e0 07 b3 87 58 1c 15 94 6a 97 18 0c 35 02 44 04 16 0a 6e 23 7b dd cb c2 c7 b6 b3 e0 5a ba 3a 46 8a 52 57 d8 8a 4a 55 59 7c fe e8 78 a1 76 f7 46 51 71 e6 61 e4 b4 82 a3 6a 62 10 1a 80 98 5b de 98 36 e3 4a 64 52 64 b4 cf b0 e0 5a 4b ef 6d ff 3d 6d d9 74 8a 8f b5 39 fb f8 a0 b2 fb 5b 0e a7 a3 38 a6 bf 16 14 09 bf d1 d2 ce 2a 2d 05 07 a8 a1 0d 1f Data Ascii: $$:=959(FOxxPC3{Wv#"FMn]0fRZWW&pgjE}CgO'=1xx6lv}#S2(@MOXj5Dn#{Z:FRWJUY\|xvFQqajb[6JdRdZKm=mt9[8*-
2025-01-09 20:54:46 UTC	83	IN	Data Raw: 77 a3 44 74 a0 e8 37 36 17 c2 23 39 ed af a4 b4 60 ef 1d c0 f7 03 fc 82 0a 3e 7b bd 3f 3a c0 1e c0 c5 b1 8e 1b 57 f8 68 34 fa 9a 36 c5 8e 4e 2c d1 53 67 c2 74 62 52 79 ec f4 cd 07 d1 ff 03 b5 cc 6b d4 de a9 2d 87 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: wDt76#9`>{?:Wh46N,SgtbRyk-IENDB`

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:46 UTC	2613	OUT	GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1 Host: visi-sharp.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVG [TRUNCATED]
2025-01-09 20:54:46 UTC	754	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:46 GMT Content-Type: application/javascript Content-Length: 1239 Connection: close Last-Modified: Tue, 07 Jan 2025 11:11:01 GMT ETag: "677d0bc5-4d7" Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8S1QKPxdRRffSUBVSKfM8zd6cu%2BUu0Zs%2FM%2Fxrm3qmHAyEAxhC%2Bt7cOXkHuO5d1jTpiB024NiO0pmSSitWf7pmfBzP5Ztgwt2ZXASgOs1pkLHcuv6k1dYFSbgdkm2ricwyg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff7530ac8e5c327-EWR X-Frame-Options: DENY X-Content-Type-Options: nosniff Expires: Sat, 11 Jan 2025 20:54:46 GMT Cache-Control: max-age=172800 Cache-Control: public Accept-Ranges: bytes
2025-01-09 20:54:46 UTC	615	IN	Data Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 65 28 65 29 7b 74 72 79 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 63 6f 6e 73 6f 6c 65 29 72 65 74 75 72 6e 3b 22 65 72 72 6f 72 22 69 6e 20 63 6f 6e 73 6f 6c 65 3f 63 6f 6e 73 6f 6c 65 2e 65 72 72 6f 72 28 65 29 3a 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 65 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 66 75 6e 63 74 69 6f 6e 20 74 28 65 29 7b 72 65 74 75 72 6e 20 64 2e 69 6e 6e 65 72 48 54 4d 4c 3d 27 3c 61 20 68 72 65 66 3d 22 27 2b 65 2e 72 65 70 6c 61 63 65 28 2f 22 2f 67 2c 22 26 71 75 6f 74 3b 22 29 2b 27 22 3e 3c 2f 61 3e 27 2c 64 2e 63 68 69 6c 64 4e 6f 64 65 73 5b 30 5d 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 68 72 65 66 Data Ascii: !function(){"use strict";function e(e){try{if("undefined"==typeof console)return;"error"in console?console.error(e):console.log(e)}catch(e){}}function t(e){return d.innerHTML='<a href="'+e.replace(/"/g,""")+'"></a>',d.childNodes[0].getAttribute("href
2025-01-09 20:54:46 UTC	624	IN	Data Raw: 72 65 66 2c 61 2b 6c 2e 6c 65 6e 67 74 68 29 29 7d 63 61 74 63 68 28 69 29 7b 65 28 69 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 6f 28 74 29 7b 66 6f 72 28 76 61 72 20 72 3d 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 75 29 2c 63 3d 30 3b 63 3c 72 2e 6c 65 6e 67 74 68 3b 63 2b 2b 29 74 72 79 7b 76 61 72 20 6f 3d 72 5b 63 5d 2c 61 3d 6f 2e 70 61 72 65 6e 74 4e 6f 64 65 2c 69 3d 6f 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 66 29 3b 69 66 28 69 29 7b 76 61 72 20 6c 3d 6e 28 69 2c 30 29 2c 64 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 54 65 78 74 4e 6f 64 65 28 6c 29 3b 61 2e 72 65 70 6c 61 63 65 43 68 69 6c 64 28 64 2c 6f 29 7d 7d 63 61 74 63 68 28 68 29 7b 65 28 68 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 61 28 74 29 7b 66 6f 72 28 76 61 72 20 72 3d Data Ascii: ref,a+l.length))}catch(i){e(i)}}function o(t){for(var r=t.querySelectorAll(u),c=0;c<r.length;c++)try{var o=r[c],a=o.parentNode,i=o.getAttribute(f);if(i){var l=n(i,0),d=document.createTextNode(l);a.replaceChild(d,o)}}catch(h){e(h)}}function a(t){for(var r=

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:46 UTC	2876	OUT	GET /images/most_popular_v2.png HTTP/1.1 Host: visi-sharp.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVG [TRUNCATED]
2025-01-09 20:54:46 UTC	995	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:46 GMT Content-Type: image/png Content-Length: 157266 Connection: close Last-Modified: Tue, 21 May 2024 12:01:13 GMT ETag: "664c8d09-26652" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 6641 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZUwDbf4kc40%2FWdOvGNHbFuMu1zD2M9wKOlaGGTpWgkR3tNQZ8O6f1b2n6KuBXPnj%2FYY0YN9SiQXWES7%2FhnqB2LAgYcUC7WwHdA23WGRnw7QzVESZWkICAjPQueRyodFUdw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff7530ae92ec443-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1660&min_rtt=1648&rtt_var=643&sent=4&recv=8&lost=0&retrans=0&sent_bytes=2833&recv_bytes=3454&delivery_rate=1668571&cwnd=244&unsent_bytes=0&cid=eb07e98503fccac7&ts=129&x=0"
2025-01-09 20:54:46 UTC	374	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 ee 00 00 01 ab 08 06 00 00 00 06 82 74 89 00 00 20 00 49 44 41 54 78 9c ec 5d 05 9c 1c d5 fd ff be 99 dd bd 3d 97 e4 2e 76 f1 60 21 40 20 02 c4 f0 a0 81 e2 d2 02 29 12 20 58 5b 68 71 77 f7 e0 94 e2 10 a4 68 21 48 20 6e 24 90 d0 04 8d dc c5 fd ee 72 ba bb f3 fe 9f 99 79 f2 7b 33 7b 38 ed 3f e9 fc e0 b2 b3 33 cf e6 cd ec fb be 9f 33 ce 39 22 8a 28 a2 ff 2e 2d 1a 7f c6 a9 1c dc 86 fb 73 64 00 63 ac b9 fb 9e 0f ff e3 bf 39 a8 e5 d3 46 ef e9 70 de 1e ee a0 18 b8 65 c5 d2 1d 07 de ff 4a f4 aa 44 14 d1 7f 97 22 e0 8e 28 a2 ff 12 2d 1a 7f c6 3d 56 cc 3e 80 d9 6c eb 58 2c 06 3b 27 0e ef f7 e8 00 99 4c 0a 4e 2a 0d 27 e3 2c e0 0e 7f ab db 1e 0f ff ed 3f 31 ca a5 53 ce ba 02 0c 87 5a b6 d5 df 76 c7 14 b3 61 59 Data Ascii: PNGIHDRt IDATx]=.v`!@ ) X[hqwh!H n$ry{3{8?339"(.-sdc9FpeJD"(-=V>lX,;'LN*',?1SZvaY
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 09 2d 8d 2d 6b 19 70 59 87 81 0f 3c 12 bd 43 11 45 f4 9f a3 08 b8 23 8a e8 3f 48 8b 27 9c 35 27 96 13 eb 9b 2c 2a 82 1d 8b fb c0 88 ec bf 41 26 cf 33 20 dd 9c 46 63 6d 2d 32 a9 f4 ab dd 86 3d 7c e4 af 39 e2 ea 49 67 3c 6d c7 63 7f c8 2d 29 44 3c 1e 53 28 cd 68 21 26 be 33 80 73 e6 8d 2d 93 c9 a0 a1 a6 1e 4e 3a fd 5e 87 81 0f 1c 10 bd 47 11 45 f4 9f a1 08 b8 23 8a e8 3f 44 4b 26 9c f5 59 3c 3f b9 53 4e 41 21 2c 26 90 d0 65 68 19 07 e3 41 a4 f4 7f 97 8c 7e e3 1c f5 1b 36 20 d3 92 99 d1 75 e8 43 bb fe 1a a3 ae 9a 7c c6 27 b1 44 7c 58 61 59 31 c0 2c c1 f9 4b 94 e6 d0 10 ee b3 dd fe 11 17 32 01 17 be 1d 34 d6 35 20 d5 d8 1c 81 77 44 11 fd 87 c8 8a 26 3a a2 88 7e 7b 5a 3c e1 cc 89 f1 fc dc 9d 92 85 45 1e 43 2b b7 cb 5c 88 a2 c5 17 f1 e9 e8 f1 d0 7d 35 03 f2 4b Data Ascii: --kpY<CE#?H'5',*A&3 Fcm-2=\|9Ig<mc-)D<S(h!&3s-N:^GE#?DK&Y<?SNA!,&ehA~6 uC\|'D\|XaY1,K245 wD&:~{Z<EC+\}5K
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 2d d3 92 42 43 5d bd 1b fd ed df 0c b8 b7 fd 80 ef 0f d4 b2 72 e6 39 17 c1 b2 7e 1f 4b 24 76 c8 2d cc 83 65 d9 86 f4 5e 6d 18 a4 8e 9d cc 91 3f 66 df 49 c6 c9 64 d0 5c df 88 a6 4d 0d 97 55 ee 76 6f 14 dd 2d a2 2d 8e 22 e0 8e 68 8b a3 85 e3 cf 39 29 bf 24 f1 0f 3b b7 ad d0 63 f3 00 70 53 a0 96 dc ae 43 30 4d ba 46 f9 60 e0 a4 9b 91 69 69 44 a6 b9 d9 d5 ab ae 71 32 7c ae 07 ec a2 86 65 b1 5e cc 66 95 76 3c 1e 73 c5 d2 b1 44 ae 10 37 3b 84 2d a6 80 6d 69 97 2f c2 1c 7b 46 60 06 db ab c7 42 34 cd da d7 1a 3c 80 5f 12 84 83 fa 6a ea 9f 1d f8 bd 2b 7d 39 42 7e da fe ff 94 73 97 f7 42 ad cc c9 a6 c0 62 c4 07 1c 0a fc 53 8d 2d 48 b5 b4 20 d5 dc d2 c8 81 cf c0 f9 bf 2d c6 84 2c 81 b9 12 f7 dd 60 5b 7d 5c 51 7e 22 37 07 76 3c ae 74 f8 3c b4 e5 60 64 6f a3 6f 5e 97 Data Ascii: -BC]r9~K$v-e^m?fId\MUvo--"h9)$;cpSC0MF`iiDq2\|e^fv<sD7;-mi/{F`B4<_j+}9B~sBbS-H -,`[}\Q~"7v<t<`doo^
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 81 76 39 d1 63 93 53 ea 32 05 ae 80 65 37 11 bf cb b2 fa 7c 00 f8 04 08 1b 63 cb d6 5f 96 6b ad 73 fe a6 a8 9b 93 b1 84 8d e5 78 e8 5e 7c e6 5a 6e 3a 98 aa af fd bf b9 e6 a6 59 2b e3 24 dc 36 cd 8e 66 14 65 96 06 71 c5 5d 53 6b 73 29 0a 97 80 1e 34 50 23 58 2f ca e5 e4 17 22 a7 a0 e8 da a5 d3 fe 72 65 b6 51 45 14 d1 e6 42 91 1f 77 44 bf 29 55 4f bd f8 f4 dc 82 f8 c5 f1 04 eb cc 2c 27 0e c4 05 06 64 c0 78 0b d2 69 ab be b9 31 35 b3 a1 a6 f9 d4 9e fb dc bb f0 c7 8e e5 db 0f ce ed 5e 58 96 33 dd 4e d8 e5 3c 56 a0 38 2b e9 83 cc 39 13 01 50 cc c4 99 2e d0 30 e5 2f cc 15 97 28 ff 95 f1 45 74 9c 70 17 b8 6c 30 69 8d ae 02 a0 70 c2 69 32 22 5a 0f 3a 4a 67 47 da b0 97 35 42 a0 c7 42 d2 65 e9 73 ee e8 00 24 0c 64 2c dc 14 2d ab 60 29 90 5e cf ea 82 bc 0b 95 05 4c Data Ascii: v9cS2e7\|c_ksx^\|Zn:Y+$6feq]Sks)4P#X/"reQEBwD)UO,'dxi15^X3N<V8+9P.0/(Etpl0ipi2"Z:JgG5BBes$d,-`)^L
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: c1 8c 7f 9d 8a 6e de 58 20 c4 d2 c1 b6 18 ca 77 b8 c3 eb 3b 16 f3 c1 ad 5d db 7c e4 e7 25 d0 b7 4f 3b 5c 76 fe 10 74 ab 2c d1 1c b7 05 b3 be c5 74 9a 4f c9 99 0b 71 b8 e4 be 35 77 6e 1e 1b 81 57 18 11 99 ab c7 6a ea af e5 9d 73 02 e4 fe 86 51 c4 88 57 cf c8 d2 1b 3a 8f 44 79 ce 94 9a a5 35 ee d9 fc 1e b8 c6 2c f1 10 6d b1 07 14 dc bc ac c7 63 48 37 37 62 d3 da 45 cf 77 ea ff d7 13 42 0f 25 a2 88 7e 06 c5 a2 49 8b e8 d7 a0 95 b3 2f bf a1 b8 2c d1 a7 d9 ee 0e 78 1c 87 a3 b8 58 16 12 5b c2 5b fc 38 5a c4 b1 09 da 12 f4 7d 0c 0e 72 8e 50 75 20 8c c7 34 98 73 a5 ff 0c ba 7d f9 8c b6 8e e9 6d 1a 97 f9 6d f8 98 ae fd b1 19 a8 a8 56 8e de 31 b4 bd c1 02 55 4b 37 60 e9 8a 3a 3c fb ca 5c 2c aa da 80 15 ab 37 61 f5 da 7a 64 32 1c a3 4e dc 05 d7 fe 6d 4f df 70 8e 4a Data Ascii: nX w;]\|%O;\vt,tOq5wnWjsQW:Dy5,mcH77bEwB%~I/,xX[[8Z}rPu 4s}mmV1UK7`:<\,7azd2NmOpJ
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 6b 8c 9f bc 18 d5 cb 36 90 b6 48 48 54 4e c6 4c 9a 1d d4 af d2 33 ea 5a f0 cd 1a 03 98 01 13 f8 4c ab 77 a0 63 bb 42 f3 3e 69 be 6b 23 a4 a9 a3 ae 1b 1b 81 10 78 07 b2 80 d1 b9 0b cd a7 aa e1 e9 b2 5b 2f ca f4 bf 1c 78 fc 8e 43 d0 d8 94 c6 3d 8f 4e 27 1b 01 a9 22 11 06 69 fa 26 f4 b8 89 9c df 00 ef e0 98 a8 8a 82 e8 c9 19 e1 c2 19 03 31 2c b3 0c 0b 78 ad 83 d6 d7 35 17 2e 23 b2 41 59 8e 4b c0 f5 eb db 81 d0 a9 02 84 85 c8 9c 29 cb 74 b1 61 55 f5 2c c1 b1 4b 1d b9 df b7 6b a5 9e 53 d0 7e 87 e0 ac 47 14 d1 4f a5 08 b8 23 fa 45 b4 6c c6 a5 a7 3a ac 90 70 c7 8e 5a b8 25 67 0c e1 5f ab 45 c3 10 a2 6b ae 74 dd 3a 51 86 65 8a b4 95 68 bb 15 b0 52 e4 a8 76 25 28 2a c0 57 ed 04 39 4e 75 d9 07 71 63 1c c0 a9 27 ec ec 7d 3e f6 dc 6c 91 78 83 86 27 75 02 f5 29 78 3b Data Ascii: k6HHTNL3ZLwcB>ik#x[/xC=N'"i&1,x5.#AYK)taU,KkS~GO#El:pZ%g_Ekt:QehRv%(*W9Nuqc'}>lx'u)x;
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 24 a9 c3 96 a4 16 bd 6c 16 eb 04 38 79 46 e9 b6 a5 c8 5d 6f 20 b8 91 b2 72 c4 f0 6d bc cf bd 87 76 47 db 36 f9 38 76 d4 58 cf 82 9c 4b 63 37 69 b9 ce 81 23 0f de ce e3 7c 5f 7d fb cb 70 bf ea 5e 82 3e e9 1c 03 fb 76 f4 16 f6 f7 3e fe 56 83 6a 50 57 8c b0 ce bd a2 4d 1e aa 57 d4 62 50 ff 4a 71 ca 21 65 78 96 fa 4e eb 00 1a e4 f6 b3 14 e2 9c ce 36 c7 e4 99 4b bd e0 2b fb 0c e9 4a fa 91 fc bd e3 db 17 06 c6 b0 70 c9 06 74 71 a3 b9 79 20 6c ea e0 95 0c 24 64 91 4f c4 c8 59 ac df 5f 78 f5 33 0f b4 f7 db 73 6b 7c 3b eb 52 0c 1b d4 33 24 6d e9 d6 a5 0d de 78 fe 2c 8c 7b f5 5c 7c 38 e1 2b 1c 7a fc 18 e2 fa 05 a1 e3 b6 08 30 53 70 b6 b5 65 b8 6a 59 96 b5 cd f7 8d 69 f1 b8 34 34 33 75 e6 fa 4f bd ee c2 60 4e 59 a2 4b a3 39 cf ba 3c 17 b9 a5 dd 6f c9 f2 c4 22 8a e8 Data Ascii: $l8yF]o rmvG68vXKc7i#\|_}p^>v>VjPWMWbPJq!exN6K+Jptqy l$dOY_x3sk\|;R3$mx,{\\|8+z0SpejYi443uO`NYK9<o"
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 57 ad f5 db fa ad f4 ad c2 8f fb e3 3d 38 e9 cc 07 c8 fb 6a 9b 00 cd 44 1a 4f 15 74 85 11 8e 9c a6 f8 84 01 ca ea 3b fd 64 94 2b f7 ff 2c 2b 86 44 5e 31 0a da f5 39 65 cd 82 67 16 54 4f bf a9 7f 2b 37 1d 51 44 06 45 56 e5 ff 23 b4 6c fa d5 27 5a f1 d8 c1 96 6d 77 d3 2b 9e c3 32 a9 d4 eb e9 96 d4 b3 5d 06 df b0 38 db 4c 2c 9d 7e f9 c8 64 7e f2 ba a2 36 79 95 2c 51 09 c4 cb 45 60 13 26 38 6b 6e 84 12 d5 82 cc 80 3e 5a 1a ad 41 0a a2 b9 06 57 a3 76 e0 ab 30 67 f6 d7 7e df e2 5c 72 6a 6e 58 4e 37 d0 c9 71 a3 5e c2 0b 8f 1c 8d 41 d2 0a 9b 70 de 46 16 30 22 a2 65 c8 60 bb ad da 60 ea a7 4b 49 87 dc b3 00 7f e1 a1 c3 71 de 65 ef a1 df fe 8f e1 be 1b f6 c7 a0 7e 9d b0 73 9f 76 98 38 bd 9a 80 1e 0f 8f d7 00 37 07 c7 1f be 9d e7 93 ed 1a 9b 75 16 69 34 8d cc 59 d2 Data Ascii: W=8jDOt;d+,+D^19egTO+7QDEV#l'Zmw+2]8L,~d~6y,QE`&8kn>ZAWv0g~\rjnXN7q^ApF0"e``KIqe~sv87ui4Y
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: a2 78 8e d3 b6 92 73 54 02 6c 17 5f b4 6e 7b 65 38 6d 57 8c 45 49 a1 62 6d f3 e2 c9 b2 13 33 a9 c6 e3 57 ce 7d fc 9a f6 3b 9e 7a 3d 22 da e2 28 d2 71 6f 81 b4 6a ee ad f3 92 25 e5 e7 e7 94 ee 62 c5 0b b6 01 b3 72 0c 6e 06 06 ec f9 9f cc 4a c2 8a 95 80 c5 8a c0 62 85 02 b4 1d 9f 6b 96 b1 b9 b9 00 52 e5 82 e5 08 9d 9f 04 63 c9 7d 8b 70 a7 74 f1 87 a3 ad cf 55 3b 34 48 0b cb 92 ac 01 66 ca 45 45 01 71 a5 0b b2 ef 9d 86 82 fc 04 0e 3f 65 6c 40 af 4b 75 b9 da 12 dc 3d 76 c5 d7 ed 5d b7 30 25 2e e7 44 2f ee 97 7d e6 fe 11 d8 73 50 57 dc 78 ef 54 0f 84 e7 7c b1 ca d0 cf ca 6c 65 fa 3e 64 4b 7e 99 8f c7 1e 8f 9b 2e de 83 f4 8b 80 ae 9f 0e 8f 3c 15 1e bc 68 3e 35 1d c3 9d 82 9c 19 97 5c 57 71 0c 7d b9 fa d7 88 53 1e 98 2e 0e c3 8f 9b 07 1a a6 3e d9 c1 5c e5 46 ff Data Ascii: xsTl_n{e8mWEIbm3W};z="(qoj%brnJbkRc}ptU;4HfEEq?el@Ku=v]0%.D/}sPWxT\|le>dK~.<h>5\Wq}S.>\F
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 84 cd 34 91 90 1b 7f 5a d0 2d 0d a6 58 48 7f ad 39 6c 4b d7 f5 aa 49 37 ad 20 c7 0d 83 1b bf ef 91 f7 d1 79 c7 8b 71 ed 6d 6f 63 f6 e7 d5 de f9 87 9e 9c 84 ae 7d af c4 94 19 8b c8 d0 24 47 cf 48 7d b1 fe 2b bd 39 cc 3e 18 c3 b4 59 4b f1 c0 93 b3 3d ff e9 39 f3 56 e1 c4 73 5e 57 a0 a1 43 b1 d2 fb cf 60 db ad da 60 ce bf 57 07 c2 88 9a 63 97 e5 69 1e 6d 7f 6e a9 98 9b 72 bd 81 a8 66 82 63 54 3b 01 1e d6 77 1b 5c 6b 36 ae 97 7e 55 21 4d 49 7d 52 cc 0c e0 42 c1 3f a0 ef 56 e3 d2 1b 94 70 7f 92 3b 46 80 eb a5 a2 f2 2c 3b 05 43 ec ef 98 55 d4 3f e4 85 24 11 e0 1e bb fb 68 1c 7b f8 4e b8 ff b1 c9 d8 79 af 3b f1 c2 ab 9f 9a cd 73 e0 ce 07 3e 40 c7 ed 2e c2 ca d5 75 78 67 ec 79 c2 28 4d d8 65 04 72 79 bb ef eb 35 37 8f f5 8e ee bd f5 74 e2 da 65 13 e0 d4 46 69 8b Data Ascii: 4Z-XH9lKI7 yqmoc}$GH}+9>YK=9Vs^WC``WcimnrfcT;w\k6~U!MI}RB?Vp;F,;CU?$h{Ny;s>@.uxgy(Mery57teFi

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:46 UTC	2873	OUT	GET /images/app/buygoods.png HTTP/1.1 Host: visi-sharp.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVG [TRUNCATED]
2025-01-09 20:54:46 UTC	993	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:46 GMT Content-Type: image/png Content-Length: 11016 Connection: close Last-Modified: Tue, 08 Aug 2023 13:58:46 GMT ETag: "64d24a16-2b08" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 2724 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=quK2EwBZOO%2Ffb40%2BDi5CooBdmOhTzRtFJnGVZROBQjzQzY1koWcxWvixDjnCThGLZkNeNRXieMLEAgCpseNQFXBAYoxm9H114PRbytho5%2FwLRecne5qwKDkHD21DQKk0Sg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff7530b4c9242d2-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1532&min_rtt=1524&rtt_var=588&sent=4&recv=8&lost=0&retrans=0&sent_bytes=2833&recv_bytes=3451&delivery_rate=1836477&cwnd=229&unsent_bytes=0&cid=d1c98137678b7f1b&ts=129&x=0"
2025-01-09 20:54:46 UTC	376	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 b4 00 00 00 2a 08 06 00 00 00 1a a1 71 01 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 44 65 58 49 66 4d 4d 00 2a 00 00 00 08 00 01 87 69 00 04 00 00 00 01 00 00 00 1a 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 00 01 00 00 a0 02 00 04 00 00 00 01 00 00 00 b4 a0 03 00 04 00 00 00 01 00 00 00 2a 00 00 00 00 38 e3 0f 08 00 00 2a 72 49 44 41 54 78 01 ed 9d 09 80 5d 45 99 ef cf 76 ef ed 7d 4b 27 e9 ec 9d d0 49 20 09 24 40 d8 02 42 22 20 a2 22 3a 62 d4 67 08 04 97 28 28 f3 64 44 c0 99 79 36 f3 e6 21 8a c3 9b 87 82 c2 cc b0 29 f3 34 91 07 8a 0a 0c 22 11 24 01 03 59 4d 87 6c 9d 74 b6 4e 2f e9 4e a7 f7 7b ef 39 e7 fd fe a7 ef 39 7d 6f 77 03 32 33 c6 f0 5e 2a 9c ae 3a 55 df f7 d5 57 55 5f 7d f5 d5 57 75 2e Data Ascii: PNGIHDRqsRGBDeXIfMMi8rIDATx]Ev}K'I $@B" ":bg((dDy6!)4"$YMltN/N{99}ow23^*:UWU_}Wu.
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 7d bf 97 f7 ba 9d 3b 77 7e 6f c7 8e 1d af 4c 9f 3e bd ff 58 f6 92 95 53 99 6f 8e 72 6c 7b ba 65 59 d3 3c c3 ad f6 7c 7f a6 ef 1b 97 a3 9a cf bf fb ee 15 79 39 b0 27 5e 4e f4 00 3d b0 71 e3 c6 42 34 f1 4c 92 d3 11 e4 a9 c4 b3 e2 f1 f8 07 c8 fb 60 2a 95 aa 38 d6 9d 94 2d d0 a6 6d 3b a3 4c d3 2a 0f 14 f1 a0 2e ce 77 2c b3 34 59 d8 1e 3f d6 cc 9d a8 ef f8 ef 01 4c 8d 71 08 6f 25 1a 3a 58 ed 11 6a 31 5d 80 b6 1e 9d 97 97 77 cc 65 26 12 e8 fb ef bf df 31 7c bf ca 37 bc 4a 96 8d a8 27 7d 32 79 eb 1b 1b 8f 1f d3 a5 23 62 e0 44 e2 b8 ee 81 c2 c2 c2 49 08 f1 28 98 94 fd 1c 84 74 3a 6d 20 e0 7d dd dd dd 81 74 87 f9 c7 22 8e 04 fa 68 7e 7e dc 35 52 13 3c d7 1d 1d 0a b4 09 07 cc be 1e 3f 69 1c 69 68 68 48 1e 0b 86 4e d4 f1 ee ea 01 84 77 12 5a ba 14 33 55 e2 12 04 e4 Data Ascii: };w~oL>XSorl{eY<\|y9'^N=qB4L`8-m;L.w,4Y?Lqo%:Xj1]we&1\|7J'}2y#bDI(t:m }t"h~~5R<?iihhHNwZ3U
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: b8 8a fc a5 68 e2 39 d0 2a e6 49 88 a6 60 f5 10 24 d4 13 a1 3b 9b fc bf 80 de ab cb 96 2d bb fb 9a 6b ae 79 99 3a a2 d5 80 89 76 29 13 e7 53 c0 ca c7 bd 87 67 2e 38 1f db b6 6d db e3 6f bc f1 c6 d3 27 9f 7c 72 67 24 d0 86 e5 8d 65 b0 c7 04 d4 03 ee 60 cc 75 3d aa 9c ed 1a e6 6d b6 6f cf 40 20 8b 71 e5 0d 34 0e 09 a5 cc d0 7f 9e e1 c5 d0 bc e5 0c c4 fb f0 88 74 d5 b7 f5 b7 c2 e3 26 a3 f3 81 02 2b 2f 3e d6 33 bd 52 e0 50 f7 e4 4a 20 0d 23 e9 9b 7e db 57 af 5e da 73 f3 d2 a5 41 6d e1 9f 15 1f 5f 61 ef f1 7b e7 52 cf d9 74 4c 89 cf 04 83 71 cd 9e 2e d7 f0 b7 41 24 df b4 ac b9 d0 09 84 4b 14 a1 6b 23 d1 a3 62 69 bb 34 a4 93 1d df 79 ff a3 93 99 04 1f 63 5e 5c 80 ec e7 0b c7 b2 61 c3 37 0e f3 fe 4a 32 65 6e 13 fc be 7d fb f2 11 a2 cb 69 c7 97 78 e6 53 6f 01 1d Data Ascii: h9*I`$;-ky:v)Sg.8mo'\|rg$e`u=mo@ q4t&+/>3RPJ #~W^sAm_a{RtLq.A$Kk#bi4yc^\a7J2en}ixSo
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 45 b3 95 74 39 45 17 91 9e 49 2c 3b 58 a0 d2 fe 12 a2 0a de cf 66 22 fd 96 55 44 02 74 23 45 32 c7 82 49 17 00 f2 07 5c 2c 44 77 03 da 6d 0d bc 1d 64 12 c8 37 bc 88 f4 29 c4 32 49 02 50 f1 01 8f 65 c0 9f 87 9f f8 45 68 a6 e1 43 36 f3 e9 94 45 75 0b 58 ed 07 6f 2f ed df 49 ba 05 fa 69 e2 c9 e4 9d 0e be fa 5a e5 8a a2 c0 7b 37 30 ea b3 4f 42 6f 3a ef d9 13 a4 03 bc 7f 81 b7 5f d0 57 cd d0 73 81 29 a4 ee 4f 81 b3 94 f4 68 ca 03 9a 14 a9 4d 35 e4 8f c7 f3 b3 09 4d 8d 68 59 5a 19 64 c7 8b 66 78 0a d9 4d 7b 44 8a 62 cb 08 04 3a 1d 4b 96 60 86 56 a2 ae 63 99 31 0f 18 0c 88 1b 46 0f 1e 81 27 12 be f3 fd 3e e3 68 5d 73 77 5f 5f e9 f4 e9 66 7c 4f e7 64 27 ee de 08 fc 35 08 48 41 d8 ac 60 02 98 78 40 5c bf 92 8d 26 f7 9b 02 cf c0 40 83 33 83 c9 4b 33 c3 d1 1e f5 42 Data Ascii: Et9EI,;Xf"UDt#E2I\,Dwmd7)2IPeEhC6EuXo/IiZ{70OBo:_Ws)OhM5MhYZdfxM{Db:K`Vc1F'>h]sw__f\|Od'5HA`x@\&@3K3B
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 14 19 1e d6 0d 56 cc 66 74 ce e6 da da da 8c da 06 3a 2b 58 f1 34 5a cc ea 0d 05 76 a0 88 06 9a 1c 7d a6 d3 85 b6 29 27 3f f4 33 38 6a bc e9 58 87 29 e6 e4 71 f8 fd ea a3 66 77 02 f5 8a 2f dc 2a 0d 4d 84 60 a5 f0 0d 96 69 f3 60 4b 4b 5d 8f 33 7a 72 a7 c3 b1 aa 69 99 49 ca e2 61 dd 70 1e f3 10 68 bb ab 43 5a 07 12 1c 32 98 f6 b9 da 17 84 b6 73 c0 86 e9 ad 75 3d e3 c5 da 65 cb fa 96 bc e7 3d 63 e8 20 d9 ad 43 b5 b3 96 d7 f5 74 5a 9d 06 30 c0 1b f2 07 bc 1e 60 24 4c 12 1c 09 56 10 03 a6 89 2a 33 63 3a 71 64 3f 0a 86 a0 65 71 ef 48 a7 92 aa 07 13 41 02 39 ac 3e 68 27 a9 6b 32 26 47 39 1a 29 d2 a4 f0 a0 49 52 4f f9 ef 39 25 c4 47 3f 3c 80 d7 8f 06 1e 2a e8 e1 44 a8 a6 ac 1a 9a 81 12 10 b6 04 11 9a 0d 24 5f 44 c0 da 86 53 e4 18 b0 b7 d7 45 e0 86 9d 92 42 47 bc Data Ascii: Vft:+X4Zv})'?38jX)qfw/M`i`KK]3zriIaphCZ2su=e=c CtZ0`$LV3c:qd?eqHA9>h'k2&G9)IRO9%G?<*D$_DSEBG
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 1b b0 d9 38 fd 34 4f 61 d0 e5 91 09 0a 33 03 da 0b bf 3d 3c a2 ad d3 c3 20 64 da 91 42 28 fb b8 49 97 c5 74 08 c1 5d 80 64 72 2c 83 a8 53 b1 08 4f da 9f 01 6e a3 8e 06 f2 65 3a e4 94 41 b7 8d c1 ef 62 f9 cd 1a 80 41 9a f3 e6 cd 9b 02 9e bc 30 91 d0 8a 26 ef 9d b4 4f be 7c b5 3d f2 3d 8b 4f 9e 76 60 0e af 5c b9 72 98 f6 0b 29 53 3e 99 09 21 b3 20 67 82 f1 be 9b b2 60 6c 47 8f 1e dd 89 79 50 4b 3d 8b 59 b5 be 87 b0 ae 26 dd 8c 60 bb 3a 9c d2 ca a3 fa 46 0a 19 c1 3e 87 b6 9f fb e9 4f 7f 3a f0 77 8f 04 37 52 9e 85 15 2c f7 8d 6e b3 0d 96 53 0f 75 a5 0d 8e 36 06 33 73 53 f1 aa ae 1a cb 37 cf 02 4b 2e 9a a0 10 81 d1 54 68 e2 6d af 97 0e 9c f9 98 24 19 ba ea 2c ae 02 b8 a6 81 23 bc 7d d8 b2 fb 95 bb ef ce 67 a4 d9 10 fa e1 cd ae a0 c1 74 d0 11 3c 74 fb ec de bc Data Ascii: 84Oa3=< dB(It]dr,SOne:AbA0&O\|==Ov`\r)S>! g`lGyPK=Y&`:F>O:w7R,nSu63sS7K.Thm$,#}gt<t
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: b6 93 cb f6 bf 96 a9 40 7a 22 6e b0 65 d4 bd 14 9a f2 b6 84 e0 32 61 44 f3 19 9e d7 b8 67 d2 8e 36 d5 1e 49 93 2b 32 49 c0 d3 85 a8 cf 00 d3 0c 6f 4f 52 77 47 53 53 93 89 bf 58 bf bb a1 db 73 1f 84 a7 9c a3 77 70 e4 73 fc 37 ea 97 79 73 19 b8 d1 41 0d b4 34 f1 e6 80 37 71 f5 ea d5 fb cf 3b ef 3c f5 b9 3a cf 64 1f a3 2b a3 e3 c0 d5 5e 2b e8 2b f2 03 59 02 4f fb 86 6d 9b 36 6d 8a 4c 18 95 bd 5d 70 d0 aa 87 6c d3 39 80 e1 50 9d 25 d1 32 ae 62 08 e8 15 9c 50 9c 96 70 d2 5b 2c 2f af 2b 6d a4 47 33 44 7c 41 62 56 61 67 44 e0 41 25 52 a6 a6 b9 0e be 7e 8f 6b ee 28 0e da 2e 38 4b 43 23 f0 43 07 9a 9c 8d 1a fa 6f a9 d7 e7 97 5d f1 c6 fe b5 a9 ca c9 69 c3 ec 9a ce 95 92 cb 38 ca 3e 17 91 cc 0f bb 1f 35 49 7b fc 3a 36 79 2f 7f 7d c8 57 28 98 3c de 9d df 7f b4 85 46 Data Ascii: @z"ne2aDg6I+2IoORwGSSXswps7ysA47q;<:d+^++YOm6mL]pl9P%2bPp[,/+mG3D\|AbVagDA%R~k(.8KC#Co]i8>5I{:6y/}W(<F
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 26 cb 50 5e c3 ba 44 13 58 7d 4b a9 ab b5 3f 40 23 ff cd 63 8f 3d f6 86 e8 62 c2 ed 86 ff 07 49 6f 64 12 f5 42 7b 58 bb c1 09 56 39 c5 61 d0 84 cb f0 b9 1b 5e bf 09 de 23 78 44 72 36 a4 21 ec db c5 d1 e8 d5 de 73 4f 49 9e 5d 76 11 37 82 17 a3 e1 ce 87 29 be 31 b4 6c b4 a9 14 9e 6c 6a 99 15 dc d7 c7 ea f0 dd 26 bc a2 9b 11 d1 17 59 99 7f d5 db bc 6b 87 ec da a1 95 7d f9 9e 7b 12 e3 63 e5 e7 e1 ca ff 34 cb ff 22 a6 c2 78 28 61 03 8a 94 06 8b 1a 74 56 c9 9d 15 f4 36 9a d8 5c cb d1 d6 b3 e9 98 fd dc 6d cb 3e b5 67 28 bd ec f7 3b ee 79 70 b4 1d 77 be 02 89 2f 41 0e 7f f7 40 f5 99 8e e7 f2 b8 f7 1d a7 db bc ef e6 9b a3 63 ee 6c f4 9c 34 a6 c7 69 74 f0 17 19 a8 0f 11 6b 23 15 6e bc 34 20 12 dc 7e 3a 7a 3b f9 2b 78 97 9d 7c 2d 79 ba 83 1b d0 01 4f 1a 6b 15 9a f7 Data Ascii: &P^DX}K?@#c=bIodB{XV9a^#xDr6!sOI]v7)1llj&Yk}{c4"x(atV6\m>g(;ypw/A@cl4itk#n4 ~:z;+x\|-yOk
2025-01-09 20:54:46 UTC	1057	IN	Data Raw: 32 aa 43 f8 8c a0 6a c3 76 11 69 fd 76 05 55 69 83 cf cd f0 8c 67 22 03 13 98 1a 94 6b d3 b8 06 2d ff 14 3f a1 25 5a 41 90 2f fe db f7 3e f4 2b c3 36 c7 c3 db 47 8d c2 e2 e2 7d 87 dd 87 d8 70 6f ab 5d be 7c 44 bb 3e c4 fd cf 88 59 0d e2 89 31 d3 0b 3b 8c a6 8b f8 79 b7 9b d8 13 f6 fa 31 e7 57 6b cb f2 47 f4 e9 ff 67 d4 79 bc d0 38 ee 37 85 b2 99 13 63 6b ae e5 00 e9 bf a1 8c a7 e8 4b c7 30 0c 5c 57 e5 d6 e8 c0 c5 f2 5f 98 46 ea 9e af 2d bf 2e d2 94 21 dc 48 31 da 77 1a c2 f8 65 84 f5 1a 84 b4 5c 30 a1 b0 8e 04 1f e6 01 2f bf b1 66 93 bc 14 af b2 eb bf 17 c1 7e 66 24 97 d8 fd f7 af 28 3d ea f7 5e c1 09 c4 a7 31 87 74 64 fd 6b 4e 43 9f ee f3 bb 1a 8d a6 a6 2e ae 68 ea 9b c4 41 fb 25 ac e4 1d c6 81 49 c6 2f bc ea ae 4d 6f ba 7b 74 cc cc 3f 1d 21 be 82 79 3e Data Ascii: 2CjvivUig"k-?%ZA/>+6G}po]\|D>Y1;y1WkGgy87ckK0\W_F-.!H1we\0/f~f$(=^1tdkNC.hA%I/Mo{t?!y>

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://www.oneroguereporter.com/gks

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 263

Chrome Cache Entry: 264

Chrome Cache Entry: 265

Chrome Cache Entry: 266

Chrome Cache Entry: 267

Chrome Cache Entry: 268

Chrome Cache Entry: 269

Chrome Cache Entry: 270

Chrome Cache Entry: 271

Chrome Cache Entry: 272

Chrome Cache Entry: 273

Chrome Cache Entry: 274

Chrome Cache Entry: 275

Chrome Cache Entry: 276

Chrome Cache Entry: 277

Chrome Cache Entry: 278

Chrome Cache Entry: 279

Chrome Cache Entry: 280

Chrome Cache Entry: 281

Chrome Cache Entry: 282

Chrome Cache Entry: 283

Chrome Cache Entry: 284

Windows Analysis Report
http://www.oneroguereporter.com/gks

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:46 UTC	2875	OUT	GET /images/male/40-60/t-0.jpg HTTP/1.1 Host: visi-sharp.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVG [TRUNCATED]
2025-01-09 20:54:46 UTC	1000	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:46 GMT Content-Type: image/jpeg Content-Length: 507395 Connection: close Last-Modified: Tue, 21 May 2024 12:01:13 GMT ETag: "664c8d09-7be03" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 4674 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4UjJiKUkiMJoQugsHESqvpOkN5yBV8hrrvh2c%2FIj4LMoKMEES4hX%2Fs5LmSgnsRP4%2FVopJOLh7oEupqAbM8wKPB%2BJcqIn9aL8tXRq5%2B9FSCJyQIQTM94UDhMQZXtjUFABsw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff7530b782c7d0e-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1958&min_rtt=1952&rtt_var=745&sent=4&recv=8&lost=0&retrans=0&sent_bytes=2834&recv_bytes=3453&delivery_rate=1456359&cwnd=244&unsent_bytes=0&cid=6dd92cc428a24088&ts=119&x=0"
2025-01-09 20:54:46 UTC	369	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 02 02 01 01 02 01 01 01 02 02 02 02 02 02 02 02 02 01 02 02 02 02 02 02 02 02 02 02 ff db 00 43 01 01 01 01 01 01 01 01 01 01 01 02 01 01 01 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 ff c2 00 11 08 04 00 04 00 03 01 22 00 02 11 01 03 11 01 ff c4 00 1d 00 00 01 05 01 01 01 01 00 00 00 00 00 00 00 00 00 05 02 03 04 06 07 01 00 08 09 ff c4 00 1b 01 00 02 03 01 01 01 00 00 00 00 00 00 00 00 00 00 02 03 01 04 05 00 06 07 ff da 00 0c 03 01 00 02 10 03 10 00 00 01 f8 65 e6 dc Data Ascii: JFIFCC"e
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 61 12 97 39 e0 b4 89 f0 65 49 38 fb 69 08 9b 06 53 a4 00 ed 81 df 72 99 b7 04 62 50 eb d7 a4 12 d7 62 ad 9c 95 83 09 f4 76 50 c4 bb 96 ec 81 e0 6a c2 6c a2 42 cd 20 85 ce ac 0d 02 b2 4e 10 56 a3 4d 4a d9 62 ac 94 0e 0f 8e cc b8 8c 17 a6 c0 63 83 57 a3 68 f4 95 80 96 9c 69 16 fc e3 4e 97 36 a4 2c 49 69 5f a6 38 d3 a9 59 27 c9 72 65 b5 77 8b 31 95 c3 b5 cb b5 1a 87 2b 9b 78 90 9f 65 e9 8b 09 81 25 bc fe ea 9f 69 4a 62 9c e2 67 bb c5 f3 b9 b7 d0 eb 92 35 c4 f6 0d b7 19 ec cb ca 4a 84 93 ce 2b b9 7e 71 91 ef 3a df 66 55 e4 a6 61 cf 29 a1 95 a5 c4 10 ad 0e a3 a5 d4 71 c0 96 16 9e 17 3a c3 bc 02 f3 4a 54 47 52 95 89 29 3e f3 43 88 73 90 2d f5 b5 9c a3 ca 6b a3 aa 47 a6 12 85 2c a3 bc 42 e3 99 75 5d 60 ba 84 a0 49 5c e7 0e 7a d2 7d d2 ea 1c 9b 2b 1b eb 2b d3 d5 Data Ascii: a9eI8iSrbPbvPjlB NVMJbcWhiN6,Ii_8Y'rew1+xe%iJbg5J+~q:fUa)q:JTGR)>Cs-kG,Bu]`I\z}++
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 70 a5 6d 2a 49 2f 2c db 50 57 4c b3 db ee d2 01 60 34 ba 4f ab dd cd 58 3a 6a a2 1f 5f 32 bb 5c b7 00 b0 9c e6 d1 7d 1e 3c 28 92 fb d0 52 cd 96 b1 c7 b7 44 c5 d7 05 ae 90 c8 e6 29 bb 04 aa 86 a9 62 aa ca 56 49 35 21 5e 31 22 3a a9 19 62 de 3d 80 fd 40 b8 96 73 6d 84 d0 c1 40 6b 15 f3 34 9e c7 74 82 44 b9 24 c2 81 5a fe 8a fc f4 fd 18 b1 4b 36 b7 b5 44 ac 54 1c 47 eb 5c 72 b6 92 34 6c d4 97 70 aa 9e 9b 90 89 03 b5 e7 d5 1e 3d 6e c1 9c 5b a2 bd be e1 9c 97 b1 4e bd aa e6 b6 b4 da 1b 5e d7 f3 6e 16 4e 0e 14 a6 52 a0 5a 6b 95 d9 40 7e db 5a ad 64 5a e4 8e 0b 9e 15 38 3d 85 c3 86 f4 4d cc 26 f9 c5 5c a8 f9 41 86 73 ae 5a 5e 6f de 7f 7b 9d 4a e0 9b 90 da 4b 9d 4a 1e e2 f2 d9 78 40 33 32 12 e8 4b a9 e1 4c 86 bd e1 95 f5 5e 09 6d c8 f3 0c 63 b9 d6 fb b8 ea 55 c6 Data Ascii: pm*I/,PWL`4OX:j_2\}<(RD)bVI5!^1":b=@sm@k4tD$ZK6DTG\r4lp=n[N^nNRZk@~ZdZ8=M&\AsZ^o{JKJx@32KL^mcU
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 1b 8c d4 30 39 02 bc 76 01 db 65 60 b3 b3 0c 90 9c 75 b5 f2 49 f7 2a 41 15 1a 2e e5 8a 38 34 ff 00 9f 2e d7 71 4f cd 8d ed 19 72 ec 43 89 06 f1 66 bd 76 68 e2 58 fa ce b0 ae e7 df eb 91 fb dd 27 ac 3d c5 c4 b8 88 1e a5 5e 91 0a 97 3c d2 53 8d b9 d3 e7 bc e8 82 3c ae f7 29 1d e4 77 15 df 74 a5 7c f4 c2 fd c7 84 b8 95 b5 1c a5 b2 ef 12 3c e2 a2 51 cf 3f d0 96 9c f4 73 d2 63 cb b5 4d 09 7c 73 6b c9 67 8a a5 a1 1f dc 40 b3 92 3c f3 13 06 67 9e d7 cd b9 48 a8 10 6a f4 6c ae c1 c5 5a 99 b2 e7 36 8a 77 ab 76 a2 e5 94 f8 17 b8 72 c9 7c a6 98 a6 c3 67 4f ec b7 73 13 ad f6 ab 09 cf ca d8 ac 27 d5 8e 5e e5 19 02 d1 44 5f 19 95 11 34 2a 9d a8 da 28 c1 5c 9b 35 39 f6 d1 e9 b6 17 d2 9a ad 72 23 12 e0 2d b5 a8 f6 57 65 95 d9 37 74 0c d2 ac d6 49 8b 68 4b af 2d f0 c4 c1 Data Ascii: 09ve`uIA.84.qOrCfvhX'=^<S<)wt\|<Q?scM\|skg@<gHjlZ6wvr\|gOs'^D_4(\59r#-We7tIhK-
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 1f 45 84 ea f0 90 e3 d6 e9 72 11 28 b6 a9 91 b1 57 4d 32 0b e7 f6 6a ca ee 91 b4 d3 2c 4a b6 7e b9 34 cd 5d 45 e8 20 8f cb 61 dc 5c 47 4c 5b 83 67 14 63 2c 15 6d 20 81 a3 b0 24 1c 4d aa 15 79 8f 6e e9 58 b1 af 58 aa e2 79 4a 32 c2 db 64 18 5c 2e b4 48 a3 8d 95 76 d6 f3 23 01 33 eb 90 1e a7 22 cb 30 95 7d 4a bc fe 49 96 c2 93 2d b0 88 83 66 c0 89 65 f9 65 22 6b 51 4a bd d6 07 f6 7b 44 a1 b1 8b 07 50 0c 5b 92 4d b2 41 94 18 20 22 73 6e d7 35 83 b3 8a 8e ae e7 da f5 71 91 4e 9c f8 e6 d4 9c fb a2 6d 63 96 ae 1e 05 a9 e6 6e 78 26 8f 4a 01 fa 33 2e cf 34 c2 56 c5 49 a6 5f 86 31 8f 68 18 7c 36 e7 72 c8 f5 d3 a9 1b 05 d8 e9 ac 1a 9d 66 d1 0c 66 94 1e fd 5b 28 89 0d d4 d7 b3 9e 53 75 1a d5 0d 5a aa 3c d2 35 1f 8c e3 2b 94 71 5d 35 a9 2b 70 79 5e 43 a3 dc 72 3b f0 Data Ascii: Er(WM2j,J~4]E a\GL[gc,m $MynXXyJ2d\.Hv#3"0}JI-fee"kQJ{DP[MA "sn5qNmcnx&J3.4VI_1h\|6rff[(SuZ<5+q]5+py^Cr;
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: b9 42 b7 e9 e1 ed e5 fb 3c d7 a9 36 33 73 15 9d 03 10 99 32 59 75 59 cd 4a 32 da f4 74 95 ad 9c 1c 1e 98 4a 2b ae 6c 68 ec ab e6 b4 5d 7a 0e 87 44 ba 66 08 bd 0e 92 76 2e 4e f8 de b9 c4 d8 67 ae a0 82 03 ad a0 92 fb d1 fb 13 23 a8 50 32 42 d9 50 c2 96 da e0 95 e6 d7 c2 b5 c7 f4 13 9e ef 3b 97 e4 f6 0b ce 38 d7 4b 9d 4a 84 7b ef 26 67 cc 3c d9 73 0c 91 14 fa 5e bf d5 b4 9b f4 ea fa 66 79 ad de cc 9a 2c 89 e3 81 6e 3d 15 57 22 ce 1f 6a ce dc 27 36 2c ea 3a 73 ec 40 ed c2 7c 98 94 35 96 39 e2 8c b2 67 10 8d 26 19 29 d8 a4 65 b2 ca 07 9e 4e 24 f0 69 62 c2 73 45 4a 18 3f e1 73 26 25 36 a4 1c 28 88 52 33 d2 94 c1 28 5b cd 71 b9 5c e7 47 94 7c 0e a9 1b 64 5c b9 e2 dd 16 4d 43 8f 80 c7 28 36 6b ea 34 a6 92 10 c8 a3 c0 56 41 48 ca e0 bf 8d 47 9c 21 d6 e2 75 2b 9a Data Ascii: B<63s2YuYJ2tJ+lh]zDfv.Ng#P2BP;8KJ{&g<s^fy,n=W"j'6,:s@\|59g&)eN$ibsEJ?s&%6(R3([q\G\|d\MC(6k4VAHG!u+
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 76 22 ce 6e 43 d5 5f 72 c9 e7 9f 4d 41 20 c1 65 b7 48 03 78 fb fd 22 31 29 b7 6c 56 4c 99 ab 6a 04 8d 7e 28 d9 7a 4c 79 bc e7 40 5b 2b 86 28 b8 d2 ae 25 c7 04 59 3c dc 8a 3d da 2b 86 d8 87 7a f5 9a 50 f8 6c 5b 6b d5 d7 0c f6 5e b4 10 97 ba ec 8b 81 d3 4f 13 b5 82 b8 88 48 d4 82 1f 93 52 fd 49 d2 f1 51 66 bf 3a 2c b4 8c f8 49 7d 28 a9 85 37 50 1b b6 4b 15 06 e6 ca de 1f 3d 31 5c 49 30 d3 62 60 44 35 0e 56 11 a2 23 ac 84 13 03 85 ea 79 c8 53 eb 6c 32 9d 75 e1 b0 b9 3c f0 93 ef af 79 87 5e 3d 35 b4 58 c6 a2 5a cd cb 02 e8 95 23 9c ce c9 50 d3 c2 c5 74 79 98 dc bf 93 e8 b6 aa 2e 47 a1 9a 57 d1 70 f7 8a 46 57 6a 5a 8e d4 a4 b1 58 7b 45 3d ee 3c 08 af 16 e0 48 97 0a 70 64 5f 89 aa 08 57 49 ab b8 4b 47 5b 89 0b e3 be 8e 00 a3 3d ee 06 b2 ce 71 04 e1 a6 78 87 f6 Data Ascii: v"nC_rMA eHx"1)lVLj~(zLy@[+(%Y<=+zPl[k^OHRIQf:,I}(7PK=1\I0b`D5V#ySl2u<y^=5XZ#Pty.GWpFWjZX{E=<Hpd_WIKG[=qx
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 19 6d 80 2a 54 ca ad b4 8d 0f 98 5c 8b d3 6d e6 08 5c 9a bf 3e 90 20 d7 cc 7c dd cf 2c fc fa cc 99 43 ec af 9c e6 dd 25 58 45 a7 5b 96 8b 54 e9 d7 58 a3 64 2b af cb 91 89 06 e5 7e 34 62 0f 7d 73 a1 bd 3f 0f 97 fb 6c 5d ba ff 00 12 c2 fb 42 a3 97 ad f2 b9 6d 7f 25 ae e6 55 57 aa 81 7d 23 b3 fc 5b 77 bf 99 f4 1f c8 26 f3 7b 99 7f 46 ef 5f 21 7d 21 99 a7 a2 84 ba 66 f8 9a e4 39 f3 f5 59 89 fa 44 f7 c8 a4 0f be aa a9 7c d8 19 c9 fa 20 47 c8 e1 34 31 7e 8c 8d f2 2a ed 66 fd 55 52 cb 6d 92 ad 7b e9 ac 03 6b bb 91 a7 7c d7 bc 7c 8d 1c 52 7b 35 3a da 59 ee 8e 38 0b 66 b1 5f bf e5 54 9d 70 7a ae 47 ce 6c bb d7 17 91 a8 cf 5e 44 73 7c 7f c6 03 14 97 2c d1 eb 89 5f 73 8a 6d e0 e4 af cf 74 a7 bc e0 4f 9e f3 31 2b ef 3c 70 e2 db 75 66 85 f5 45 0b e3 9c 59 29 6a f2 c8 Data Ascii: mT\m\> \|,C%XE[TXd+~4b}s?l]Bm%UW}#[w&{F_!}!f9YD\| G41~fURm{k\|\|R{5:Y8f_TpzGl^Ds\|,_smtO1+<pufEY)j
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: f2 1c 99 ef 9e 72 27 dc f2 14 c8 55 eb 05 6a c2 a2 88 9b 17 d0 e2 d0 03 dc 31 ff 00 47 e7 ea 9f a1 bf 11 7d 1d a1 4e d9 1e f7 44 f3 db dc b1 56 8e cb b7 ab 96 7a 6f 1b d4 5b 9a 02 7a a6 bd 86 83 b7 f2 de 6f c4 df 42 c9 b2 3c 9d 27 56 b1 da b8 e6 0b f4 81 3b f9 bf 0d d7 7f 44 ac 56 71 30 6b 16 99 6c 5d 9a 93 66 aa 79 5e 82 99 55 bb 2e be 8d 5b 3a d4 3e 55 bd e5 fe 6b fd 04 f8 33 ed e7 23 6f b6 0d ba 60 fb 56 88 f5 c1 b0 d8 29 31 48 68 3f 28 fd 49 98 ea 64 7c f7 7f c9 b4 0d df 9c fd 45 6f c1 77 ff 00 3b ee 06 99 87 16 b5 f3 40 0a b7 76 04 b5 31 f1 be 86 6d cf 5c 46 46 03 e9 5b 4e 86 0f c7 f9 27 e9 45 09 b4 fe 56 d0 b4 06 33 f6 69 c6 a0 37 95 b5 5e cd 75 92 55 6b e4 06 c8 10 45 5b 29 01 c5 b8 44 e5 9b ae 4d 6a b7 e5 9f e9 f7 e6 7f ed ed bc dc 9b 6d bf 54 f3 Data Ascii: r'Uj1G}NDVzo[zoB<'V;DVq0kl]fy^U.[:>Uk3#o`V)1Hh?(Id\|Eow;@v1m\FF[N'EV3i7^uUkE[)DMjmT
2025-01-09 20:54:46 UTC	1369	IN	Data Raw: 94 ea 9b 58 1f 1d ea a6 3b e5 2e 39 b5 38 a1 e6 14 a7 26 3d ee 26 25 de 75 11 d2 14 db d1 de f7 52 b2 72 1b 9c 22 8a 1c a8 bb b5 85 41 98 3b d1 60 c4 81 2e 3e 8e 6b 56 20 93 6c 9f d2 5f 33 7d 7f 4e 5f a1 f9 13 ea dc 31 41 9f f5 cd b7 f3 c0 ea ed 7e 89 df ff 00 3b b4 ea 3b 5f 75 95 f8 eb 44 ad a3 f4 a4 ac 32 c6 ab fb 0b d9 61 73 9b 97 a9 88 23 bf a3 2a a9 b2 a6 f8 bf 8a 31 d3 47 e8 e6 27 f1 05 89 94 40 7d 29 a1 8f 17 d6 6d 14 ed 32 be ad ca fd 5b b3 d7 d2 b5 48 18 62 c2 05 d7 ed 95 40 b0 30 49 a0 32 90 b3 04 96 e2 2e 64 3d ea 2a d0 be 43 fb fe 87 60 fe 76 fa 3f e7 4c 12 ca 7f 49 09 7e 7a 6f c1 5f ea 07 b3 3d 0a 39 c8 2d b0 ab 47 e2 72 4b 12 0a 3d d5 a1 5d 30 a3 e0 d1 72 d2 c6 67 99 ba ae fa 37 e6 fb 0b b2 36 1a 27 cc a3 a9 ec 02 cb 3e c0 fa 14 36 82 69 90 Data Ascii: X;.98&=&%uRr"A;`.>kV l_3}N_1A~;;_uD2as#1G'@})m2[Hb@0I2.d=C`v?LI~zo_=9-GrK=]0rg76'>6i

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:46 UTC	3282	OUT	GET /event/1YahHTWvLs8kmboN?page=https:%2F%2Fvisi-sharp.net%2Freport%3Faff_id%3D326%26subid2%3D6812_sessid20250109205426977%26subid%3D8802&event=page:load HTTP/1.1 Host: visi-sharp.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Accept: application/json, text/plain, / X-XSRF-TOKEN: eyJpdiI6ImdMbDIvQUU0VTZSRzNWSmZjdWxlTUE9PSIsInZhbHVlIjoieHlvRzhmZW1sSlBXWW9TTkQvZC9uMzRDNHZXY0xzdzJyUVNVTGNzQTFtQ1ppQmoxMDVGalBETUROK1pqc1Z5aFU1aXVEVlBmWmp3cDVVeG9mczdDTFA0alA5L0hJVjVyckE1Vm5BMllyc28ySy9SM1ZZV1ltZzRaRFZVdWJlMmUiLCJtYWMiOiIxNzJiYmFlYTQ4ZmYzMzZiZDBlODUwY2QyN2IzZWI5YzNkMjhhODU0ZDc4NzVhMWNiNmRiMjE4NDZhMmM2Y2ZkIn0= sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6ImdMbDIvQUU0VTZSRzNWSmZjdWxlTUE9PSIsInZhbHVlIjoieHlvRzhmZW1sSlBXWW9TTkQvZC9uMzRDNHZXY0xzdzJyUVNVTGNzQTFtQ1ppQmoxMDVGalBETUROK1pqc1Z5aFU1aXVEVlBmWmp3cDVVeG9mczdDTFA0alA5L0hJVjVyckE1V [TRUNCATED]
2025-01-09 20:54:47 UTC	1063	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:47 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Cache-Control: no-cache, private Set-Cookie: XSRF-TOKEN=eyJpdiI6IitWM0Z6bjVKL1l4enk3Mlg3ZjlLTEE9PSIsInZhbHVlIjoiVzMyVWwxdmdTU2NMcmlLblozemxETWRoUDNNcTJaNktjL1Y2K3ZnVHFIbTR6Q0lYVmZZdHF0bkJENVFwTmNTZFF0UStyamNUVHV1ZkNxQ21mVkJKRUpjMlJWQ1JtRFU4ZDdFMFUrMVpXeUlwMVJiQmpLZnA0Vzh6cDZWaFU1T2wiLCJtYWMiOiI2YzEwN2E2Y2I1MzFiMTViYmU3ZTM3M2Q0NjZkOGY1YzE2ZTllMzA4ZDdiYWNmNmVmY2E2Yzc1ZjVkZGI3ZGJiIn0%3D; expires=Sun, 19-Jan-2025 20:54:46 GMT; Max-Age=864000; path=/; samesite=lax Set-Cookie: _=eyJpdiI6IkY3UHNXa0kwSytkSGpoRlZwL090ZVE9PSIsInZhbHVlIjoib29JalVoZUJjbUU3WmtwL1ByZElidi9NYlhMK1FtalZRU255dXJ5VDhpMHRTVGFHT0UxQXFNQWZ1NWRVNGFUVjZncWVzdWNjcy9WajQ3YjRLdHU4ZjRtdGY5U0pNTTF1WHVaMGJQQlBZOUd2SVBHWVlobzdCb1YvVzJKOXlNbGsiLCJtYWMiOiIxMzFhNjIyMTdlNGE4NTRjZjkxNGIzOWZmMmViNjM4M2FjZmVmYTUzOGM5ODc0YmZkNmFiMzQ3MmZiZDBhMjM5In0%3D; expires=Sun, 19-Jan-2025 20:54:46 GMT; Max-Age=864000; path=/; httponly; samesite=lax
2025-01-09 20:54:47 UTC	1274	IN	Data Raw: 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 72 65 66 65 72 72 65 72 3d 65 79 4a 70 64 69 49 36 49 6c 56 50 4f 48 46 61 57 45 56 30 63 46 6c 47 53 56 4a 35 54 55 35 48 64 33 68 30 53 6d 63 39 50 53 49 73 49 6e 5a 68 62 48 56 6c 49 6a 6f 69 52 55 52 6a 51 54 46 58 63 57 4e 4a 52 47 4a 6f 57 6b 56 58 53 33 4d 72 52 33 4e 6b 51 30 68 58 53 6e 52 30 54 44 5a 59 51 56 4a 4c 63 58 4a 59 63 6b 5a 31 62 47 55 72 53 55 4e 6f 4f 57 35 4a 4e 31 64 4b 59 6a 49 35 4b 30 4a 74 54 32 6c 33 56 54 64 52 55 31 56 57 4d 6b 4e 31 61 47 6c 6c 55 46 42 6b 63 56 5a 61 4f 58 4e 33 57 48 4a 51 61 44 42 36 4d 30 68 55 57 57 4d 72 5a 45 64 54 4c 32 70 4a 55 6a 68 4a 63 58 59 76 56 55 70 79 4e 57 64 34 4f 55 78 51 62 7a 64 48 56 30 31 69 4e 58 6b 76 59 6d 6b 33 63 44 56 4b 5a 6e 4e 71 57 54 Data Ascii: Set-Cookie: referrer=eyJpdiI6IlVPOHFaWEV0cFlGSVJ5TU5Hd3h0Smc9PSIsInZhbHVlIjoiRURjQTFXcWNJRGJoWkVXS3MrR3NkQ0hXSnR0TDZYQVJLcXJYckZ1bGUrSUNoOW5JN1dKYjI5K0JtT2l3VTdRU1VWMkN1aGllUFBkcVZaOXN3WHJQaDB6M0hUWWMrZEdTL2pJUjhJcXYvVUpyNWd4OUxQbzdHV01iNXkvYmk3cDVKZnNqWT
2025-01-09 20:54:47 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:47 UTC	2520	OUT	GET /images/Delaware.png HTTP/1.1 Host: visi-sharp.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6ImdMbDIvQUU0VTZSRzNWSmZjdWxlTUE9PSIsInZhbHVlIjoieHlvRzhmZW1sSlBXWW9TTkQvZC9uMzRDNHZXY0xzdzJyUVNVTGNzQTFtQ1ppQmoxMDVGalBETUROK1pqc1Z5aFU1aXVEVlBmWmp3cDVVeG9mczdDTFA0alA5L0hJVjVyckE1V [TRUNCATED]
2025-01-09 20:54:47 UTC	995	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:47 GMT Content-Type: image/png Content-Length: 4565 Connection: close Last-Modified: Tue, 21 May 2024 12:01:13 GMT ETag: "664c8d09-11d5" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 1237 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2ByqoKWPk3z7gVurVW7FtoMzk7%2FaOYGyIeQ5Nq6P4jq0r5hdFqynFFw1LVQ7r0ToMcvaBVHG6xLEaRh3hFDS%2FzOzrRnt05q8HLP9CxCvGiAbpLY9sl%2Bkcfu6%2BscWao2y04Q%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff7531198d64344-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1682&min_rtt=1679&rtt_var=636&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2832&recv_bytes=3098&delivery_rate=1712609&cwnd=47&unsent_bytes=0&cid=4f59b3941e4b3329&ts=143&x=0"
2025-01-09 20:54:47 UTC	374	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 3f 00 00 00 3d 08 06 00 00 00 1a 97 b1 d4 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 09 70 48 59 73 00 00 0e c3 00 00 0e c3 01 c7 6f a8 64 00 00 11 6a 49 44 41 54 68 43 d5 9b 7b 70 5c 57 7d c7 7f bb ab 7d 4b fb 92 b4 7a bf ac 87 1f 8a 1f 91 e3 34 4e 30 0e cf 0c 4d c0 10 02 81 02 cd 04 18 1e 2d b4 cc 94 fe 41 a6 74 98 52 a6 7f 94 4e a1 9d 14 02 04 08 99 b6 0e 81 40 18 20 31 30 0d ce 24 b1 1d bf e2 87 6c 47 96 f5 5e ad 64 69 1f 5a 69 5f da 95 b6 e7 fb bb f7 ec de bd bb 2b cb 21 b1 9d 8f e6 cc de 7b f6 6a f7 fe ce f9 9d df eb dc 35 7c f6 1f bf 9e eb ee d9 40 60 db ae ad d4 d5 d4 4e 4f ff ea 37 14 4f 24 e8 95 a3 af d0 47 3f 79 3f 3d 77 e0 20 e1 9a 7d Data Ascii: PNGIHDR?=sRGBgAMAapHYsodjIDAThC{p\W}}Kz4N0M-AtRN@ 10$lG^diZi_+!{j5\|@`NO7O$G?y?=w }
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 38 1d 0e 7a ff 7d f7 d0 b3 bf 3c a0 f6 10 99 8c 85 cb 3f f2 89 0f d3 89 97 4f 50 28 14 e6 f3 e5 d5 2c bf 56 c2 67 75 51 8b a3 81 5c e2 66 24 56 a3 95 9b cb 62 e7 66 36 9a 08 7f 72 80 f0 2a 91 ff 07 c1 4d 06 03 3d f6 d3 47 b9 e1 f8 cc 93 c7 a9 a3 ee 22 35 b6 0c 52 ab db 4e dd ae 76 1e 28 bf bd 36 2f 38 b0 55 59 d5 23 05 23 66 f4 ad 77 ed e1 e6 f1 79 8a 04 dc 3c d0 4f 56 bb 8d 46 87 47 d5 9e 02 5e 9f 97 06 6e 1d a0 93 47 4f aa 3d 95 81 10 5e ab 87 bf bc c6 ec a4 2a 31 23 ce 2a 07 f9 ec 6e 72 98 ed 14 9d 8e f0 20 74 99 5a c4 b9 2d af 19 78 c5 60 00 bb 49 b9 71 cc f8 a7 bf f0 49 b2 88 cf 40 c3 f1 e1 17 5f 26 9f b8 77 f9 1d 7a 56 73 ab ac 51 c3 a1 a8 da a3 60 c4 ec fd e8 e1 c7 b8 9d 3f 31 a8 76 17 f8 c0 47 f7 91 dd 6e e7 e3 95 d5 55 ca e4 56 f8 18 bc e7 9e 77 Data Ascii: 8z}<?OP(,VguQ\f$Vbf6rM=G"5RNv(6/8UY##fwy<OVFG^nGO=^1#*nr tZ-x`IqI@_&wzVsQ`?1vGnUVw
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: bd b3 da 49 9d 5d bd 22 ef 2f cc b7 e1 cb fb 1f ce 99 ab ad f9 9b d2 22 93 98 d9 d1 20 35 74 35 e5 d3 d6 98 98 f1 f9 f1 39 aa eb a8 a7 06 87 8f 66 13 61 3e 07 5e e4 d5 a2 e1 9a 8b d1 71 5e df e0 d2 d9 11 1a 18 d8 c1 df 01 83 05 6b 5d 4e 70 00 6d 0a 26 2e 17 55 72 24 e5 04 07 fa f0 f6 dc f4 2a c5 12 b9 fc a0 00 7d 78 6b ba fb 2b 0f 7c 6d 79 69 59 ac e5 1a 32 5b 95 50 53 e2 11 01 47 48 08 f5 f0 7f 3c 42 8d fe 7a 6a 6b 6b 23 93 30 7c 07 9f 7d 9e 9e fc 9f 9f d3 e6 8d 9b c8 5f 5f 27 72 e5 09 7a fc 07 ff 4d 97 67 e7 e8 a5 83 87 84 8a a5 c5 7b 7d 42 c5 4d ac 05 c0 28 ec 94 cf ab dc 74 60 6a 88 dc 36 91 11 3a 8b cb 59 98 f1 09 c4 ec c2 ab 5c 8d e0 20 2d c6 58 89 e7 95 86 73 a0 ed 9b 5b cc d1 ae 0d ba d8 7e 73 4f 2f 07 15 c8 98 b4 c8 74 15 3e f2 e8 e1 e3 94 11 41 Data Ascii: I]"/" 5t59fa>^q^k]Npm&.Ur$*}xk+\|myiY2[PSGH<Bzjkk#0\|}__'rzMg{}BM(t`j6:Y\ -Xs[~sO/t>A
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: b8 24 24 92 3a ec 85 99 3d e7 a8 ca 39 ca ae 0a 35 39 b8 ad d5 94 9f e6 82 a7 28 b9 92 a6 e6 86 46 de e4 84 16 00 18 4f 78 83 78 aa 50 b3 43 f6 05 a1 d6 33 7b 57 8b 76 d3 a2 ec cc 23 22 83 e0 10 16 46 4d 6e 17 5d fa e3 10 c7 e8 30 66 52 f0 cb e1 5a ce d3 57 96 95 f2 57 26 ba 85 e3 70 c9 f3 67 6a 45 0c 7d 99 bd 43 67 4f 27 1b 3d b8 31 78 03 78 05 80 f7 36 6c 76 f3 ec c9 19 7d 23 04 d7 53 32 f3 d8 28 40 4d 1c 82 4f c7 95 e0 07 b3 87 58 1c 15 94 6a 97 18 0c 35 02 44 04 16 0a 6e 23 7b dd cb c2 c7 b6 b3 e0 5a ba 3a 46 8a 52 57 d8 8a 4a 55 59 7c fe e8 78 a1 76 f7 46 51 71 e6 61 e4 b4 82 a3 6a 62 10 1a 80 98 5b de 98 36 e3 4a 64 52 64 b4 cf b0 e0 5a 4b ef 6d ff 3d 6d d9 74 8a 8f b5 39 fb f8 a0 b2 fb 5b 0e a7 a3 38 a6 bf 16 14 09 bf d1 d2 ce 2a 2d 05 07 a8 a1 0d Data Ascii: $$:=959(FOxxPC3{Wv#"FMn]0fRZWW&pgjE}CgO'=1xx6lv}#S2(@MOXj5Dn#{Z:FRWJUY\|xvFQqajb[6JdRdZKm=mt9[8*-
2025-01-09 20:54:47 UTC	84	IN	Data Raw: c4 77 a3 44 74 a0 e8 37 36 17 c2 23 39 ed af a4 b4 60 ef 1d c0 f7 03 fc 82 0a 3e 7b bd 3f 3a c0 1e c0 c5 b1 8e 1b 57 f8 68 34 fa 9a 36 c5 8e 4e 2c d1 53 67 c2 74 62 52 79 ec f4 cd 07 d1 ff 03 b5 cc 6b d4 de a9 2d 87 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: wDt76#9`>{?:Wh46N,SgtbRyk-IENDB`

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:47 UTC	2524	OUT	GET /images/app/buygoods.png HTTP/1.1 Host: visi-sharp.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6ImdMbDIvQUU0VTZSRzNWSmZjdWxlTUE9PSIsInZhbHVlIjoieHlvRzhmZW1sSlBXWW9TTkQvZC9uMzRDNHZXY0xzdzJyUVNVTGNzQTFtQ1ppQmoxMDVGalBETUROK1pqc1Z5aFU1aXVEVlBmWmp3cDVVeG9mczdDTFA0alA5L0hJVjVyckE1V [TRUNCATED]
2025-01-09 20:54:47 UTC	993	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:47 GMT Content-Type: image/png Content-Length: 11016 Connection: close Last-Modified: Tue, 08 Aug 2023 13:58:46 GMT ETag: "64d24a16-2b08" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 2725 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vgv%2BlmcL0odq41DnVmqqCd9qR0%2FvVKN9AtoybhzvSY%2Fmivs6Fk21Qnon5phpzfcHp5qGzSJTQnhzz5WZHXfKql8wXyxnYj5B0dydApUGtabmz0UMxNzVHXTOq5s5hQ1uMg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff75311eedf1875-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1671&min_rtt=1670&rtt_var=628&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2833&recv_bytes=3102&delivery_rate=1739130&cwnd=153&unsent_bytes=0&cid=c5cd84152ad22fee&ts=117&x=0"
2025-01-09 20:54:47 UTC	376	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 b4 00 00 00 2a 08 06 00 00 00 1a a1 71 01 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 44 65 58 49 66 4d 4d 00 2a 00 00 00 08 00 01 87 69 00 04 00 00 00 01 00 00 00 1a 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 00 01 00 00 a0 02 00 04 00 00 00 01 00 00 00 b4 a0 03 00 04 00 00 00 01 00 00 00 2a 00 00 00 00 38 e3 0f 08 00 00 2a 72 49 44 41 54 78 01 ed 9d 09 80 5d 45 99 ef cf 76 ef ed 7d 4b 27 e9 ec 9d d0 49 20 09 24 40 d8 02 42 22 20 a2 22 3a 62 d4 67 08 04 97 28 28 f3 64 44 c0 99 79 36 f3 e6 21 8a c3 9b 87 82 c2 cc b0 29 f3 34 91 07 8a 0a 0c 22 11 24 01 03 59 4d 87 6c 9d 74 b6 4e 2f e9 4e a7 f7 7b ef 39 e7 fd fe a7 ef 39 7d 6f 77 03 32 33 c6 f0 5e 2a 9c ae 3a 55 df f7 d5 57 55 5f 7d f5 d5 57 75 2e Data Ascii: PNGIHDRqsRGBDeXIfMMi8rIDATx]Ev}K'I $@B" ":bg((dDy6!)4"$YMltN/N{99}ow23^*:UWU_}Wu.
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 7d bf 97 f7 ba 9d 3b 77 7e 6f c7 8e 1d af 4c 9f 3e bd ff 58 f6 92 95 53 99 6f 8e 72 6c 7b ba 65 59 d3 3c c3 ad f6 7c 7f a6 ef 1b 97 a3 9a cf bf fb ee 15 79 39 b0 27 5e 4e f4 00 3d b0 71 e3 c6 42 34 f1 4c 92 d3 11 e4 a9 c4 b3 e2 f1 f8 07 c8 fb 60 2a 95 aa 38 d6 9d 94 2d d0 a6 6d 3b a3 4c d3 2a 0f 14 f1 a0 2e ce 77 2c b3 34 59 d8 1e 3f d6 cc 9d a8 ef f8 ef 01 4c 8d 71 08 6f 25 1a 3a 58 ed 11 6a 31 5d 80 b6 1e 9d 97 97 77 cc 65 26 12 e8 fb ef bf df 31 7c bf ca 37 bc 4a 96 8d a8 27 7d 32 79 eb 1b 1b 8f 1f d3 a5 23 62 e0 44 e2 b8 ee 81 c2 c2 c2 49 08 f1 28 98 94 fd 1c 84 74 3a 6d 20 e0 7d dd dd dd 81 74 87 f9 c7 22 8e 04 fa 68 7e 7e dc 35 52 13 3c d7 1d 1d 0a b4 09 07 cc be 1e 3f 69 1c 69 68 68 48 1e 0b 86 4e d4 f1 ee ea 01 84 77 12 5a ba 14 33 55 e2 12 04 e4 Data Ascii: };w~oL>XSorl{eY<\|y9'^N=qB4L`8-m;L.w,4Y?Lqo%:Xj1]we&1\|7J'}2y#bDI(t:m }t"h~~5R<?iihhHNwZ3U
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: b8 8a fc a5 68 e2 39 d0 2a e6 49 88 a6 60 f5 10 24 d4 13 a1 3b 9b fc bf 80 de ab cb 96 2d bb fb 9a 6b ae 79 99 3a a2 d5 80 89 76 29 13 e7 53 c0 ca c7 bd 87 67 2e 38 1f db b6 6d db e3 6f bc f1 c6 d3 27 9f 7c 72 67 24 d0 86 e5 8d 65 b0 c7 04 d4 03 ee 60 cc 75 3d aa 9c ed 1a e6 6d b6 6f cf 40 20 8b 71 e5 0d 34 0e 09 a5 cc d0 7f 9e e1 c5 d0 bc e5 0c c4 fb f0 88 74 d5 b7 f5 b7 c2 e3 26 a3 f3 81 02 2b 2f 3e d6 33 bd 52 e0 50 f7 e4 4a 20 0d 23 e9 9b 7e db 57 af 5e da 73 f3 d2 a5 41 6d e1 9f 15 1f 5f 61 ef f1 7b e7 52 cf d9 74 4c 89 cf 04 83 71 cd 9e 2e d7 f0 b7 41 24 df b4 ac b9 d0 09 84 4b 14 a1 6b 23 d1 a3 62 69 bb 34 a4 93 1d df 79 ff a3 93 99 04 1f 63 5e 5c 80 ec e7 0b c7 b2 61 c3 37 0e f3 fe 4a 32 65 6e 13 fc be 7d fb f2 11 a2 cb 69 c7 97 78 e6 53 6f 01 1d Data Ascii: h9*I`$;-ky:v)Sg.8mo'\|rg$e`u=mo@ q4t&+/>3RPJ #~W^sAm_a{RtLq.A$Kk#bi4yc^\a7J2en}ixSo
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 45 b3 95 74 39 45 17 91 9e 49 2c 3b 58 a0 d2 fe 12 a2 0a de cf 66 22 fd 96 55 44 02 74 23 45 32 c7 82 49 17 00 f2 07 5c 2c 44 77 03 da 6d 0d bc 1d 64 12 c8 37 bc 88 f4 29 c4 32 49 02 50 f1 01 8f 65 c0 9f 87 9f f8 45 68 a6 e1 43 36 f3 e9 94 45 75 0b 58 ed 07 6f 2f ed df 49 ba 05 fa 69 e2 c9 e4 9d 0e be fa 5a e5 8a a2 c0 7b 37 30 ea b3 4f 42 6f 3a ef d9 13 a4 03 bc 7f 81 b7 5f d0 57 cd d0 73 81 29 a4 ee 4f 81 b3 94 f4 68 ca 03 9a 14 a9 4d 35 e4 8f c7 f3 b3 09 4d 8d 68 59 5a 19 64 c7 8b 66 78 0a d9 4d 7b 44 8a 62 cb 08 04 3a 1d 4b 96 60 86 56 a2 ae 63 99 31 0f 18 0c 88 1b 46 0f 1e 81 27 12 be f3 fd 3e e3 68 5d 73 77 5f 5f e9 f4 e9 66 7c 4f e7 64 27 ee de 08 fc 35 08 48 41 d8 ac 60 02 98 78 40 5c bf 92 8d 26 f7 9b 02 cf c0 40 83 33 83 c9 4b 33 c3 d1 1e f5 42 Data Ascii: Et9EI,;Xf"UDt#E2I\,Dwmd7)2IPeEhC6EuXo/IiZ{70OBo:_Ws)OhM5MhYZdfxM{Db:K`Vc1F'>h]sw__f\|Od'5HA`x@\&@3K3B
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 14 19 1e d6 0d 56 cc 66 74 ce e6 da da da 8c da 06 3a 2b 58 f1 34 5a cc ea 0d 05 76 a0 88 06 9a 1c 7d a6 d3 85 b6 29 27 3f f4 33 38 6a bc e9 58 87 29 e6 e4 71 f8 fd ea a3 66 77 02 f5 8a 2f dc 2a 0d 4d 84 60 a5 f0 0d 96 69 f3 60 4b 4b 5d 8f 33 7a 72 a7 c3 b1 aa 69 99 49 ca e2 61 dd 70 1e f3 10 68 bb ab 43 5a 07 12 1c 32 98 f6 b9 da 17 84 b6 73 c0 86 e9 ad 75 3d e3 c5 da 65 cb fa 96 bc e7 3d 63 e8 20 d9 ad 43 b5 b3 96 d7 f5 74 5a 9d 06 30 c0 1b f2 07 bc 1e 60 24 4c 12 1c 09 56 10 03 a6 89 2a 33 63 3a 71 64 3f 0a 86 a0 65 71 ef 48 a7 92 aa 07 13 41 02 39 ac 3e 68 27 a9 6b 32 26 47 39 1a 29 d2 a4 f0 a0 49 52 4f f9 ef 39 25 c4 47 3f 3c 80 d7 8f 06 1e 2a e8 e1 44 a8 a6 ac 1a 9a 81 12 10 b6 04 11 9a 0d 24 5f 44 c0 da 86 53 e4 18 b0 b7 d7 45 e0 86 9d 92 42 47 bc Data Ascii: Vft:+X4Zv})'?38jX)qfw/M`i`KK]3zriIaphCZ2su=e=c CtZ0`$LV3c:qd?eqHA9>h'k2&G9)IRO9%G?<*D$_DSEBG
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 1b b0 d9 38 fd 34 4f 61 d0 e5 91 09 0a 33 03 da 0b bf 3d 3c a2 ad d3 c3 20 64 da 91 42 28 fb b8 49 97 c5 74 08 c1 5d 80 64 72 2c 83 a8 53 b1 08 4f da 9f 01 6e a3 8e 06 f2 65 3a e4 94 41 b7 8d c1 ef 62 f9 cd 1a 80 41 9a f3 e6 cd 9b 02 9e bc 30 91 d0 8a 26 ef 9d b4 4f be 7c b5 3d f2 3d 8b 4f 9e 76 60 0e af 5c b9 72 98 f6 0b 29 53 3e 99 09 21 b3 20 67 82 f1 be 9b b2 60 6c 47 8f 1e dd 89 79 50 4b 3d 8b 59 b5 be 87 b0 ae 26 dd 8c 60 bb 3a 9c d2 ca a3 fa 46 0a 19 c1 3e 87 b6 9f fb e9 4f 7f 3a f0 77 8f 04 37 52 9e 85 15 2c f7 8d 6e b3 0d 96 53 0f 75 a5 0d 8e 36 06 33 73 53 f1 aa ae 1a cb 37 cf 02 4b 2e 9a a0 10 81 d1 54 68 e2 6d af 97 0e 9c f9 98 24 19 ba ea 2c ae 02 b8 a6 81 23 bc 7d d8 b2 fb 95 bb ef ce 67 a4 d9 10 fa e1 cd ae a0 c1 74 d0 11 3c 74 fb ec de bc Data Ascii: 84Oa3=< dB(It]dr,SOne:AbA0&O\|==Ov`\r)S>! g`lGyPK=Y&`:F>O:w7R,nSu63sS7K.Thm$,#}gt<t
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: b6 93 cb f6 bf 96 a9 40 7a 22 6e b0 65 d4 bd 14 9a f2 b6 84 e0 32 61 44 f3 19 9e d7 b8 67 d2 8e 36 d5 1e 49 93 2b 32 49 c0 d3 85 a8 cf 00 d3 0c 6f 4f 52 77 47 53 53 93 89 bf 58 bf bb a1 db 73 1f 84 a7 9c a3 77 70 e4 73 fc 37 ea 97 79 73 19 b8 d1 41 0d b4 34 f1 e6 80 37 71 f5 ea d5 fb cf 3b ef 3c f5 b9 3a cf 64 1f a3 2b a3 e3 c0 d5 5e 2b e8 2b f2 03 59 02 4f fb 86 6d 9b 36 6d 8a 4c 18 95 bd 5d 70 d0 aa 87 6c d3 39 80 e1 50 9d 25 d1 32 ae 62 08 e8 15 9c 50 9c 96 70 d2 5b 2c 2f af 2b 6d a4 47 33 44 7c 41 62 56 61 67 44 e0 41 25 52 a6 a6 b9 0e be 7e 8f 6b ee 28 0e da 2e 38 4b 43 23 f0 43 07 9a 9c 8d 1a fa 6f a9 d7 e7 97 5d f1 c6 fe b5 a9 ca c9 69 c3 ec 9a ce 95 92 cb 38 ca 3e 17 91 cc 0f bb 1f 35 49 7b fc 3a 36 79 2f 7f 7d c8 57 28 98 3c de 9d df 7f b4 85 46 Data Ascii: @z"ne2aDg6I+2IoORwGSSXswps7ysA47q;<:d+^++YOm6mL]pl9P%2bPp[,/+mG3D\|AbVagDA%R~k(.8KC#Co]i8>5I{:6y/}W(<F
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 26 cb 50 5e c3 ba 44 13 58 7d 4b a9 ab b5 3f 40 23 ff cd 63 8f 3d f6 86 e8 62 c2 ed 86 ff 07 49 6f 64 12 f5 42 7b 58 bb c1 09 56 39 c5 61 d0 84 cb f0 b9 1b 5e bf 09 de 23 78 44 72 36 a4 21 ec db c5 d1 e8 d5 de 73 4f 49 9e 5d 76 11 37 82 17 a3 e1 ce 87 29 be 31 b4 6c b4 a9 14 9e 6c 6a 99 15 dc d7 c7 ea f0 dd 26 bc a2 9b 11 d1 17 59 99 7f d5 db bc 6b 87 ec da a1 95 7d f9 9e 7b 12 e3 63 e5 e7 e1 ca ff 34 cb ff 22 a6 c2 78 28 61 03 8a 94 06 8b 1a 74 56 c9 9d 15 f4 36 9a d8 5c cb d1 d6 b3 e9 98 fd dc 6d cb 3e b5 67 28 bd ec f7 3b ee 79 70 b4 1d 77 be 02 89 2f 41 0e 7f f7 40 f5 99 8e e7 f2 b8 f7 1d a7 db bc ef e6 9b a3 63 ee 6c f4 9c 34 a6 c7 69 74 f0 17 19 a8 0f 11 6b 23 15 6e bc 34 20 12 dc 7e 3a 7a 3b f9 2b 78 97 9d 7c 2d 79 ba 83 1b d0 01 4f 1a 6b 15 9a f7 Data Ascii: &P^DX}K?@#c=bIodB{XV9a^#xDr6!sOI]v7)1llj&Yk}{c4"x(atV6\m>g(;ypw/A@cl4itk#n4 ~:z;+x\|-yOk
2025-01-09 20:54:47 UTC	1057	IN	Data Raw: 32 aa 43 f8 8c a0 6a c3 76 11 69 fd 76 05 55 69 83 cf cd f0 8c 67 22 03 13 98 1a 94 6b d3 b8 06 2d ff 14 3f a1 25 5a 41 90 2f fe db f7 3e f4 2b c3 36 c7 c3 db 47 8d c2 e2 e2 7d 87 dd 87 d8 70 6f ab 5d be 7c 44 bb 3e c4 fd cf 88 59 0d e2 89 31 d3 0b 3b 8c a6 8b f8 79 b7 9b d8 13 f6 fa 31 e7 57 6b cb f2 47 f4 e9 ff 67 d4 79 bc d0 38 ee 37 85 b2 99 13 63 6b ae e5 00 e9 bf a1 8c a7 e8 4b c7 30 0c 5c 57 e5 d6 e8 c0 c5 f2 5f 98 46 ea 9e af 2d bf 2e d2 94 21 dc 48 31 da 77 1a c2 f8 65 84 f5 1a 84 b4 5c 30 a1 b0 8e 04 1f e6 01 2f bf b1 66 93 bc 14 af b2 eb bf 17 c1 7e 66 24 97 d8 fd f7 af 28 3d ea f7 5e c1 09 c4 a7 31 87 74 64 fd 6b 4e 43 9f ee f3 bb 1a 8d a6 a6 2e ae 68 ea 9b c4 41 fb 25 ac e4 1d c6 81 49 c6 2f bc ea ae 4d 6f ba 7b 74 cc cc 3f 1d 21 be 82 79 3e Data Ascii: 2CjvivUig"k-?%ZA/>+6G}po]\|D>Y1;y1WkGgy87ckK0\W_F-.!H1we\0/f~f$(=^1tdkNC.hA%I/Mo{t?!y>

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:47 UTC	2877	OUT	GET /images/female/40-60/t-1.jpg HTTP/1.1 Host: visi-sharp.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6InVUVTdBNzV3cldodk16cHVhTEgwQmc9PSIsInZhbHVlIjoiRVVnUkhlTEY1MCtoZFYzTGx4ZzlrOXVJb2c5Q0dVM1ZxRTJpdEhpRVFyREZrOU9KZWhGT2NWdXJrUE5UUkhLOHZ0QUpaRVkzS25ySHB0a1ovcGdweU9JQXRUY28zaEpxOGJUTXE0ZEZaV2ZyRi9zZ3VlenJxaU9rQTQwOEZEakoiLCJtYWMiOiI0N2ZmNWFjMmMzYTdkODkzNGRjYTM1MDhkMWQyZmFkYzVjNTU3MWI4NGM0MWM2ZmRjMWQ0Y2FlMjQ4NzkyM2Q2In0%3D; _=eyJpdiI6IjBpT3R0dHRYalFDWXMxRFhTZVo4Nmc9PSIsInZhbHVlIjoiMEZDdHozdHFRcGdEMWZMOHpYdG9qSGJ5VWRsb1B5bVplSVA3SVUrY1ZVd3p1WWVNY0ZzZW1SWkZRZkRHK0N0c3ZuL05CRi9TcXhETkc2YVR2a2lPRmo3VFdSUnpabkN4ajJQOW5PbU13Vit5NVJSU1VQMVordm41bStmVElKdmoiLCJtYWMiOiJjZGNlNDk4Yzc0NjczOTAxM2MyYTY3OTFjNjExOGJmMGUxNzViMTRiMGY5ODJkNTU5NWEyYjRmMmI2MTVhZmEwIn0%3D; referrer=eyJpdiI6IkU0bU96MXZZRmtnbVFyaXZJR2J4R3c9PSIsInZhbHVlIjoibFB5WFBpWXhFeWhoano1ek9Bdm9ROE16b29lYTAzQTRxNDlDUEhpeEc2bHQwYlhjeDRCSlBQeW1yeDk4Rjk0U3hnbFlwemovSmdBeGgybERRZThqVHc9PSIsIm1hYyI6ImU2NmIzMTY1YzdjNDZlMmQxZjc1MjhkZjI5MjY4NjJlZTA2MmNlZDY3NGRhNWRkNjYyNjIxYzhkODdiZWYwNTQifQ%3D%3D; affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVG [TRUNCATED]
2025-01-09 20:54:47 UTC	996	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:47 GMT Content-Type: image/jpeg Content-Length: 505843 Connection: close Last-Modified: Tue, 21 May 2024 12:01:13 GMT ETag: "664c8d09-7b7f3" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 4675 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JiPrL%2F5SqGUqOVCCDG9PRgbWXYdYiNHt0RS4yvtrtgZszI7EDnMqr0pEtFVVBTIWo73e11J6NOfyxPjgNbCvvSYMX9XtURNs%2Ff85AqEtdJL1%2BrDA0Z7AB8pXqP2KkuCXFA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff753121c310f36-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1504&min_rtt=1489&rtt_var=588&sent=5&recv=8&lost=0&retrans=0&sent_bytes=2832&recv_bytes=3455&delivery_rate=1814791&cwnd=231&unsent_bytes=0&cid=9d5911ebaaaae7f6&ts=150&x=0"
2025-01-09 20:54:47 UTC	373	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 02 02 01 01 02 01 01 01 02 02 02 02 02 02 02 02 02 01 02 02 02 02 02 02 02 02 02 02 ff db 00 43 01 01 01 01 01 01 01 01 01 01 01 02 01 01 01 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 ff c2 00 11 08 04 00 04 00 03 01 22 00 02 11 01 03 11 01 ff c4 00 1e 00 00 02 02 03 01 01 01 01 00 00 00 00 00 00 00 00 05 06 03 04 02 07 08 01 00 09 0a ff c4 00 1c 01 00 02 03 01 01 01 01 00 00 00 00 00 00 00 00 00 02 03 00 01 04 05 06 07 08 ff da 00 0c 03 01 00 02 10 03 10 00 00 01 77 2b Data Ascii: JFIFCC"w+
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: a6 ef 1d 31 64 23 d2 74 a5 6c d2 ca cc c3 6c 9b 37 49 95 4b 36 06 c7 d3 0d e5 4e ba 99 d0 63 d3 a5 4b 61 2c 2b 62 f1 63 31 1c c8 b8 4d 51 f9 12 83 e8 16 b7 58 d8 6b 4c 9a 1b 5e 6f 2d 58 70 83 15 b7 70 9a 0a c9 79 ac 89 6d 6d 3f b0 a0 ef a4 6a 78 0c c2 10 b3 25 c5 9c 34 81 a2 ad 8d 58 42 f5 5a 6e c8 5e 38 e5 6f 0d e5 ca 9b d9 89 ab a9 b6 72 32 e0 39 46 2f 83 76 58 71 03 90 c3 4b b9 3f ba 84 1a 38 c2 d5 aa 04 77 1a a2 51 bb 4f 05 91 e5 ab e0 10 6a 09 6f f0 59 ea 1b ee 63 35 2e dd f4 47 d9 44 c8 05 a8 0b da 3b ef 96 f7 37 1b 3f 4f 4f 03 af 33 2e bf ad b8 e8 a5 da 58 1e e9 05 99 7a ed d2 d3 02 33 d7 f1 93 37 d8 13 d3 17 c1 b6 e5 8b 39 f9 dd b5 68 5b 07 ce 4c 22 22 4e e4 ac d8 64 f0 ef 07 7a 4b 37 bb 29 3a e4 9c f4 92 62 2e 31 a4 37 4a d3 4c c1 3c 8f d0 c5 a4 Data Ascii: 1d#tll7IK6NcKa,+bc1MQXkL^o-Xppymm?jx%4XBZn^8or29F/vXqK?8wQOjoYc5.GD;7?OO3.Xz379h[L""NdzK7):b.17JL<
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: d9 a9 5c ad 8f 91 2c b1 0d 9a 5e b5 e3 02 93 02 ab 64 b5 b5 1d 9c 96 2c 33 e8 e2 2b 38 22 cf eb a9 c2 32 8c ba c8 8d 3b 00 4a 16 31 6b 30 3e 6d 6b 15 93 d5 14 92 b7 4c 75 91 80 90 de 72 be e0 63 20 21 20 6c 1c 3d 47 80 a9 f0 f6 b2 ca 4d b5 1a 2b 99 d7 d8 de 30 32 a5 68 88 55 87 a7 e2 5a 5a ea 39 75 80 c1 62 8b ae bf 06 08 72 00 59 74 57 b5 b8 67 a8 39 68 eb 6d 91 a5 5c bc 2b 4a 21 17 48 ce a0 cb d9 ab 24 8a e6 a7 5f 4a b6 15 b4 a3 7a 6f b7 6c d0 f3 ae d3 46 17 5a 39 ce f2 16 09 32 28 54 87 be 26 26 ab 6c a0 aa 46 a6 99 f6 bf 3c 56 c8 9c b9 8e c4 db 31 69 16 2a 63 32 16 95 b9 1a 64 4b 51 c6 ec 51 79 1b ac 16 f6 72 e7 13 46 b0 5e 7a 5f de 8b 5c ed bb f8 6f db e2 d7 57 97 48 7d 6c 62 23 30 f6 02 d9 06 75 da 37 c0 ea 6e b7 49 1f 34 d1 2a 54 18 d1 1d 8a fc 72 Data Ascii: \,^d,3+8"2;J1k0>mkLurc ! l=GM+02hUZZ9ubrYtWg9hm\+J!H$_JzolFZ92(T&&lF<V1ic2dKQQyrF^z_\oWH}lb#0u7nI4Tr
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 13 f6 68 2d 2d d7 15 dd e4 e7 e7 c3 69 a5 3e 64 cd b1 89 eb 63 3c 1e c3 5e 22 62 c6 4c 44 90 d8 c3 53 b9 c5 63 b3 a0 5f 0f 66 d3 74 a4 23 65 58 17 85 36 06 cb cf 07 5f c0 78 90 64 aa a9 84 5b 61 35 03 77 d0 34 2a 55 be 91 e1 c9 9b 5f 51 fa 85 ea 5e 6c e8 ae 5b f7 cb a4 1a 21 dd 1b b5 6c 4d 57 0e c3 27 ae 9a 0c 0d ca 28 58 d9 7a 43 28 d4 64 0b e4 a5 7f 13 5b b5 25 a9 05 b0 89 33 4f 87 97 09 95 ab 90 9d aa c3 c5 0d b3 2b d1 c2 e8 3c 52 e5 2a b5 63 57 44 d6 26 25 42 8f 03 a3 6f c1 86 fc bf 18 c5 6c c9 9a 88 c7 63 c0 0f d3 14 ee d1 5a a3 3b 65 12 a1 06 79 a1 2d 2d ed fa 14 7a e2 d3 b9 89 35 11 97 47 05 b9 1d c1 bc a8 42 53 1e 6a 5d ae ae 6f dd 66 96 28 27 9f 0b 71 2e 86 3e 95 de 13 10 aa 6d a3 a0 ec 01 9c 54 60 f9 88 d5 c1 36 ba c6 9c 88 98 b2 01 d7 8c 04 f7 Data Ascii: h--i>dc<^"bLDSc_ft#eX6_xd[a5w4U_Q^l[!lMW'(XzC(d[%3O+<RcWD&%BolcZ;ey--z5GBSj]of('q.>mT`6
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 08 4d 56 0c 5d 4d 83 6f b4 5a e6 eb 42 1c ed 4a db ae 80 bf ad 74 2b 53 fe 7c 7e a4 71 0f b0 be 73 16 64 4f a5 65 06 65 ec 18 66 52 d8 ab 95 60 65 76 57 8d bb 36 0f 83 41 b0 92 9b 17 40 bb a0 87 1c 5d 20 44 bd 69 5b bd bb 68 62 2e 0c b0 d8 0b 68 7c 5c 07 a9 b5 e6 3b 74 5d 47 c3 94 e5 60 62 78 58 54 70 2d 91 00 2a ec 58 4a 01 4d a2 28 6a e5 4c 55 95 7a cd cb 36 32 dc bc 62 e0 db c6 3e 2a 13 39 78 28 af 99 5f 2e 33 60 df 4a 38 f4 3c 48 1a 9b d4 5d 54 c5 14 6a 43 8c dd 5c da 68 47 8d 45 5e 74 2f 53 08 1c 23 38 e8 40 f1 bd 85 85 5f 7d 26 34 b0 25 c9 69 a0 18 2b 58 76 4d 46 a3 b5 75 86 8c 49 69 db 23 5e f4 39 88 22 1b 16 fa 3c 98 6b 96 fb 4e 62 af 1a 43 6f b1 46 c4 16 0b a3 31 14 e4 b3 e9 77 d8 4f 4d 2c 21 42 d0 8a ac d7 27 81 83 5e 89 af 6e 91 0a 91 48 b1 78 Data Ascii: MV]MoZBJt+S\|~qsdOeefR`evW6A@] Di[hb.h\|\;t]G`bxXTp-XJM(jLUz62b>9x(_.3`J8<H]TjC\hGE^t/S#8@_}&4%i+XvMFuIi#^9"<kNbCoF1wOM,!B'^nHx
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 04 26 1b 0b e2 3e 5b a8 85 9c f2 18 8b 14 f2 59 63 3c b7 25 d3 f2 6c a9 96 2f d2 b0 da 92 99 1a ac 0a b9 7d e2 e4 35 2d 7b 52 38 8f e6 76 0c b5 ff 00 8a b3 cf 3b 85 28 7d 62 2b a9 2a fb 34 a8 8d 80 ac 31 ae 45 d9 0a 34 d0 5d b4 36 d4 2d 72 c8 51 4a 74 29 d5 91 90 3c ab 84 e7 19 95 d5 a8 49 cf 77 52 3c a4 83 5e 02 54 08 02 e5 94 8a 54 9a c9 f4 45 35 1e 8c 91 b9 14 e9 fc 43 5e 34 f4 0d 82 a5 d2 e5 eb 46 f8 12 77 f3 36 d6 bd 98 4e bc ab 81 4a 92 59 a5 5f b6 08 66 57 85 78 41 e9 01 32 d4 19 51 91 31 ab 85 6a e7 84 3e 5b f2 a5 d2 fd ea ac 2b 0e a1 e8 70 06 7c 37 14 c5 40 f8 8e 4b 40 ae af 30 87 52 aa 11 ce e5 9a 36 a8 7a cf 47 5f 6c 6a 4d 94 03 d2 bb c3 9f 77 4f 92 d1 be 0e a7 97 f1 b9 89 84 10 8b ca e5 ba 9f d3 6f 5b 53 b7 1c 75 c3 b6 ed cf 17 95 25 37 11 13 Data Ascii: &>[Yc<%l/}5-{R8v;(}b+*41E4]6-rQJt)<IwR<^TTE5C^4Fw6NJY_fWxA2Q1j>[+p\|7@K@0R6zG_ljMwOo[Su%7
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: ac 2d bc 53 aa 5f a9 30 b5 aa 1a d2 58 59 f8 58 45 76 43 15 07 d6 21 b5 18 2b e2 46 2b 5c 5e 83 7d 2d fa 38 62 57 58 c2 5a d2 c4 b1 2b 1a 69 48 33 0d bc ec 13 f6 40 5e cf 13 57 e2 c4 af b3 10 af 17 d6 58 96 15 16 05 cb aa 96 d7 c5 90 97 8f 3b 24 03 2b 5e 96 0a 7d a2 b5 ae e4 14 c2 1e 08 57 94 bd 92 95 76 56 c6 4d 3b f2 ae 35 c1 35 c7 0e 52 91 06 cb 73 8b 96 5b 27 b4 bf 3e d9 14 da fd 7f 67 63 6e 6d 51 b8 bc 92 b6 c6 c4 4b da be 41 ea 3a bb a1 d4 b6 d7 26 2f f4 e0 3e ee 4d 61 b8 6d 38 a7 39 86 4a 24 b9 89 28 c0 ac 5f 1a 59 64 0d 6d 2f b3 4f 3c 37 6b 13 62 f1 2f 43 a0 66 bf de 01 b7 17 02 68 2e d1 e3 be f3 35 2b a2 cb 7e ad 6a 41 c9 5a 86 c9 6a ad 4a 39 76 3e af 68 e7 f4 b7 d3 76 a7 da 3c 2f 40 c1 78 11 6c db af 5b a3 35 91 a9 2a 1a 39 05 b6 02 25 40 c8 fb Data Ascii: -S_0XYXEvC!+F+\^}-8bWXZ+iH3@^WX;$+^}WvVM;55Rs['>gcnmQKA:&/>Mam89J$(_Ydm/O<7kb/Cfh.5+~jAZjJ9v>hv</@xl[5*9%@
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 5f 88 8a ae 46 1d 99 91 11 9e f5 e7 43 89 a6 d7 76 7e bf eb f1 50 a2 34 b2 dc d3 de 50 8d aa bd 29 6b 16 23 8c d2 18 36 4b 21 c7 68 c3 43 3f d2 a4 e9 6d 03 bc bc f6 57 08 b0 15 e4 39 57 20 a3 93 2e 79 e3 65 d9 29 9b 20 45 e7 f9 c1 73 db 1e bf a9 b5 3a 57 9c 3a 33 9b 9b a1 76 86 a3 d8 3c 4d bb 07 30 92 73 35 d8 15 10 dc bc cb 76 81 4c 8c 19 00 b2 22 f0 e0 2a 7c 4d 38 47 6b e2 d5 89 4a 85 a9 cc 4e 88 3b 25 1a 59 98 51 6f df 45 cd 6e f6 bd 27 fe 6d eb d7 60 1f 54 4e 8d ba 10 e9 b9 46 91 b2 2a 7f 4b 6f 3d 67 ba 7c af ac 96 d6 12 a3 59 af 0a 26 1a cc 06 a8 2a ce 9d 26 32 f6 48 95 b6 3d 22 5a 10 97 f5 b3 05 35 c7 b5 36 29 26 b9 e9 b4 66 58 9e fd 19 18 dc 34 d9 ac fa b7 9b 2e aa 69 4e 96 fc d2 0d 27 4b 8c a2 bd bb 39 38 ab 04 44 a7 0b 7a 98 57 54 ed 94 7b 55 4b Data Ascii: _FCv~P4P)k#6K!hC?mW9W .ye) Es:W:3v<M0s5vL"\|M8GkJN;%YQoEn'm`TNFKo=g\|Y&*&2H="Z56)&fX4.iN'K98DzWT{UK
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 19 8d 68 11 3d 0d 25 8a 92 ed 0c e6 d9 05 d2 f2 94 ee 9a f8 9b 5e 94 96 2d a1 a0 2a 36 c9 41 03 64 a4 3f 9b ce fa e7 6c 6a 4e a7 09 0c 83 35 ad 58 94 f0 2a 21 2f 89 eb 5e f4 9e 7d 8e 5a 73 7c a0 61 ed f3 f7 4e f3 f7 45 65 ed e9 dd 29 b4 b5 d7 6f e4 fb 93 ab 75 3e f4 0e 26 cd 22 87 7f aa f6 50 f4 70 7b 44 2d b3 2f f3 96 bd ee 55 71 a3 f3 2e 28 fd ea 6e 63 db 9a 53 6c e0 ad f6 4d 74 af 93 c6 08 31 91 ed cf 99 8a ac 0d 4e 6e 02 5b b9 2b 67 73 59 6a c1 18 d9 00 34 a7 57 ca 9b 10 03 dd a3 d0 37 4a 3e 9c 5a 68 63 9a bc 40 cb 76 0d bf 40 d3 96 1e cb 6f c6 d8 ee 67 dd cc 7c bb fa 07 f9 fb eb 7a 62 3b 9b 88 3b 79 9d 97 12 1f 59 e4 fa 1c 44 b6 34 31 08 28 ed fa d5 93 62 6b 35 8e 7d 56 80 ba a4 bb 47 4f 9f ac 18 b7 09 47 06 b6 97 6d 46 dc dc 85 f7 40 6b dd 58 f5 ec Data Ascii: h=%^-6Ad?ljN5X!/^}Zs\|aNEe)ou>&"Pp{D-/Uq.(ncSlMt1Nn[+gsYj4W7J>Zhc@v@og\|zb;;yYD41(bk5}VGOGmF@kX
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: f6 b6 a8 32 5c 29 59 93 16 c1 83 5b c5 35 22 06 96 c2 ed 5f 4d ef 50 06 1a 79 f7 5f a4 83 b7 ad bd 5a d0 41 b2 eb 82 f5 c8 38 ae 4f 20 3a 5b 01 0c 1a 59 ba 47 69 7c 25 ec 0c c5 48 96 31 d5 54 64 53 ac 32 85 22 2b 70 26 aa 6e 2e 9d b2 23 a0 d8 0c 26 a8 41 21 44 93 8c 15 2e 03 25 7c 26 b8 e2 56 43 bd 99 88 ab 7e 86 d7 d3 93 92 85 ed 8d 38 5d 40 8c 6b 4e cb db b4 77 3e bf dd 83 9b 9a 38 c3 a7 79 e3 47 8c d8 86 a9 9f f3 fc 32 a3 2a 0f f2 7c f3 0f fa 9b 63 fa 5e 56 cd d8 9a bb 64 fd 63 3e e0 71 44 6c f6 54 58 57 83 92 7f 82 ac 54 18 3e 73 e9 b6 76 e9 d3 9b ab cd e3 d8 2f a9 2e 7e 77 33 a1 b5 43 18 dd 7c 1e 2b 62 ab 4b 71 a8 da 4e ca 93 7f 30 bf 31 eb e7 78 c7 63 2a c5 1f bc c5 90 64 86 78 11 8d 77 54 03 4a f8 5c c7 56 cc 30 b3 41 ea 78 84 2d 63 01 31 c7 da d4 Data Ascii: 2\)Y[5"_MPy_ZA8O :[YGi\|%H1TdS2"+p&n.#&A!D.%\|&VC~8]@kNw>8yG2\|c^Vdc>qDlTXWT>sv/.~w3C\|+bKqN01xcdxwTJ\V0Ax-c1

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:47 UTC	2825	OUT	GET /images/male/30-40/t-2.jpg HTTP/1.1 Host: visi-sharp.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6ImdMbDIvQUU0VTZSRzNWSmZjdWxlTUE9PSIsInZhbHVlIjoieHlvRzhmZW1sSlBXWW9TTkQvZC9uMzRDNHZXY0xzdzJyUVNVTGNzQTFtQ1ppQmoxMDVGalBETUROK1pqc1Z5aFU1aXVEVlBmWmp3cDVVeG9mczdDTFA0alA5L0hJVjVyckE1V [TRUNCATED]
2025-01-09 20:54:47 UTC	1000	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:47 GMT Content-Type: image/jpeg Content-Length: 425962 Connection: close Last-Modified: Tue, 21 May 2024 12:01:13 GMT ETag: "664c8d09-67fea" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 4675 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mCFjp7L3dwbf24q4vMYjY2rCh4%2Fo9dEmYgnde9394gsEx6DM%2FWe5dwhKJYHJ08iLNtrYYwkXy2Kmp1gWyIKFYmYh5THczw3B5RopKvm%2Bk9wy1ojUrQ%2B1aBKE4XMvo%2FltTg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff753121b43c443-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1582&min_rtt=1582&rtt_var=594&sent=4&recv=8&lost=0&retrans=0&sent_bytes=2834&recv_bytes=3403&delivery_rate=1838790&cwnd=244&unsent_bytes=0&cid=efc4a3bd0442d5f2&ts=117&x=0"
2025-01-09 20:54:47 UTC	369	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 02 02 01 01 02 01 01 01 02 02 02 02 02 02 02 02 02 01 02 02 02 02 02 02 02 02 02 02 ff db 00 43 01 01 01 01 01 01 01 01 01 01 01 02 01 01 01 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 ff c2 00 11 08 04 00 04 00 03 01 22 00 02 11 01 03 11 01 ff c4 00 1e 00 00 00 07 01 01 01 01 00 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 00 08 09 0a ff c4 00 1b 01 00 03 01 01 01 01 01 00 00 00 00 00 00 00 00 00 01 02 03 04 00 05 06 07 ff da 00 0c 03 01 00 02 10 03 10 00 00 01 fa 6e 97 Data Ascii: JFIFCC"n
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 72 38 55 f4 1e af 4c 47 3f 45 bb 4a d0 93 a1 5a 22 99 a2 ed d5 d6 1a 5d 0a 54 41 6d cf 11 63 77 e3 15 60 86 42 2c 0c ae 16 72 59 5b 62 73 d6 86 f0 14 c9 8e 47 c5 4a b5 06 b5 c7 d5 aa 99 ab a0 e7 6d 62 51 d9 a2 70 d9 24 ca e5 0d d2 70 f5 83 aa 09 67 23 25 b6 71 0a 4a 08 e5 2d 10 52 d9 de 7e 31 78 e4 65 dd b2 3d a6 fd cc 5b 96 e7 aa b1 5f 8a e2 91 c7 1b 93 37 12 11 5e 1c 82 2f 4b dc c8 5c 95 b9 99 9c 90 08 f0 7e 04 45 96 4d 33 d1 88 4a 83 74 2a 72 c8 d5 23 4a f5 0b 2b 30 76 ab 8d 5c dc 6f cf 7d 8e 37 75 62 01 dc 58 4c 41 23 8e 40 1c 20 1d c4 dc 1c bd c4 31 1b 84 38 78 10 a6 e2 52 45 c9 00 6e 93 b4 78 34 23 c4 dd 9b a4 fc 27 d1 c4 96 4e 82 25 39 7e 3d 12 13 44 e1 14 a4 a0 f7 45 f4 a8 30 8d 3b e3 f0 60 2f b8 f3 33 3b 16 0d d3 76 65 31 8b ba 1e 62 8b a3 28 45 Data Ascii: r8ULG?EJZ"]TAmcw`B,rY[bsGJmbQp$pg#%qJ-R~1xe=[_7^/K\~EM3Jt*r#J+0v\o}7ubXLA#@ 18xREnx4#'N%9~=DE0;`/3;ve1b(E
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 57 6d 9e f3 a6 ec 45 6a 47 3c bf 71 a4 d3 f4 0a bb 08 07 90 2d c9 d6 aa 56 34 07 53 da bb ba b9 46 81 a4 e7 c7 a6 ef 0d 32 09 59 db 77 4c 21 78 9b c4 64 87 75 eb 1a d5 29 9c 9c f1 e0 af 67 3a 4c 93 6a c8 29 96 24 15 d9 5e 68 d2 10 a4 ed 39 fb de 7c aa a7 78 ac b2 df da 4c 3b 5e a2 57 f4 3a fb 2d df 42 c5 e0 5e 16 49 ec f3 41 b2 7a 32 67 0e b1 47 b6 7d 43 cd 97 98 35 9e e5 e5 9d 85 a3 e8 2b 55 16 47 22 e8 92 b9 85 ae 82 c4 9b d2 74 1a 8a dc 0a 49 b9 23 2a 5c b8 77 20 55 f9 83 71 5f bb 9b 83 92 1e 40 56 1e 0d 0a f7 b8 b3 2b e2 90 cc ce 4d c5 8b 79 84 39 5f 2c 92 98 b5 1c a2 0e bc 53 81 e2 0f 00 e3 07 72 12 18 a2 cc 7e ee 40 5e ee ee e2 08 50 94 e0 2a 4b dc 3c a1 dc 1c 0a 53 01 e0 ee e2 04 8a a6 8a 89 4c 56 64 ce 92 dc 0e 47 24 54 65 1c bd 34 b5 9b 29 3e 79 Data Ascii: WmEjG<q-V4SF2YwL!xdu)g:Lj)$^h9\|xL;^W:-B^IAz2gG}C5+UG"tI#\w Uq_@V+My9_,Sr~@^PK<SLVdG$Te4)>y
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: cb 88 43 73 b1 4a 60 e0 27 03 2f 01 4e 56 04 e3 02 39 4a 23 dc 03 c0 07 10 e0 cc 21 c2 a8 05 12 52 68 45 cd d1 34 77 9e 32 2b f6 77 ae b0 f3 f3 5c f4 43 52 a3 4c f1 46 0e d9 4c b4 e0 b3 c9 1f 3a 26 8f 46 65 d9 0d 9b 2f a1 70 d5 eb de b6 c1 ea 25 ad 4f d8 e3 a3 3f 4a ec e4 52 b0 d2 f0 53 d9 5c 06 91 4c e3 11 0f a1 30 55 cf 20 f4 18 6d 78 54 66 d2 c0 dd 99 30 d9 65 dc 44 25 54 d1 e3 6a f3 3b 54 00 ad 11 cd b2 01 46 75 25 65 7c 56 87 70 71 68 9d e2 24 9e d9 f8 55 ac 16 09 5e 76 b5 bb db ee 10 d2 6f 43 b9 19 24 ed 17 84 60 4a 94 a2 4c 64 c1 16 26 2a c2 41 d9 f6 69 b5 d2 65 4c 4f 23 f5 26 74 e9 e7 ac eb 57 52 f8 3c b5 7a d0 20 b5 60 ae cc 41 53 69 1d 92 6f 20 b8 da 02 bb 5a 21 4b 55 3e d5 58 ee b5 db 30 8b 82 b5 b2 aa 67 6f 3d cf 7b f9 f3 e8 88 b7 d1 eb c7 86 Data Ascii: CsJ`'/NV9J#!RhE4w2+w\CRLFL:&Fe/p%O?JRS\L0U mxTf0eD%Tj;TFu%e\|Vpqh$U^voC$`JLd&*AieLO#&tWR<z `ASio Z!KU>X0go={
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 2c 5f cf de a6 c3 77 79 9e 4c 73 29 47 f6 3c 19 ac b2 f3 0f ab 14 95 d7 1a d3 e9 2c 8a 4e 52 a2 47 a4 30 eb 8b 3e 0f ab 8b d7 47 6c 85 a5 e9 49 d0 3e c4 f0 a7 b4 f2 69 fa 45 a8 f8 3f dd f8 64 b7 10 e9 20 30 13 94 08 3c 1c 3b 81 38 4c 43 bf 09 81 32 a0 a1 0d c4 7b 8b 40 53 90 41 50 81 dc 47 84 bc c2 64 d5 5e 28 89 97 88 06 25 00 71 c3 8f 10 c0 08 f0 72 82 18 a5 76 51 33 08 54 c8 62 f7 71 46 81 4c de 28 b0 d0 2d be ad 68 fa 3e 78 65 d3 39 95 db 55 66 c5 e4 5a ec 9e 7f a9 ae fa ee 87 b1 78 bf 41 2d 35 1f 2b b7 23 c7 51 ed f5 65 91 8d 06 f9 b5 20 cd 66 32 bc 5a ef 1b cf 52 a2 d8 96 e1 41 98 f3 b8 4d 23 72 15 25 23 07 36 e4 e4 25 a5 03 19 bb 70 11 27 1c e8 95 c3 54 66 c7 e5 52 8e dc 47 85 33 19 a2 c9 25 8a f1 03 27 3d 2c 78 bc 9e 29 1c 5e 57 24 8c 26 7b 4e a5 Data Ascii: ,_wyLs)G<,NRG0>GlI>iE?d 0<;8LC2{@SAPGd^(%qrvQ3TbqFL(-h>xe9UfZxA-5+#Qe f2ZRAM#r%#6%p'TfRG3%'=,x)^W$&{N
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 0a 65 31 c3 22 f8 05 54 59 3c 4c 3b 31 e2 a5 59 36 91 5e 54 62 0b 2a 62 c7 9d 46 a8 6a d6 40 d3 35 d3 4c b4 41 1e 45 e3 c1 92 64 84 67 3c c3 ba dd a0 ab 67 89 15 11 74 f8 dd 34 18 38 8a 2b 0f 97 6b 19 b6 ac 54 cc 1f 74 cf fd 4f 1b 2b ab d8 23 b7 f9 b3 f8 56 b5 92 eb c9 60 a9 4d 06 88 3f ca f4 ab 23 cf 06 d3 2a 76 65 62 54 f7 78 58 b6 37 67 b9 56 43 5d 7e af fc c5 fa f9 93 3e ee 02 4f 1f 41 40 c6 31 4c 0c 4a 38 88 1d 38 0c 98 82 a0 00 70 e3 26 6d 0a a1 78 1d 79 54 95 99 e4 8e 47 22 20 29 c4 12 28 5c 43 bb 94 a9 2a 8b 93 2c 99 f2 92 f1 b9 c1 0a a1 58 94 40 e3 8b c6 e7 09 88 29 cb 91 f9 c3 72 c0 3d 81 09 58 b7 4c 9a d4 5f 4a c6 17 b4 e9 f9 7e eb e7 fa 5b 4d e2 af 67 cd b9 36 c6 6b 2b 84 54 9b 29 5d 33 aa 0c 48 8b a6 1c e8 11 c7 2d d0 6f 22 6e a5 78 d3 85 2d Data Ascii: e1"TY<L;1Y6^TbbFj@5LAEdg<gt48+kTtO+#V`M?#vebTxX7gVC]~>OA@1LJ88p&mxyTG" )(\C*,X@)r=XL_J~[Mg6k+T)]3H-o"nx-
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: d8 71 e1 09 6b 0f 75 37 f1 c1 c5 7d 6a 5f 30 4a 67 d7 b7 ab 92 25 2d 3a cc 55 6e 47 36 b9 79 38 67 53 d1 66 2b 56 1d 67 6d e2 c5 69 37 33 58 93 a4 e4 a3 59 b2 e7 74 7a eb 80 25 9a 46 c6 f0 70 f6 08 ee b6 a5 a8 4d 9f 36 93 19 9b d7 69 8f 6c 90 f3 3b d7 8f a2 e2 70 38 e7 cf e8 a2 f9 d4 a0 7a 58 de 66 8e 57 f4 2c 0f 9f 2a 85 3d e1 7a f9 f7 aa 2d 3d ce 39 86 8d 0d 2b 22 f9 8c 6f 18 8c bb 19 d9 b3 15 99 73 c9 26 d9 5c e1 f4 03 a6 72 a5 3f 3c d3 a8 9a f3 e2 a5 9e cb 7d 8f 9c 84 cf 35 8c f3 d7 f0 61 1f 8d 02 d0 8d 61 08 8d 23 79 d9 30 1b c1 5b 61 93 36 7b 6a 1f 51 be 68 fd 75 f2 e7 6c 5d 25 31 b1 4a 60 e9 a4 0a 26 58 40 4a ac 72 88 48 94 4a 2c e2 51 23 07 22 45 35 44 38 4a 54 fc 41 2c 63 14 ca c0 45 08 78 03 83 b8 7b b9 1f 84 82 38 40 43 80 a6 3d dc 1c 1c 38 c1 Data Ascii: qku7}j_0Jg%-:UnG6y8gSf+Vgmi73XYtz%FpM6il;p8zXfW,*=z-=9+"os&\r?<}5aa#y0[a6{jQhul]%1J`&X@JrHJ,Q#"E5D8JTA,cEx{8@C=8
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 65 c9 f8 45 c7 27 ba ab 9e 61 de 27 78 9a 57 ad 5e ca de 5b d7 eb 58 86 6b fa d1 1c d6 ff 00 1b 46 d3 f4 48 ca 8a 33 89 b6 92 9e 9b b4 61 ba 7c ed 71 90 af 3d 05 ed 96 af 68 eb 1d 9c 9b 17 5a a6 75 a7 67 1a bc cf 39 61 7e 94 c4 bd df 97 ce 2a cf aa 5b 7c eb ad 4b 55 c6 a7 5b 7d 9f 2c d6 a3 a4 df 47 bc 2f ea 5f 33 e9 7d e1 a0 f8 c3 62 cd af 7d 45 a3 b3 f1 68 11 52 46 05 1e 28 ee ee 05 6e e2 99 18 bc 21 c0 13 51 20 ee 8c 53 7a 19 cc 43 26 ca 72 71 03 71 4a 97 32 6d c5 a9 e5 11 04 92 86 04 79 0a e7 6c af 07 8b b3 70 c1 da 8d d7 28 b9 53 39 e2 87 03 70 0f 70 2b ba 66 d1 5a 7a 91 17 e5 0d df 57 bd d3 32 4d b7 6f cd e2 be 92 f3 d7 ad 32 5a f6 a9 06 3e 9e 7f 96 69 d9 9e 0d b9 f5 b6 02 c7 43 4b f1 07 a5 bc 67 8f 76 d1 b1 64 7e 5f f4 30 5e 3c d7 7e ed fe 3e 34 8d Data Ascii: eE'a'xW^[XkFH3a\|q=hZug9a~*[\|KU[},G/_3}b}EhRF(n!Q SzC&rqqJ2mylp(S9pp+fZzW2Mo2Z>iCKgvd~_0^<~>4
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 3b 84 3a 4e 81 5c d8 6b 1b b0 d3 42 6b b6 ca 9d 5b d4 1b cb 6e 6b 32 ea 26 4d 28 d6 31 b0 13 73 c5 b0 e7 a8 ba 97 74 66 d2 75 c4 d3 c4 1d 10 ed 18 a6 0f a1 f3 da 4e 6a 22 dc 84 d2 ed 9d 77 1d d3 47 2c 2b 6e 24 63 46 88 a6 aa b1 25 0a 65 be b0 73 79 4b 2a d7 b2 df 77 e5 f5 6c 6f 62 c7 f5 e3 b8 df eb d6 cf 03 eb 1c 6b 8c b5 38 6f 6f 91 6f 38 fe 6f 57 cc 70 36 88 41 f5 b6 ef 59 f9 37 d1 6f e0 fd 0e e0 1f 4b f1 23 01 01 64 62 72 74 51 29 08 8c a1 08 45 a9 93 22 2c 66 8c 53 ed cb c5 3a 65 12 66 f1 af 3b 16 52 0d 0b 32 45 d9 21 46 25 76 0f cd 88 e8 a5 5b 15 c7 2f 22 b9 55 47 74 e9 a3 86 57 8e 5a 39 a2 ae 29 8a f0 80 15 48 98 86 56 36 0b be 64 67 eb 3e 7f fa cf cf 9b c4 7e 91 4f 4b 79 67 d2 5e a7 e7 da 73 64 5d b6 b6 c5 9c 63 9b 45 66 3a 66 0f 36 a8 f2 30 77 0b Data Ascii: ;:N\kBk[nk2&M(1stfuNj"wG,+n$cF%esyK*wlobk8ooo8oWp6AY7oK#dbrtQ)E",fS:ef;R2E!F%v[/"UGtWZ9)HV6dg>~OKyg^sd]cEf:f60w
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: f2 37 af 3c b7 e6 7d 3f 99 ad d0 d6 28 fb db 9e bb 99 e9 90 96 3b 74 a1 68 76 d5 e8 3d f7 2d d5 3d 3f c8 04 a3 c3 ca 12 8f 15 21 0c 00 94 38 aa 13 22 a1 c5 12 ae 4e 6b 10 28 5d 99 48 02 3c 53 6c e5 bb 94 90 55 b4 2a 92 67 22 54 bc 6e 6e e3 f2 8c a2 72 aa 78 ca 94 fc 38 44 fc a9 91 70 1c 82 6b 91 42 49 2e 92 50 89 9d 39 b7 10 c7 e2 18 be d9 11 e8 7d 87 cd 5f 4a e1 9e 9a db e4 ee ab 43 bd f2 3d 35 52 21 d3 60 24 11 f3 d0 78 15 d8 47 74 c3 d4 65 1e 4f 4c 94 85 e1 c2 d0 bc ce 05 38 c5 0e 21 da 42 43 52 f9 ff 00 50 f2 7a 52 7e d1 f3 07 b3 3d af 9d 8c 8e e6 7b 32 bf a6 da 29 eb aa 32 19 78 ef 3f d4 98 7b 52 78 d2 90 aa ca 45 a5 51 8c 7e c6 6c d5 29 07 b2 b7 9e 58 5c f2 1c 8b ac de b1 5d 4e 3a ef b2 35 7b 1f a3 e7 cc f3 55 e9 37 4e e3 89 ce eb 9b 24 b5 94 6a d3 Data Ascii: 7<}?(;thv=-=?!8"Nk(]H<SlU*g"Tnnrx8DpkBI.P9}_JC=5R!`$xGteOL8!BCRPzR~={2)2x?{RxEQ~l)X\]N:5{U7N$j

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:47 UTC	2527	OUT	GET /images/most_popular_v2.png HTTP/1.1 Host: visi-sharp.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6ImdMbDIvQUU0VTZSRzNWSmZjdWxlTUE9PSIsInZhbHVlIjoieHlvRzhmZW1sSlBXWW9TTkQvZC9uMzRDNHZXY0xzdzJyUVNVTGNzQTFtQ1ppQmoxMDVGalBETUROK1pqc1Z5aFU1aXVEVlBmWmp3cDVVeG9mczdDTFA0alA5L0hJVjVyckE1V [TRUNCATED]
2025-01-09 20:54:47 UTC	998	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:47 GMT Content-Type: image/png Content-Length: 157266 Connection: close Last-Modified: Tue, 21 May 2024 12:01:13 GMT ETag: "664c8d09-26652" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 6642 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jXdzXJKbO3gg6Sig4Dak1VAve%2BOiloxIEhwkGrp0yjgXiaDVZYnwQuYlV%2BOJ0HwxqCNvuxpiGB%2BcA946LNruyzwV3evTJrVGOp9%2BBZFRCzwVELR5PSyDu0HFXqKZ%2FDkK0w%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff753132aec4344-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1682&min_rtt=1667&rtt_var=656&sent=4&recv=8&lost=0&retrans=0&sent_bytes=2832&recv_bytes=3105&delivery_rate=1631284&cwnd=47&unsent_bytes=0&cid=e86f3647f59d4670&ts=116&x=0"
2025-01-09 20:54:47 UTC	371	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 ee 00 00 01 ab 08 06 00 00 00 06 82 74 89 00 00 20 00 49 44 41 54 78 9c ec 5d 05 9c 1c d5 fd ff be 99 dd bd 3d 97 e4 2e 76 f1 60 21 40 20 02 c4 f0 a0 81 e2 d2 02 29 12 20 58 5b 68 71 77 f7 e0 94 e2 10 a4 68 21 48 20 6e 24 90 d0 04 8d dc c5 fd ee 72 ba bb f3 fe 9f 99 79 f2 7b 33 7b 38 ed 3f e9 fc e0 b2 b3 33 cf e6 cd ec fb be 9f 33 ce 39 22 8a 28 a2 ff 2e 2d 1a 7f c6 a9 1c dc 86 fb 73 64 00 63 ac b9 fb 9e 0f ff e3 bf 39 a8 e5 d3 46 ef e9 70 de 1e ee a0 18 b8 65 c5 d2 1d 07 de ff 4a f4 aa 44 14 d1 7f 97 22 e0 8e 28 a2 ff 12 2d 1a 7f c6 3d 56 cc 3e 80 d9 6c eb 58 2c 06 3b 27 0e ef f7 e8 00 99 4c 0a 4e 2a 0d 27 e3 2c e0 0e 7f ab db 1e 0f ff ed 3f 31 ca a5 53 ce ba 02 0c 87 5a b6 d5 df 76 c7 14 b3 61 59 Data Ascii: PNGIHDRt IDATx]=.v`!@ ) X[hqwh!H n$ry{3{8?339"(.-sdc9FpeJD"(-=V>lX,;'LN*',?1SZvaY
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: a1 a5 b9 09 2d 8d 2d 6b 19 70 59 87 81 0f 3c 12 bd 43 11 45 f4 9f a3 08 b8 23 8a e8 3f 48 8b 27 9c 35 27 96 13 eb 9b 2c 2a 82 1d 8b fb c0 88 ec bf 41 26 cf 33 20 dd 9c 46 63 6d 2d 32 a9 f4 ab dd 86 3d 7c e4 af 39 e2 ea 49 67 3c 6d c7 63 7f c8 2d 29 44 3c 1e 53 28 cd 68 21 26 be 33 80 73 e6 8d 2d 93 c9 a0 a1 a6 1e 4e 3a fd 5e 87 81 0f 1c 10 bd 47 11 45 f4 9f a1 08 b8 23 8a e8 3f 44 4b 26 9c f5 59 3c 3f b9 53 4e 41 21 2c 26 90 d0 65 68 19 07 e3 41 a4 f4 7f 97 8c 7e e3 1c f5 1b 36 20 d3 92 99 d1 75 e8 43 bb fe 1a a3 ae 9a 7c c6 27 b1 44 7c 58 61 59 31 c0 2c c1 f9 4b 94 e6 d0 10 ee b3 dd fe 11 17 32 01 17 be 1d 34 d6 35 20 d5 d8 1c 81 77 44 11 fd 87 c8 8a 26 3a a2 88 7e 7b 5a 3c e1 cc 89 f1 fc dc 9d 92 85 45 1e 43 2b b7 cb 5c 88 a2 c5 17 f1 e9 e8 f1 d0 7d 35 Data Ascii: --kpY<CE#?H'5',*A&3 Fcm-2=\|9Ig<mc-)D<S(h!&3s-N:^GE#?DK&Y<?SNA!,&ehA~6 uC\|'D\|XaY1,K245 wD&:~{Z<EC+\}5
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 2d c3 a8 2d d3 92 42 43 5d bd 1b fd ed df 0c b8 b7 fd 80 ef 0f d4 b2 72 e6 39 17 c1 b2 7e 1f 4b 24 76 c8 2d cc 83 65 d9 86 f4 5e 6d 18 a4 8e 9d cc 91 3f 66 df 49 c6 c9 64 d0 5c df 88 a6 4d 0d 97 55 ee 76 6f 14 dd 2d a2 2d 8e 22 e0 8e 68 8b a3 85 e3 cf 39 29 bf 24 f1 0f 3b b7 ad d0 63 f3 00 70 53 a0 96 dc ae 43 30 4d ba 46 f9 60 e0 a4 9b 91 69 69 44 a6 b9 d9 d5 ab ae 71 32 7c ae 07 ec a2 86 65 b1 5e cc 66 95 76 3c 1e 73 c5 d2 b1 44 ae 10 37 3b 84 2d a6 80 6d 69 97 2f c2 1c 7b 46 60 06 db ab c7 42 34 cd da d7 1a 3c 80 5f 12 84 83 fa 6a ea 9f 1d f8 bd 2b 7d 39 42 7e da fe ff 94 73 97 f7 42 ad cc c9 a6 c0 62 c4 07 1c 0a fc 53 8d 2d 48 b5 b4 20 d5 dc d2 c8 81 cf c0 f9 bf 2d c6 84 2c 81 b9 12 f7 dd 60 5b 7d 5c 51 7e 22 37 07 76 3c ae 74 f8 3c b4 e5 60 64 6f a3 Data Ascii: --BC]r9~K$v-e^m?fId\MUvo--"h9)$;cpSC0MF`iiDq2\|e^fv<sD7;-mi/{F`B4<_j+}9B~sBbS-H -,`[}\Q~"7v<t<`do
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: c0 97 1b 81 76 39 d1 63 93 53 ea 32 05 ae 80 65 37 11 bf cb b2 fa 7c 00 f8 04 08 1b 63 cb d6 5f 96 6b ad 73 fe a6 a8 9b 93 b1 84 8d e5 78 e8 5e 7c e6 5a 6e 3a 98 aa af fd bf b9 e6 a6 59 2b e3 24 dc 36 cd 8e 66 14 65 96 06 71 c5 5d 53 6b 73 29 0a 97 80 1e 34 50 23 58 2f ca e5 e4 17 22 a7 a0 e8 da a5 d3 fe 72 65 b6 51 45 14 d1 e6 42 91 1f 77 44 bf 29 55 4f bd f8 f4 dc 82 f8 c5 f1 04 eb cc 2c 27 0e c4 05 06 64 c0 78 0b d2 69 ab be b9 31 35 b3 a1 a6 f9 d4 9e fb dc bb f0 c7 8e e5 db 0f ce ed 5e 58 96 33 dd 4e d8 e5 3c 56 a0 38 2b e9 83 cc 39 13 01 50 cc c4 99 2e d0 30 e5 2f cc 15 97 28 ff 95 f1 45 74 9c 70 17 b8 6c 30 69 8d ae 02 a0 70 c2 69 32 22 5a 0f 3a 4a 67 47 da b0 97 35 42 a0 c7 42 d2 65 e9 73 ee e8 00 24 0c 64 2c dc 14 2d ab 60 29 90 5e cf ea 82 bc 0b Data Ascii: v9cS2e7\|c_ksx^\|Zn:Y+$6feq]Sks)4P#X/"reQEBwD)UO,'dxi15^X3N<V8+9P.0/(Etpl0ipi2"Z:JgG5BBes$d,-`)^
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: a8 ab 6f c1 8c 7f 9d 8a 6e de 58 20 c4 d2 c1 b6 18 ca 77 b8 c3 eb 3b 16 f3 c1 ad 5d db 7c e4 e7 25 d0 b7 4f 3b 5c 76 fe 10 74 ab 2c d1 1c b7 05 b3 be c5 74 9a 4f c9 99 0b 71 b8 e4 be 35 77 6e 1e 1b 81 57 18 11 99 ab c7 6a ea af e5 9d 73 02 e4 fe 86 51 c4 88 57 cf c8 d2 1b 3a 8f 44 79 ce 94 9a a5 35 ee d9 fc 1e b8 c6 2c f1 10 6d b1 07 14 dc bc ac c7 63 48 37 37 62 d3 da 45 cf 77 ea ff d7 13 42 0f 25 a2 88 7e 06 c5 a2 49 8b e8 d7 a0 95 b3 2f bf a1 b8 2c d1 a7 d9 ee 0e 78 1c 87 a3 b8 58 16 12 5b c2 5b fc 38 5a c4 b1 09 da 12 f4 7d 0c 0e 72 8e 50 75 20 8c c7 34 98 73 a5 ff 0c ba 7d f9 8c b6 8e e9 6d 1a 97 f9 6d f8 98 ae fd b1 19 a8 a8 56 8e de 31 b4 bd c1 02 55 4b 37 60 e9 8a 3a 3c fb ca 5c 2c aa da 80 15 ab 37 61 f5 da 7a 64 32 1c a3 4e dc 05 d7 fe 6d 4f df Data Ascii: onX w;]\|%O;\vt,tOq5wnWjsQW:Dy5,mcH77bEwB%~I/,xX[[8Z}rPu 4s}mmV1UK7`:<\,7azd2NmO
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: bc 37 fe 6b 8c 9f bc 18 d5 cb 36 90 b6 48 48 54 4e c6 4c 9a 1d d4 af d2 33 ea 5a f0 cd 1a 03 98 01 13 f8 4c ab 77 a0 63 bb 42 f3 3e 69 be 6b 23 a4 a9 a3 ae 1b 1b 81 10 78 07 b2 80 d1 b9 0b cd a7 aa e1 e9 b2 5b 2f ca f4 bf 1c 78 fc 8e 43 d0 d8 94 c6 3d 8f 4e 27 1b 01 a9 22 11 06 69 fa 26 f4 b8 89 9c df 00 ef e0 98 a8 8a 82 e8 c9 19 e1 c2 19 03 31 2c b3 0c 0b 78 ad 83 d6 d7 35 17 2e 23 b2 41 59 8e 4b c0 f5 eb db 81 d0 a9 02 84 85 c8 9c 29 cb 74 b1 61 55 f5 2c c1 b1 4b 1d b9 df b7 6b a5 9e 53 d0 7e 87 e0 ac 47 14 d1 4f a5 08 b8 23 fa 45 b4 6c c6 a5 a7 3a ac 90 70 c7 8e 5a b8 25 67 0c e1 5f ab 45 c3 10 a2 6b ae 74 dd 3a 51 86 65 8a b4 95 68 bb 15 b0 52 e4 a8 76 25 28 2a c0 57 ed 04 39 4e 75 d9 07 71 63 1c c0 a9 27 ec ec 7d 3e f6 dc 6c 91 78 83 86 27 75 02 f5 Data Ascii: 7k6HHTNL3ZLwcB>ik#x[/xC=N'"i&1,x5.#AYK)taU,KkS~GO#El:pZ%g_Ekt:QehRv%(*W9Nuqc'}>lx'u
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 0d 13 a3 24 a9 c3 96 a4 16 bd 6c 16 eb 04 38 79 46 e9 b6 a5 c8 5d 6f 20 b8 91 b2 72 c4 f0 6d bc cf bd 87 76 47 db 36 f9 38 76 d4 58 cf 82 9c 4b 63 37 69 b9 ce 81 23 0f de ce e3 7c 5f 7d fb cb 70 bf ea 5e 82 3e e9 1c 03 fb 76 f4 16 f6 f7 3e fe 56 83 6a 50 57 8c b0 ce bd a2 4d 1e aa 57 d4 62 50 ff 4a 71 ca 21 65 78 96 fa 4e eb 00 1a e4 f6 b3 14 e2 9c ce 36 c7 e4 99 4b bd e0 2b fb 0c e9 4a fa 91 fc bd e3 db 17 06 c6 b0 70 c9 06 74 71 a3 b9 79 20 6c ea e0 95 0c 24 64 91 4f c4 c8 59 ac df 5f 78 f5 33 0f b4 f7 db 73 6b 7c 3b eb 52 0c 1b d4 33 24 6d e9 d6 a5 0d de 78 fe 2c 8c 7b f5 5c 7c 38 e1 2b 1c 7a fc 18 e2 fa 05 a1 e3 b6 08 30 53 70 b6 b5 65 b8 6a 59 96 b5 cd f7 8d 69 f1 b8 34 34 33 75 e6 fa 4f bd ee c2 60 4e 59 a2 4b a3 39 cf ba 3c 17 b9 a5 dd 6f c9 f2 c4 Data Ascii: $l8yF]o rmvG68vXKc7i#\|_}p^>v>VjPWMWbPJq!exN6K+Jptqy l$dOY_x3sk\|;R3$mx,{\\|8+z0SpejYi443uO`NYK9<o
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: ca d7 44 57 ad f5 db fa ad f4 ad c2 8f fb e3 3d 38 e9 cc 07 c8 fb 6a 9b 00 cd 44 1a 4f 15 74 85 11 8e 9c a6 f8 84 01 ca ea 3b fd 64 94 2b f7 ff 2c 2b 86 44 5e 31 0a da f5 39 65 cd 82 67 16 54 4f bf a9 7f 2b 37 1d 51 44 06 45 56 e5 ff 23 b4 6c fa d5 27 5a f1 d8 c1 96 6d 77 d3 2b 9e c3 32 a9 d4 eb e9 96 d4 b3 5d 06 df b0 38 db 4c 2c 9d 7e f9 c8 64 7e f2 ba a2 36 79 95 2c 51 09 c4 cb 45 60 13 26 38 6b 6e 84 12 d5 82 cc 80 3e 5a 1a ad 41 0a a2 b9 06 57 a3 76 e0 ab 30 67 f6 d7 7e df e2 5c 72 6a 6e 58 4e 37 d0 c9 71 a3 5e c2 0b 8f 1c 8d 41 d2 0a 9b 70 de 46 16 30 22 a2 65 c8 60 bb ad da 60 ea a7 4b 49 87 dc b3 00 7f e1 a1 c3 71 de 65 ef a1 df fe 8f e1 be 1b f6 c7 a0 7e 9d b0 73 9f 76 98 38 bd 9a 80 1e 0f 8f d7 00 37 07 c7 1f be 9d e7 93 ed 1a 9b 75 16 69 34 8d Data Ascii: DW=8jDOt;d+,+D^19egTO+7QDEV#l'Zmw+2]8L,~d~6y,QE`&8kn>ZAWv0g~\rjnXN7q^ApF0"e``KIqe~sv87ui4
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 17 f1 dc a2 78 8e d3 b6 92 73 54 02 6c 17 5f b4 6e 7b 65 38 6d 57 8c 45 49 a1 62 6d f3 e2 c9 b2 13 33 a9 c6 e3 57 ce 7d fc 9a f6 3b 9e 7a 3d 22 da e2 28 d2 71 6f 81 b4 6a ee ad f3 92 25 e5 e7 e7 94 ee 62 c5 0b b6 01 b3 72 0c 6e 06 06 ec f9 9f cc 4a c2 8a 95 80 c5 8a c0 62 85 02 b4 1d 9f 6b 96 b1 b9 b9 00 52 e5 82 e5 08 9d 9f 04 63 c9 7d 8b 70 a7 74 f1 87 a3 ad cf 55 3b 34 48 0b cb 92 ac 01 66 ca 45 45 01 71 a5 0b b2 ef 9d 86 82 fc 04 0e 3f 65 6c 40 af 4b 75 b9 da 12 dc 3d 76 c5 d7 ed 5d b7 30 25 2e e7 44 2f ee 97 7d e6 fe 11 d8 73 50 57 dc 78 ef 54 0f 84 e7 7c b1 ca d0 cf ca 6c 65 fa 3e 64 4b 7e 99 8f c7 1e 8f 9b 2e de 83 f4 8b 80 ae 9f 0e 8f 3c 15 1e bc 68 3e 35 1d c3 9d 82 9c 19 97 5c 57 71 0c 7d b9 fa d7 88 53 1e 98 2e 0e c3 8f 9b 07 1a a6 3e d9 c1 5c Data Ascii: xsTl_n{e8mWEIbm3W};z="(qoj%brnJbkRc}ptU;4HfEEq?el@Ku=v]0%.D/}sPWxT\|le>dK~.<h>5\Wq}S.>\
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: cc 1b 0a 84 cd 34 91 90 1b 7f 5a d0 2d 0d a6 58 48 7f ad 39 6c 4b d7 f5 aa 49 37 ad 20 c7 0d 83 1b bf ef 91 f7 d1 79 c7 8b 71 ed 6d 6f 63 f6 e7 d5 de f9 87 9e 9c 84 ae 7d af c4 94 19 8b c8 d0 24 47 cf 48 7d b1 fe 2b bd 39 cc 3e 18 c3 b4 59 4b f1 c0 93 b3 3d ff e9 39 f3 56 e1 c4 73 5e 57 a0 a1 43 b1 d2 fb cf 60 db ad da 60 ce bf 57 07 c2 88 9a 63 97 e5 69 1e 6d 7f 6e a9 98 9b 72 bd 81 a8 66 82 63 54 3b 01 1e d6 77 1b 5c 6b 36 ae 97 7e 55 21 4d 49 7d 52 cc 0c e0 42 c1 3f a0 ef 56 e3 d2 1b 94 70 7f 92 3b 46 80 eb a5 a2 f2 2c 3b 05 43 ec ef 98 55 d4 3f e4 85 24 11 e0 1e bb fb 68 1c 7b f8 4e b8 ff b1 c9 d8 79 af 3b f1 c2 ab 9f 9a cd 73 e0 ce 07 3e 40 c7 ed 2e c2 ca d5 75 78 67 ec 79 c2 28 4d d8 65 04 72 79 bb ef eb 35 37 8f f5 8e ee bd f5 74 e2 da 65 13 e0 d4 Data Ascii: 4Z-XH9lKI7 yqmoc}$GH}+9>YK=9Vs^WC``WcimnrfcT;w\k6~U!MI}RB?Vp;F,;CU?$h{Ny;s>@.uxgy(Mery57te

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:47 UTC	2827	OUT	GET /images/female/30-40/t-3.jpg HTTP/1.1 Host: visi-sharp.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6ImdMbDIvQUU0VTZSRzNWSmZjdWxlTUE9PSIsInZhbHVlIjoieHlvRzhmZW1sSlBXWW9TTkQvZC9uMzRDNHZXY0xzdzJyUVNVTGNzQTFtQ1ppQmoxMDVGalBETUROK1pqc1Z5aFU1aXVEVlBmWmp3cDVVeG9mczdDTFA0alA5L0hJVjVyckE1V [TRUNCATED]
2025-01-09 20:54:47 UTC	998	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:47 GMT Content-Type: image/jpeg Content-Length: 521365 Connection: close Last-Modified: Tue, 21 May 2024 12:01:13 GMT ETag: "664c8d09-7f495" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 4675 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oS6piXyRoqW3USUmVnVGUa127ngYBNgPzY6e6Wo1k%2FBL7wDil7d8iXGEc695pnoGQ1vKa4HXJqEAI63%2BMu4YmwaQ9uqh8ZtCm0wHE%2BN845Ojvwnop%2F9IdITKqxhR4mCpQw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff753135db40f36-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1541&min_rtt=1541&rtt_var=578&sent=4&recv=8&lost=0&retrans=0&sent_bytes=2832&recv_bytes=3405&delivery_rate=1894873&cwnd=231&unsent_bytes=0&cid=435299a554781080&ts=119&x=0"
2025-01-09 20:54:47 UTC	371	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 02 02 01 01 02 01 01 01 02 02 02 02 02 02 02 02 02 01 02 02 02 02 02 02 02 02 02 02 ff db 00 43 01 01 01 01 01 01 01 01 01 01 01 02 01 01 01 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 ff c2 00 11 08 04 00 04 00 03 01 22 00 02 11 01 03 11 01 ff c4 00 1e 00 00 02 02 03 01 01 01 01 00 00 00 00 00 00 00 00 05 06 04 07 01 02 03 08 00 09 0a ff c4 00 1b 01 00 02 03 01 01 01 00 00 00 00 00 00 00 00 00 00 03 04 01 02 05 00 06 07 ff da 00 0c 03 01 00 02 10 03 10 00 00 01 f6 fe bc Data Ascii: JFIFCC"
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: fd 00 b1 58 d7 ac f1 1e 7b 6a 64 17 6e e9 84 ae 3b 33 85 04 ae ca 96 3a f2 bb 66 a2 83 21 58 3c c4 4a 7c 7d e7 47 3a 35 02 fe 66 e6 03 7b 55 a3 c4 36 a2 c4 f5 73 3d 60 f1 49 9f 2e 13 a9 e8 3a c0 e5 05 fc cb 02 5d 6e 6b 57 25 b2 1e f2 b7 f1 35 95 02 51 87 2f 78 92 66 31 af 4d 6d 1a 6b be fd dc f1 be 7b a3 4b d3 4a cf 6e 3f 69 68 cf df 6b 5e d7 ed b1 dd b7 d8 cc c6 bc fb f2 ee d7 3b fd d3 ae 73 b4 c7 1d f3 f5 67 96 77 d6 27 ec 63 eb 57 1a 6d ad 6d a7 3e ba 4d 79 fd f7 dd da 63 6d 66 21 ae 30 ac 75 55 51 5c 92 3a a8 90 08 c6 a5 18 1a c0 32 49 0a 4a e3 2e d5 fb bf 3e c4 a5 ad 9c ee 36 74 fb 39 e8 d3 7d b1 3d f6 fa e7 a7 ed 76 da 63 9e 3a 71 ee ce 9d 75 af 70 cf 4f a9 68 90 76 09 9a f7 5a bc 1e 7c 57 ac e6 70 d7 3c 3d 81 da 72 93 43 77 c4 19 55 24 a5 75 5a cc Data Ascii: X{jdn;3:f!X<J\|}G:5f{U6s=`I.:]nkW%5Q/xf1Mmk{KJn?ihk^;sgw'cWmm>Mycmf!0uUQ\:2IJ.>6t9}=vc:qupOhvZ\|Wp<=rCwU$uZ
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 71 4b 6b f7 da da 33 8c 66 6b f6 bb e3 bb 19 cf d1 3f 7d 9d 62 7e fb 1a d2 7e e7 d3 9d a3 4d 77 d7 bb 4c 67 1d d8 d7 6e 7d df 69 9d 26 35 89 26 05 aa 0d 69 81 63 a8 a0 80 f2 83 c3 82 c8 09 96 84 28 4a 14 fb d2 6f 7e 12 23 b7 eb c3 78 9b 93 6c 7d 53 67 6d 76 bc 67 ec 67 a7 1d 7a 46 1d b5 91 cd 49 26 e2 79 c9 9b cf de 17 d7 6d e9 18 0d 78 9a 70 2a 62 14 22 cd 34 92 0a 26 2c c0 6d 74 9f 57 b7 6e 96 6c ce cc 22 91 62 21 79 e8 2f e8 46 80 dc 16 c6 02 cd 60 15 96 25 26 24 d3 2c b5 87 02 9b e9 10 75 e0 2e 9d 53 3e d8 d7 38 b2 10 69 45 7a 5c 4e 53 4b 12 1d 7a 8e b7 07 b6 47 54 6b dc d1 7d 47 de 92 74 61 b2 a9 74 bb ab 80 c2 73 02 a8 ea bc 82 35 ac 0b 65 a0 a1 db ef 33 4c a3 57 9b 46 80 8e 10 33 a8 63 5d 5b a0 6b 08 96 d0 98 86 c3 01 76 55 ae 62 83 57 16 7e b2 15 Data Ascii: qKk3fk?}b~~MwLgn}i&5&ic(Jo~#xl}SgmvggzFI&ymxp*b"4&,mtWnl"b!y/F`%&$,u.S>8iEz\NSKzGTk}Gtats5e3LWF3c][kvUbW~
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 11 a6 fd c6 40 4f a7 9a 6c 2f 39 f8 3f 59 09 bb 69 de 6f 7e d1 ae 1b 7c f7 11 5e ae 8e 5b 86 0c da 08 f7 81 60 7d 5e dd 54 18 36 cd d0 18 36 7b 75 76 9c ad b6 29 6e c7 7c f3 18 38 ca f1 9a 49 91 9b b4 25 4f 66 ad 45 f4 59 cc 62 58 08 aa 03 29 79 bc 2a 3e bc 3b 41 16 f7 61 73 15 99 ee 6a 94 88 01 59 a1 a3 d3 c1 af c6 86 fb 62 a9 91 cb 75 92 bd 62 f3 a1 ea f1 76 9b aa 0e b3 2b b0 2b 49 b5 09 d3 5d 35 80 30 d4 93 fc 04 d5 6c 46 c9 e1 64 8e 6c 9c 79 d6 e4 fd 22 1c e5 45 22 9d 6f e9 6a 08 e3 c5 2c f4 69 58 cd ce 49 03 1a 7e 05 6c 59 5d 43 45 78 0d f9 7c 26 d6 08 c6 76 2c 18 87 0d a2 dd d6 f0 56 b7 4b 92 a9 15 9a 3c 56 56 36 b3 24 20 b9 49 7b 36 b4 b0 68 97 da b5 e8 f3 e8 c4 aa 1b 1b 0a ed 2e 67 69 36 04 ad fc 49 7c 7b f4 d9 c9 84 70 2c c9 89 78 db 42 0f 5d b5 Data Ascii: @Ol/9?Yio~\|^[`}^T66{uv)n\|8I%OfEYbX)y*>;AasjYbubv++I]50lFdly"E"oj,iXI~lY]CEx\|&v,VK<VV6$ I{6h.gi6I\|{p,xB]
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: c8 f3 b5 2c f0 cd 08 e0 ec e4 4e 13 12 a7 65 f3 43 84 46 01 27 cf 6f 2a 6d 2f 74 44 32 3b 8a c4 91 cd 7e 9c c1 4e 39 d1 8d 81 9b df 5e 5c f5 e6 6b 54 27 40 07 c3 64 ca fd 55 d9 90 b8 d1 8c a2 48 4b 12 f8 a7 6e 1c 97 f9 8e 68 f3 0b 01 ed c0 55 d8 d0 2c a1 c1 5e 33 5e 7c cf 0a f8 c9 6c 9f 2a 85 d1 4a ba b1 ea af 4d 6a ac 9c fd 5c d9 b9 cf 10 75 da c8 1d 99 f9 eb 46 02 87 8e 90 f3 e4 c7 64 3a 8e cc 39 9c 3d a4 16 bf 28 00 38 a0 59 61 35 a0 ea 2e bc a8 16 ec 10 d0 8f 32 09 c6 81 d6 2b d4 1b ed 8a dd 26 7d 17 c2 15 6d 8a 62 b9 39 06 30 06 2d 21 87 7f a9 65 62 f3 86 5e e1 ec a0 12 b4 33 e4 d5 37 47 9f 8c b5 32 0a eb f3 b9 0b ea d5 d0 a5 45 32 3e ee 65 22 f6 3d 17 37 5a cf 2c 84 fb ed fc 87 09 f1 b3 a2 84 fe 78 d8 a3 c6 dc f3 dd b6 9b 62 6b 8d 73 f7 76 9a 6f 8e Data Ascii: ,NeCF'om/tD2;~N9^\kT'@dUHKnhU,^3^\|lJMj\uFd:9=(8Ya5.2+&}mb90-!eb^37G2E2>e"=7Z,xbksvo
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: e5 56 43 31 b0 6e ad aa 5e a3 7a 57 bd ec 5e 9d 03 2a 6e 9e 7c b2 2a c6 40 6d ce 24 d6 81 65 7a 66 90 7a c0 d3 f3 da 81 7a c1 91 44 97 cb b6 a2 0d f7 85 69 6c 62 e9 af 54 07 d2 0f 56 ab 25 6c 0a cc 03 f4 7d 65 7c d8 6c b4 1d 8d 4d a1 76 b4 48 93 35 73 eb e6 31 93 9a 86 96 f0 08 f4 b1 9b c1 29 b9 26 e1 d7 43 29 06 17 60 77 06 e8 c5 4d dc ab 55 20 08 cc 38 11 a8 97 2f 40 2a c2 51 89 80 b9 ae c5 8f b7 80 1f 52 1f 79 8b a1 62 5c 48 ce b5 33 b1 51 51 2b c5 ec 95 d6 26 2a 78 08 86 c6 ba 53 b4 32 2e ac 6c 80 42 47 48 8c b8 bb 30 b9 38 a2 65 04 bb c3 22 aa a9 78 43 93 1b ac e8 9e c7 12 a6 a0 7f 3e 3f 50 fc 50 06 7f 30 fd 67 e5 9b 03 6b 0a c3 44 b1 3c ff 00 9e ef ba bd 63 e0 ff 00 56 a9 d7 29 35 d9 7a 59 36 59 40 64 fd cf 91 99 d2 1f 76 57 fb ae 9d a6 3e c6 31 7a Data Ascii: VC1n^zW^n\|@m$ezfzzDilbTV%l}e\|lMvH5s1)&C)`wMU 8/@QRyb\H3QQ+&xS2.lBGH08e"xC>?PP0gkD<cV)5zY6Y@dvW>1z
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: f3 6d ff 00 4b 6e e5 5b 4e 61 09 ac 4a e0 ea 05 85 04 97 35 69 cd 23 79 e9 85 6c e6 c2 1a c2 e4 78 33 3b d0 34 8d e2 93 74 f8 c9 48 3d d5 a5 f1 55 3c e8 a1 c6 be 27 93 55 a3 96 58 d1 76 73 f2 39 24 19 5d ae 7a 29 ea e7 d8 2c 33 41 07 a6 c3 9a f3 6b ec a5 a2 d5 a9 0e 2b 1b 23 41 69 16 a2 8e 93 4e b0 e0 d9 84 e1 ef 8c 9b a4 f9 28 41 5b d4 60 5b 65 74 97 36 7c 58 14 ca 72 7c ef 05 a8 1d c5 d8 5b ba 26 8d 66 10 9f c6 9f 3a 61 6d 35 f2 44 9c 79 99 f2 b8 60 c0 9d 23 49 65 1c 62 7c a5 5a 9c 67 68 42 d4 df a6 3e 20 72 4b e9 c5 1c bd 37 da 6b b0 56 58 73 41 d3 a7 8e 8b 76 d6 47 3b 40 ac 76 1a b3 3e 22 fc b2 fd 53 fc b7 69 21 b4 6f a1 69 8d 5c bd ad ba 6e d1 cc d0 f4 e7 b1 3c 51 ea 2f 2f b7 7c 58 55 55 91 ed 3c 61 56 b0 25 3d 8f 96 ed 37 3c 8b 5c 6b b6 3a 35 db 18 Data Ascii: mKn[NaJ5i#ylx3;4tH=U<'UXvs9$]z),3Ak+#AiN(A[`[et6\|Xr\|[&f:am5Dy`#Ieb\|ZghB> rK7kVXsAvG;@v>"Si!oi\n<Q//\|XUU<aV%=7<\k:5
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: a9 db 01 0f 63 3a 63 b0 23 71 40 60 e4 74 b4 b0 40 eb 39 07 52 14 f2 43 63 22 57 2e 70 c0 d9 d7 01 cc 29 33 65 22 58 14 f2 06 aa be 90 b3 ec 3c d8 67 01 5b 5f 8a 6d 19 bd 73 0e 0b 73 9d cf d0 41 76 93 2b 2d f2 8b 8b fa 14 66 b9 c3 88 d8 1e a6 55 e5 2b 2d f0 80 4a 09 cb f2 3e 7e 86 47 fa c7 dc 45 a9 06 5c 7b b2 1a 38 1d c0 92 f2 55 97 76 11 1a 48 c2 21 89 f0 43 86 91 25 aa db a5 99 e7 76 30 1f d3 0e 5e 72 b1 d0 d0 f4 71 8a 3e c9 59 97 f2 a8 ad 75 2b 91 75 a3 50 36 0e 3c 7b 45 24 19 0c 5e f7 3f ce 24 86 90 e4 07 b8 31 19 85 79 7a a4 99 b5 11 2b 80 0d aa 64 02 c6 58 5e c8 1b 5f c0 ac 5c c4 6b ab 52 84 29 6c e2 da 8b 40 84 f9 b5 eb e7 2f 2b fe 84 f9 1d 76 3f 3c 06 d8 b5 4b f9 2a 92 a2 cb 25 3d 0f e9 5f 29 fa ab ca ef 59 56 8d 65 6b ec 79 ce ef 69 6d de f7 c7 Data Ascii: c:c#q@`t@9RCc"W.p)3e"X<g[_mssAv+-fU+-J>~GE\{8UvH!C%v0^rq>Yu+uP6<{E$^?$1yz+dX^_\kR)l@/+v?<K*%=_)YVekyim
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: a9 ce 5c 90 34 68 b9 6c de 3e d7 fc e6 f4 5e 4d ff 00 60 6d 8f 08 df 4c 47 a4 ba 54 24 f5 4c f4 a8 a1 59 c6 67 e2 b5 2d 72 f9 df e7 3f 72 bf ea eb 1e 94 6d 14 7f 5a f9 af d1 1a 4b 2c d5 16 7d 39 9e ec 27 18 43 35 b2 aa 67 b4 07 97 d7 2a c8 32 7e 2e 87 d0 4e af a6 ef 35 f3 ab fa 09 2b 5e 34 2f a6 e4 a8 87 54 5d c5 7a 3e 40 66 1d 7c d9 c6 21 9b 43 5c b3 54 16 9c e7 b2 5b e2 01 be 3b ca cc c0 78 a5 87 5a fd 25 0d 9a 5a 6d 07 55 b2 2f 0e 87 61 4d d9 c1 ee bd 14 26 ce 1f c3 da 67 15 74 9f 98 a3 8e c1 cd a3 f6 60 3e 9b f5 47 9a 7f 4b 41 0f b4 b7 e8 dd 53 b7 93 f8 c9 59 fe b3 79 a3 1f d2 53 41 d0 99 71 3d 31 72 8b 82 97 62 48 69 a0 38 2c ed 29 8c c8 e8 be b8 a3 37 e6 e9 d9 f6 ed 3b 6f f4 d8 f6 b5 5f 71 95 66 f6 51 8d 2c 20 b1 4d 5e fe 50 11 fc 7f e6 af 52 d0 7a Data Ascii: \4hl>^M`mLGT$LYg-r?rmZK,}9'C5g*2~.N5+^4/T]z>@f\|!C\T[;xZ%ZmU/aM&gt`>GKASYySAq=1rbHi8,)7;o_qfQ, M^PRz
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 9f e7 ea 6b d2 75 48 1e f3 65 75 e9 28 2b e9 f9 e0 c1 3e 01 97 b6 0a ce c6 e0 3d 14 8c cc ce 7c 66 c8 cd 06 07 3b 03 99 d3 06 26 0a 6c 32 a8 7e 06 ff 00 43 bf 89 cc 0b cd 7c 48 0f 05 9d 6d 0a 9e f6 c2 db bb 6c d5 26 e4 01 d0 f0 f6 3f 6f e4 0d f6 ed c3 d6 f9 6e bd 79 ec ca f3 cb 00 29 7e 33 da 0c bb f7 6e 9c f7 bd 7a f2 db 85 6d 0d 60 aa 78 21 7e 98 7b a0 f3 ba b9 ae 4a 01 c4 d2 e1 00 8c b8 3a ef 1b 0b 56 15 ab b9 3f 0b 6a ab fb 1a eb 2a 87 32 68 97 05 46 2b 70 32 42 3d df 4c 5d 1f 3e fa cd 60 33 e3 0d 2e b8 fe 92 d2 bb 03 6a db 1e b3 68 0c 09 4e e8 ae 24 35 b9 49 91 b1 3e 32 05 23 81 b3 22 b0 b5 aa 48 b3 60 53 92 18 ab e5 55 68 d6 d5 98 c9 2c cb fa 09 94 6d 4d 7a 0e 83 73 4a e3 5e 36 bb ac d0 65 14 31 f6 90 ed 31 59 7f 16 d7 83 0d ab a7 4b c6 fc 0f 6f 6a Data Ascii: kuHeu(+>=\|f;&l2~C\|Hml&?ony)~3nzm`x!~{J:V?j*2hF+p2B=L]>`3.jhN$5I>2#"H`SUh,mMzsJ^6e11YKoj

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:47 UTC	2825	OUT	GET /images/male/40-60/t-4.jpg HTTP/1.1 Host: visi-sharp.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://visi-sharp.net/report?aff_id=326&subid2=6812_sessid20250109205426977&subid=8802 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6ImdMbDIvQUU0VTZSRzNWSmZjdWxlTUE9PSIsInZhbHVlIjoieHlvRzhmZW1sSlBXWW9TTkQvZC9uMzRDNHZXY0xzdzJyUVNVTGNzQTFtQ1ppQmoxMDVGalBETUROK1pqc1Z5aFU1aXVEVlBmWmp3cDVVeG9mczdDTFA0alA5L0hJVjVyckE1V [TRUNCATED]
2025-01-09 20:54:47 UTC	992	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:47 GMT Content-Type: image/jpeg Content-Length: 469471 Connection: close Last-Modified: Tue, 21 May 2024 12:01:13 GMT ETag: "664c8d09-729df" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 4675 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CROYuxO0QZbkSF7Kbag8Ug6M7XYMjmQEYAHWmaOfYWiwv10ofOBVul3YcIb2KqXIX5RuF3uwVfKFCnBwyds%2BypgjZdGBtbFA4rmsSUmjcLDPd5G52cZXDuvEyYdkstT0ug%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff75314286a8c0f-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=2014&min_rtt=2011&rtt_var=760&sent=5&recv=9&lost=0&retrans=0&sent_bytes=2832&recv_bytes=3403&delivery_rate=1434889&cwnd=223&unsent_bytes=0&cid=a2131ae28049ef95&ts=170&x=0"
2025-01-09 20:54:47 UTC	377	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 02 02 01 01 02 01 01 01 02 02 02 02 02 02 02 02 02 01 02 02 02 02 02 02 02 02 02 02 ff db 00 43 01 01 01 01 01 01 01 01 01 01 01 02 01 01 01 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 ff c2 00 11 08 04 00 04 00 03 01 22 00 02 11 01 03 11 01 ff c4 00 1e 00 00 02 02 03 01 01 01 01 00 00 00 00 00 00 00 00 04 05 03 06 01 02 07 08 00 09 0a ff c4 00 1c 01 00 03 01 01 01 01 01 01 00 00 00 00 00 00 00 00 02 03 04 01 00 05 06 07 08 ff da 00 0c 03 01 00 02 10 03 10 00 00 01 e6 ed Data Ascii: JFIFCC"
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: b0 79 0b 5b c0 3b b5 9e 81 57 0e 76 f5 f5 fc d6 9c b3 ed 00 f0 b9 cb 7a 15 31 0d 8c f2 a9 4d e8 74 8a 91 0a 81 ec 14 a1 15 6e d6 a5 ca 6f cd ac 6f 19 96 ca a5 57 af 66 72 1b fd 17 7d de fd af 19 ed 68 6d f2 b7 cd 6f 23 9d 02 b0 0b 91 14 2d d1 a3 46 dc 2c 1c cd 9e 75 96 ff 00 cb 9d 4e 7d aa eb c1 2d 8a 47 a4 ab 3c 89 dc c5 df 2e 9c 2f b6 4b cf 59 ac 60 d9 4f 28 62 75 19 c6 30 c5 c2 09 4b 87 97 22 6e 96 57 25 48 e1 2a 5e 99 0b a4 09 62 c5 4c 96 71 29 54 d5 6b c1 4a 87 29 ee 42 55 ac 96 df 36 8d 17 b0 68 34 68 b9 9c ce 6f 60 40 ee 47 d8 98 ab 62 9c 66 e1 29 e6 9f 0c ce 36 83 ea 95 16 b1 97 6d 0e b0 16 49 98 33 db 27 da fd db 99 a2 93 b8 c2 42 20 09 89 8b 8b 51 b4 25 71 e3 a6 4e 1c d9 ac 66 5e 50 e1 b3 09 38 e9 d2 0d 26 61 52 c3 37 61 04 0e 50 ec d3 43 38 6c Data Ascii: y[;Wvz1MtnooWfr}hmo#-F,uN}-G<./KY`O(bu0K"nW%H*^bLq)TkJ)BU6h4ho`@Gbf)6mI3'B Q%qNf^P8&aR7aPC8l
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 46 7b 5f 09 bf c4 84 84 ca cf ce b1 81 69 7d 31 2b e8 95 3b 24 8b f6 7f a7 7f 2e bd 65 10 7b 6e b5 cf 7a 9c 61 f2 21 3e 43 d6 d7 9e a3 43 92 a4 78 8e 72 4a a1 aa 7c 25 cb d8 02 f5 ac 56 d1 5d a9 58 bd 88 3e 94 51 9c 0b 0a a7 60 c9 7b 25 eb 16 00 30 9e 83 d9 aa 66 86 b7 6e 9d a2 77 c0 3a 4f a5 16 85 f4 ba 9f 69 26 92 08 e7 6c 6d 9d bc d0 49 c5 36 ba 6a 3b 2e c3 67 78 e2 97 12 3a d0 a5 87 a8 d9 1e ad 92 f4 e2 82 29 46 c1 9a 86 8b e6 45 84 72 b4 92 07 98 38 92 86 23 b2 59 a3 aa 50 a2 39 e5 6f 9a fd 5c 32 d2 a7 a4 b0 33 62 8a d5 8e e7 44 5d d5 ee cf 53 79 2f 3a ac dc bb 08 3c 15 d3 77 69 bd 05 7d c6 0b 2c 9e 89 0b f7 ba 6d 72 1b 23 07 10 56 68 dd 16 44 76 84 67 0d ab e0 77 67 21 74 a4 19 93 6c 99 68 9e c9 ab 06 9a ed a4 b8 28 b7 b3 15 bb 5f 70 c0 86 6c 72 ce Data Ascii: F{_i}1+;$.e{nza!>CCxrJ\|%V]X>Q`{%0fnw:Oi&lmI6j;.gx:)FEr8#YP9o\23bD]Sy/:<wi},mr#VhDvgwg!tlh(_plr
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: cd 09 bf 2d 5b 13 56 04 be d6 be aa 9a cf c1 62 f4 74 ed e8 3d 3b 3f a9 64 e8 9a d9 e0 f6 b7 33 e3 0c 8e 2d 61 e5 a6 7d 29 38 ed f0 4c dd a4 93 14 af c9 c4 14 ae 79 85 a5 9d b8 db 75 e6 72 f6 93 7c f0 e4 98 89 31 9f 58 4f 68 c3 9d b5 32 d4 b8 a6 c2 9b 69 43 24 4d 38 84 e1 67 5c e1 c1 bc 72 99 a0 14 07 0f 9d 31 20 1f a1 10 67 c0 ac 5d b3 08 41 c1 46 54 00 ef 82 96 01 3d f3 1c c0 bf b5 da 2c dc e9 be 9c b1 07 2c 4c 31 3e 28 4e 11 65 18 72 9a a7 e6 2f 64 79 da 89 bc 9b cc fb 77 33 a3 c2 cd 4b a2 37 e8 d5 f5 ff 00 3c f5 e5 6d b9 2f 55 a2 4a 78 8a b9 61 de e9 65 f0 2e c3 e7 61 ca db d7 61 31 84 d8 3b a6 93 23 7d 54 cd 9e 21 7f cb 6e e1 53 80 d6 6c 02 35 2d 64 dd 3b 80 63 56 ab 5c 28 bc 03 f4 fa 27 d3 0e 03 21 76 0b 11 7a 6e 89 09 91 e8 c1 01 b1 e6 87 82 70 59 Data Ascii: -[Vbt=;?d3-a})8Lyur\|1XOh2iC$M8g\r1 g]AFT=,,L1>(Ner/dyw3K7<m/UJxae.aa1;#}T!nSl5-d;cV\('!vznpY
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 80 72 df 45 72 ca 7c 8a 2e af ab 85 35 8b ba 56 35 0d ec 87 50 74 a2 70 2c 20 55 26 63 5a e5 c3 9f 4a b7 b6 4a 5d cb 63 bb 5c 2b 16 c9 31 d3 c5 76 27 71 8e 04 76 46 6b b1 5c ab 67 61 96 7a 3f 96 3b 9f 27 cf 7d 42 e9 8b 9f 74 79 e6 94 30 6f 89 c7 60 fa 95 f0 18 fb cf 26 6c 1b 93 26 70 7b 1d be 68 13 93 30 68 f2 19 22 c8 4d 8c c8 0f 2a e5 8c eb 7f 61 e0 d6 50 cf b7 a3 8e 2f 1c c3 aa 4b 67 4d 72 d3 99 16 da b6 96 d6 9b 31 7e 51 62 9b d5 c4 d0 98 ba 4d 6c b9 9f 3c 92 d7 6e 35 60 23 a5 6b c2 68 14 7a 2d 3e 19 96 04 72 49 97 b8 99 be 2d 83 a3 28 35 21 69 91 d9 b9 3b 41 bc 04 32 67 e1 f3 19 4b b6 b4 4d 19 69 0c 06 b8 df e2 6c 97 62 01 0f 35 89 b5 d6 c1 cd 31 ac b4 47 a6 37 9b 42 28 e5 9f 39 68 ec c9 d3 57 13 29 07 15 96 46 3b 37 5c 5a f1 25 db fd b4 b5 c6 3b 01 Data Ascii: rEr\|.5V5Ptp, U&cZJJ]c\+1v'qvFk\gaz?;'}Bty0o`&l&p{h0h"M*aP/KgMr1~QbMl<n5`#khz->rI-(5!i;A2gKMilb51G7B(9hW)F;7\Z%;
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 8b f4 07 22 09 db 9a 60 72 b4 87 6f 09 8c 20 08 d8 c6 bb 6d 43 40 0e b1 ec a1 98 37 62 57 ba de 5e cc ed dd c4 4b 99 da 98 d9 6b f3 14 71 80 9d 6c b2 6f a6 f4 cf 2e 7e 8f 95 f1 30 c8 3b ae aa 64 ca 19 c1 8d c8 27 98 7d f8 77 cc 53 33 95 ba 4e cc 0a 5d a2 d0 d6 66 22 83 73 7d f2 12 0b 52 87 25 1a 2c 05 a7 49 9c 3c 72 01 6d 81 47 02 66 5a c9 09 4d 86 d4 2c 11 12 4f 0f 9f ea 68 c0 09 74 18 ef a6 ad 91 11 cb 8a 53 98 4f 09 14 c5 35 75 c0 6c 9e b0 9f 08 03 aa f4 fb df 19 24 23 e4 1d 4a 85 e8 f8 dd 72 9c fb 67 c5 e0 0e fb c1 7a 38 9c 71 bf 72 4a 3a e1 c7 7a af 9f 77 a7 63 52 5f 9e bb fd aa 97 6f e8 ad cf 6b 8f fd 28 2c 56 1a d3 d2 0b 1b da f3 f6 05 85 a2 56 95 07 80 15 58 14 fe 65 f6 e9 01 6a bd 9a ba 19 85 ed c0 9b 0e 25 b4 5a 0f dc 47 c2 ed bc 64 82 ca 24 64 Data Ascii: "`ro mC@7bW^Kkqlo.~0;d'}wS3N]f"s}R%,I<rmGfZM,OhtSO5ul$#Jrgz8qrJ:zwcR_ok(,VVXej%ZGd$d
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: ba 7b e5 4e f2 e7 e4 dd 2e 9d 5f 97 46 e2 37 8a b1 45 d5 39 27 4f e1 b4 4d cd 9a 5d 86 62 68 7d 2f 91 76 45 eb e6 cf fe f2 bd 4e bc e4 57 03 0d b6 d9 56 b7 82 6c 56 14 56 0b 24 71 60 49 60 72 ac 16 6a e5 9d c8 6c cc 36 b5 cf f9 a8 0c a0 fe 5d f7 70 89 38 26 43 05 38 9b a1 88 48 65 91 43 f6 9d db 10 39 21 ac 0d 14 f5 9c c7 8a c7 34 93 20 39 4c 25 b8 2d d6 4d 2c c8 ad 78 bf 03 f1 6b f7 9f bf 41 f1 7a c7 5d f3 ef a4 ab 1a a0 ce 39 90 3d d1 b4 1e aa 97 f6 3e c3 c9 7a f4 5e cb d2 83 2c a8 27 6d 32 c0 00 d5 8c 41 cc e7 18 ce ab 56 6b 59 19 ed 21 53 52 b8 c4 71 a1 85 66 3b 1c 72 bd 0a fb 4c 3a e9 a0 3f 15 f4 ad 6b 8d bb 5b 47 8d 59 33 09 62 cf 2b 13 c0 11 32 d1 90 9c d1 12 a2 8c 5e 7d f4 71 44 aa 18 ee 96 6e c2 f6 06 7e d3 b4 13 61 12 24 82 11 e6 9f 28 9f 71 8e Data Ascii: {N._F7E9'OM]bh}/vENWVlVV$q`I`rjl6]p8&C8HeC9!4 9L%-M,xkAz]9=>z^,'m2AVkY!SRqf;rL:?k[GY3b+2^}qDn~a$(q
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 28 0d a0 bd ab 60 3c 5e c1 3e 9e 35 96 f2 60 81 29 8c 10 cc 23 99 af 62 b6 b1 66 ad ba cd 9b 10 19 09 35 ce d2 68 7e 6b f9 6b d9 3e 7c fa cf d6 0b ed 9c cb aa 7b 7f 98 c9 b1 23 cd e4 05 d6 29 3d 5f 77 ab 4f 0b 0e f4 86 9a 78 0c 4e 00 da f8 8c f2 20 d2 1b 5f d7 d5 4a 64 b9 43 11 78 d1 ce f3 66 6a d4 d6 30 fb 6a 55 8e ab 1f 67 05 1b b2 54 67 7d 73 2c b4 1d 61 6c e6 1f 0b fb 0d 8f 81 58 da 5d d9 bf 0e b2 17 76 77 fc d2 ed a2 5e 8f 65 c7 c6 f4 16 cd c3 a6 12 16 2a 1a 0d ea ba 23 5e 14 30 d6 e5 ff 00 27 5a 97 b0 a5 c0 a8 76 75 58 9c 14 73 64 d6 09 c5 c3 81 9b 14 db 88 dc 76 90 cc cf 74 f0 d9 cf cd dd 22 ed de 2f ce 32 65 80 e6 dd 99 d0 8c 78 d9 82 26 66 02 97 b1 c9 d8 1d 3a f4 8b 28 32 6f a6 22 9a bb 60 ad 36 3e 45 43 e8 5c a6 59 f1 5b bf 52 aa f2 db f2 ae e3 Data Ascii: (`<^>5`)#bf5h~kk>\|{#)=_wOxN _JdCxfj0jUgTg}s,alX]vw^e*#^0'ZvuXsdvt"/2ex&f:(2o"`6>EC\Y[R
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 6c 49 37 a3 2d 6e dd 53 dc e5 7c df b2 72 57 f9 3d 61 9d 76 cf 77 9b c4 96 1b 5c f2 3d ee 85 dc bc 95 eb d9 bd 9b 2d 8c 32 6f 0e 75 c5 3d 27 e7 e4 7d 12 5e f9 c9 3a 6e ba 9d 5d 6a 8f d0 fc 1a 7b 1d 5a c6 9c ba dd 29 16 a3 9e f5 70 a1 db 1e 9b cd a2 8f 66 f4 20 b6 ba ab 3a b0 bf 27 c5 9a 0f cc 7e bc 65 e5 2e e2 80 09 86 02 83 5c 42 1b 2c 83 6e 0d 38 a0 18 0f 1e c4 36 78 64 b6 0d b8 f1 0d 84 6c 04 c5 d0 0e 30 8d 62 3b 03 4f 13 f3 37 b9 fc 87 ea fd ab 3a e5 96 89 ec fa 9c e8 80 6b 85 37 a7 1d 55 cf f5 3f 3a eb ae eb 6f fe 77 ea ac 43 29 95 4e ae 2d b2 27 4b 42 a1 db a8 46 ba c5 b1 a5 b9 9a ae d6 aa d5 ee 79 82 b3 9e 5a 97 14 6a 4c 65 05 c6 3f ce 1b 49 15 e4 45 d7 65 55 76 49 72 77 60 24 99 dd 02 7a 89 99 e7 49 c8 ed f5 78 6d 0a d0 05 8f cf f5 6f 5d 0a a5 d0 Data Ascii: lI7-nS\|rW=avw\=-2ou='}^:n]j{Z)pf :'~e.\B,n86xdl0b;O7:k7U?:owC)N-'KBFyZjLe?IEeUvIrw`$zIxmo]
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 94 79 6a 84 3d d6 82 a5 48 d1 3d 13 d9 bb 07 1e eb b7 c4 ef 8f 75 be 31 4f a6 d5 43 ca 53 3d 14 fd 51 47 41 87 d3 cd 2a 20 1f 09 7c 92 ff 00 ce e1 f8 55 b1 4d aa 7e 7d 95 89 15 8b 92 f5 ea 57 94 a5 e5 81 13 ca 12 f5 da 47 2d 4d 89 ca 17 95 2f c1 f1 35 8f e6 3d 54 81 be 83 98 8f 47 d1 87 57 a2 b1 e4 09 09 0e 64 43 56 1c 61 41 a3 31 90 d3 df 8e d4 de e9 0f 84 b5 b2 72 45 27 88 f3 57 96 3c e0 a5 6c b3 bc 73 50 eb 3e 6f fa 2f be e9 9c 33 a5 3b 2a fc af ea 1a 19 c9 47 6d 62 b1 b4 fe 4b e6 f5 5b 3c 9e 8e ec 42 99 ee 28 e1 36 7f 1f 32 7c eb 1c 81 b8 fa 4f 0a 14 ca 66 ce bf 6d a9 d3 06 98 65 5a 7e 47 c7 90 0d 20 59 8b 06 6e a0 1b 5c ac dc 10 4f ca 6b d6 25 0b 2d 6e b5 2b 59 9f 41 b3 d6 2f 57 a0 16 3a 1e 7c b2 ab 67 af 95 15 db 0e c2 80 ba c7 da aa 7c cb 9c 89 96 Data Ascii: yj=H=u1OCS=QGA* \|UM~}WG-M/5=TGWdCVaA1rE'W<lsP>o/3;*GmbK[<B(62\|OfmeZ~G Yn\Ok%-n+YA/W:\|g\|

Timestamp	Bytes transferred	Direction	Data
2025-01-09 20:54:47 UTC	2534	OUT	GET /js/app.js?id=11d7149dd52495db050a HTTP/1.1 Host: visi-sharp.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: affiliate=eyJpdiI6IjJCWTF0Nzdlb0wwS1pZMisvNzJjVGc9PSIsInZhbHVlIjoic1RSSVpxTVBrU21BSnZjc0t4QVZSZlQ5azZobTA0QVI3ZnNPODRKalpQQmtHRWVmemhZV3AyakNaUEdhWWJ0K2dyYVJRM3JKdFBQRWR5L1crQ3FkcVE9PSIsIm1hYyI6ImRlYTFhZWMxMDRkMzUwYWM3N2FhY2NkMjcxNTkxNjBjNzYyYjE1MzBkM2YyZWYyMzg3NDQzODM4MjFkMTk1ZmMifQ%3D%3D; tracking_cookie=eyJpdiI6IjZxY3g5YUxDZ2o3MVZCZGJBSWVIc1E9PSIsInZhbHVlIjoiOHMwYkVTN0I4ZWxRYnNOSm9qZUE1dDBWUFY0dGYvdjFZWGJnd1FIQUJVU25sZk9OeitlSzZ1M1ZGSW9kdXk0TCIsIm1hYyI6IjBjYmU3MDdiMzU5NjBjMTVlOTNlMzQwZGRiZGNhZjliYWE5YzIzYjQ3YzkwMWU3NzQ1MzI0YTA4ZDE0ODUxYjgifQ%3D%3D; variant=eyJpdiI6IlJtUEY3ZC81amxTTmIxSmFwVUdMT3c9PSIsInZhbHVlIjoiMVRwaDN2ODBaSGlLYThCNmN2eERjYUJpNVpyN2J1cUF4WmhNLytwc2VMcXhCMnlWS3cvYm9JM2huczVmOVZrNCIsIm1hYyI6ImJiZDEyMDk2M2IxMmJhNWNjYmM0YTIwMjkxOTg2ZjQ0YmQyODAxZTM1ZmUzZGQ0NmM4YTYwMjJjMDAzMDZkMmYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6ImdMbDIvQUU0VTZSRzNWSmZjdWxlTUE9PSIsInZhbHVlIjoieHlvRzhmZW1sSlBXWW9TTkQvZC9uMzRDNHZXY0xzdzJyUVNVTGNzQTFtQ1ppQmoxMDVGalBETUROK1pqc1Z5aFU1aXVEVlBmWmp3cDVVeG9mczdDTFA0alA5L0hJVjVyckE1V [TRUNCATED]
2025-01-09 20:54:47 UTC	1035	IN	HTTP/1.1 200 OK Date: Thu, 09 Jan 2025 20:54:47 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close Last-Modified: Tue, 21 May 2024 12:01:13 GMT Vary: Accept-Encoding ETag: W/"664c8d09-c29c2" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 4775 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2FQ6zc011NlQWTVkk6WUuBzP2jJDYrQAG%2BOhW%2BTEGbBfFb%2FFbgSZ3t9PCwwZNCkuLJTnNOPOJvUxvL3REiUCKMWA2i4aJI%2FCzkSrNJgHqTm9N3Sknb%2FFuvAw6lOJjqcrFg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8ff753140bf04344-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1729&min_rtt=1729&rtt_var=649&sent=4&recv=8&lost=0&retrans=0&sent_bytes=2832&recv_bytes=3112&delivery_rate=1685912&cwnd=47&unsent_bytes=0&cid=c53fb45df96cc4ef&ts=127&x=0"
2025-01-09 20:54:47 UTC	334	IN	Data Raw: 37 63 36 62 0d 0a 2f 2a 21 20 46 6f 72 20 6c 69 63 65 6e 73 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 73 65 65 20 61 70 70 2e 6a 73 2e 4c 49 43 45 4e 53 45 2e 74 78 74 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 6e 28 72 29 7b 69 66 28 74 5b 72 5d 29 72 65 74 75 72 6e 20 74 5b 72 5d 2e 65 78 70 6f 72 74 73 3b 76 61 72 20 69 3d 74 5b 72 5d 3d 7b 69 3a 72 2c 6c 3a 21 31 2c 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 72 65 74 75 72 6e 20 65 5b 72 5d 2e 63 61 6c 6c 28 69 2e 65 78 70 6f 72 74 73 2c 69 2c 69 2e 65 78 70 6f 72 74 73 2c 6e 29 2c 69 2e 6c 3d 21 30 2c 69 2e 65 78 70 6f 72 74 73 7d 6e 2e 6d 3d 65 2c 6e 2e 63 3d 74 2c 6e 2e 64 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 72 29 7b Data Ascii: 7c6b/! For license information please see app.js.LICENSE.txt /!function(e){var t={};function n(r){if(t[r])return t[r].exports;var i=t[r]={i:r,l:!1,exports:{}};return e[r].call(i.exports,i,i.exports,n),i.l=!0,i.exports}n.m=e,n.c=t,n.d=function(e,t,r){
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 26 26 53 79 6d 62 6f 6c 2e 74 6f 53 74 72 69 6e 67 54 61 67 26 26 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 65 2c 53 79 6d 62 6f 6c 2e 74 6f 53 74 72 69 6e 67 54 61 67 2c 7b 76 61 6c 75 65 3a 22 4d 6f 64 75 6c 65 22 7d 29 2c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 65 2c 22 5f 5f 65 73 4d 6f 64 75 6c 65 22 2c 7b 76 61 6c 75 65 3a 21 30 7d 29 7d 2c 6e 2e 74 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 66 28 31 26 74 26 26 28 65 3d 6e 28 65 29 29 2c 38 26 74 29 72 65 74 75 72 6e 20 65 3b 69 66 28 34 26 74 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 26 26 65 26 26 65 2e 5f 5f 65 73 4d 6f 64 75 6c 65 29 72 65 74 75 72 6e 20 Data Ascii: defined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 2c 6e 28 22 38 6f 78 42 22 29 2c 6e 28 22 33 55 44 2b 22 29 28 65 29 29 7d 2c 22 2b 4b 69 62 22 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 6e 2e 64 28 74 2c 22 61 22 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 45 7d 29 29 2c 6e 2e 64 28 74 2c 22 62 22 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6b 7d 29 29 3b 76 61 72 20 72 2c 69 3d 6e 28 22 33 6d 62 58 22 29 2c 61 3d 28 6e 65 77 20 55 69 6e 74 38 41 72 72 61 79 28 5b 37 39 2c 31 31 32 2c 31 31 37 2c 31 31 35 2c 37 32 2c 31 30 31 2c 39 37 2c 31 30 30 5d 29 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 3f 4f 62 6a 65 63 74 28 69 2e 68 29 28 65 29 3a 65 7d 29 2c 73 Data Ascii: ,n("8oxB"),n("3UD+")(e))},"+Kib":function(e,t,n){"use strict";n.d(t,"a",(function(){return E})),n.d(t,"b",(function(){return k}));var r,i=n("3mbX"),a=(new Uint8Array([79,112,117,115,72,101,97,100]),function(e){return"string"==typeof e?Object(i.h)(e):e}),s
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 3b 69 66 28 21 6e 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 20 73 3b 66 6f 72 28 76 61 72 20 6f 3d 30 3b 6f 3c 74 2e 6c 65 6e 67 74 68 3b 29 7b 76 61 72 20 75 3d 28 74 5b 6f 5d 3c 3c 32 34 7c 74 5b 6f 2b 31 5d 3c 3c 31 36 7c 74 5b 6f 2b 32 5d 3c 3c 38 7c 74 5b 6f 2b 33 5d 29 3e 3e 3e 30 2c 6c 3d 74 2e 73 75 62 61 72 72 61 79 28 6f 2b 34 2c 6f 2b 38 29 3b 69 66 28 30 3d 3d 3d 75 29 62 72 65 61 6b 3b 76 61 72 20 63 3d 6f 2b 75 3b 69 66 28 63 3e 74 2e 6c 65 6e 67 74 68 29 7b 69 66 28 72 29 62 72 65 61 6b 3b 63 3d 74 2e 6c 65 6e 67 74 68 7d 76 61 72 20 64 3d 74 2e 73 75 62 61 72 72 61 79 28 6f 2b 38 2c 63 29 3b 4f 62 6a 65 63 74 28 69 2e 61 29 28 6c 2c 6e 5b 30 5d 29 26 26 28 31 3d 3d 3d 6e 2e 6c 65 6e 67 74 68 3f 73 2e 70 75 73 68 28 64 29 3a 73 2e 70 75 73 Data Ascii: ;if(!n.length)return s;for(var o=0;o<t.length;){var u=(t[o]<<24\|t[o+1]<<16\|t[o+2]<<8\|t[o+3])>>>0,l=t.subarray(o+4,o+8);if(0===u)break;var c=o+u;if(c>t.length){if(r)break;c=t.length}var d=t.subarray(o+8,c);Object(i.a)(l,n[0])&&(1===n.length?s.push(d):s.pus
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 32 7d 2f 67 29 2e 6d 61 70 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 65 28 74 29 7d 29 29 3a 22 6e 75 6d 62 65 72 22 3d 3d 74 79 70 65 6f 66 20 74 3f 4f 62 6a 65 63 74 28 69 2e 66 29 28 74 29 3a 74 7d 2c 68 3d 66 75 6e 63 74 69 6f 6e 20 65 28 74 2c 6e 2c 72 29 7b 69 66 28 72 3e 3d 6e 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 20 6e 2e 6c 65 6e 67 74 68 3b 76 61 72 20 61 3d 63 28 6e 2c 72 2c 21 31 29 3b 69 66 28 4f 62 6a 65 63 74 28 69 2e 61 29 28 74 2e 62 79 74 65 73 2c 61 2e 62 79 74 65 73 29 29 72 65 74 75 72 6e 20 72 3b 76 61 72 20 73 3d 63 28 6e 2c 72 2b 61 2e 6c 65 6e 67 74 68 29 3b 72 65 74 75 72 6e 20 65 28 74 2c 6e 2c 72 2b 73 2e 6c 65 6e 67 74 68 2b 73 2e 76 61 6c 75 65 2b 61 2e 6c 65 6e 67 74 68 29 7d 2c 70 3d 66 75 6e 63 74 Data Ascii: 2}/g).map((function(t){return e(t)})):"number"==typeof t?Object(i.f)(t):t},h=function e(t,n,r){if(r>=n.length)return n.length;var a=c(n,r,!1);if(Object(i.a)(t.bytes,a.bytes))return r;var s=c(n,r+a.length);return e(t,n,r+s.length+s.value+a.length)},p=funct
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 26 28 61 3d 73 2b 75 29 2c 73 2b 3d 75 2b 28 22 68 32 36 34 22 3d 3d 3d 74 3f 31 3a 32 29 7d 65 6c 73 65 20 73 2b 2b 7d 72 65 74 75 72 6e 20 65 2e 73 75 62 61 72 72 61 79 28 30 2c 30 29 7d 2c 62 3d 7b 77 65 62 6d 3a 4f 62 6a 65 63 74 28 69 2e 6b 29 28 5b 31 31 39 2c 31 30 31 2c 39 38 2c 31 30 39 5d 29 2c 6d 61 74 72 6f 73 6b 61 3a 4f 62 6a 65 63 74 28 69 2e 6b 29 28 5b 31 30 39 2c 39 37 2c 31 31 36 2c 31 31 34 2c 31 31 31 2c 31 31 35 2c 31 30 37 2c 39 37 5d 29 2c 66 6c 61 63 3a 4f 62 6a 65 63 74 28 69 2e 6b 29 28 5b 31 30 32 2c 37 36 2c 39 37 2c 36 37 5d 29 2c 6f 67 67 3a 4f 62 6a 65 63 74 28 69 2e 6b 29 28 5b 37 39 2c 31 30 33 2c 31 30 33 2c 38 33 5d 29 2c 61 63 33 3a 4f 62 6a 65 63 74 28 69 2e 6b 29 28 5b 31 31 2c 31 31 39 5d 29 2c 72 69 66 66 3a 4f 62 Data Ascii: &(a=s+u),s+=u+("h264"===t?1:2)}else s++}return e.subarray(0,0)},b={webm:Object(i.k)([119,101,98,109]),matroska:Object(i.k)([109,97,116,114,111,115,107,97]),flac:Object(i.k)([102,76,97,67]),ogg:Object(i.k)([79,103,103,83]),ac3:Object(i.k)([11,119]),riff:Ob
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 6e 20 37 31 3d 3d 3d 65 5b 30 5d 3b 66 6f 72 28 76 61 72 20 74 3d 30 3b 74 2b 31 38 38 3c 65 2e 6c 65 6e 67 74 68 26 26 74 3c 31 38 38 3b 29 7b 69 66 28 37 31 3d 3d 3d 65 5b 74 5d 26 26 37 31 3d 3d 3d 65 5b 74 2b 31 38 38 5d 29 72 65 74 75 72 6e 21 30 3b 74 2b 3d 31 7d 72 65 74 75 72 6e 21 31 7d 2c 66 6c 61 63 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 4f 62 6a 65 63 74 28 66 2e 61 29 28 65 29 3b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 28 69 2e 61 29 28 65 2c 62 2e 66 6c 61 63 2c 7b 6f 66 66 73 65 74 3a 74 7d 29 7d 2c 6f 67 67 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 28 69 2e 61 29 28 65 2c 62 2e 6f 67 67 29 7d 2c 61 76 69 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 28 69 Data Ascii: n 71===e[0];for(var t=0;t+188<e.length&&t<188;){if(71===e[t]&&71===e[t+188])return!0;t+=1}return!1},flac:function(e){var t=Object(f.a)(e);return Object(i.a)(e,b.flac,{offset:t})},ogg:function(e){return Object(i.a)(e,b.ogg)},avi:function(e){return Object(i
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 69 6a 61 68 22 2c 22 48 61 72 70 65 72 22 2c 22 43 68 61 72 6c 6f 74 74 65 22 2c 22 41 6d 65 6c 69 61 22 2c 22 42 65 6e 6a 61 6d 69 6e 22 2c 22 57 69 6c 6c 69 61 6d 22 2c 22 4a 61 6d 65 73 22 2c 22 45 76 65 6c 79 6e 22 2c 22 41 62 69 67 61 69 6c 22 5d 2c 75 3d 5b 22 41 6c 61 62 61 6d 61 22 2c 22 41 6c 61 73 6b 61 22 2c 22 41 72 69 7a 6f 6e 61 22 2c 22 41 72 6b 61 6e 73 61 73 22 2c 22 43 61 6c 69 66 6f 72 6e 69 61 22 2c 22 43 6f 6c 6f 72 61 64 6f 22 2c 22 43 6f 6e 6e 65 63 74 69 63 75 74 22 2c 22 44 65 6c 61 77 61 72 65 22 2c 22 46 6c 6f 72 69 64 61 22 2c 22 47 65 6f 72 67 69 61 22 2c 22 48 61 77 61 69 69 22 2c 22 49 64 61 68 6f 22 2c 22 49 6c 6c 69 6e 6f 69 73 22 2c 22 49 6e 64 69 61 6e 61 22 2c 22 49 6f 77 61 22 2c 22 4b 61 6e 73 61 73 22 2c 22 4b 65 6e Data Ascii: ijah","Harper","Charlotte","Amelia","Benjamin","William","James","Evelyn","Abigail"],u=["Alabama","Alaska","Arizona","Arkansas","California","Colorado","Connecticut","Delaware","Florida","Georgia","Hawaii","Idaho","Illinois","Indiana","Iowa","Kansas","Ken
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 65 72 74 69 65 73 28 74 68 69 73 2c 7b 77 69 64 74 68 3a 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 7d 2c 73 65 74 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 69 66 28 21 72 28 74 29 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 57 69 64 74 68 20 6d 75 73 74 20 62 65 20 62 65 74 77 65 65 6e 20 30 20 61 6e 64 20 31 30 30 2e 22 29 3b 65 3d 74 7d 7d 2c 6c 69 6e 65 73 3a 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 7d 2c 73 65 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 22 6e 75 6d 62 65 72 22 21 3d 74 79 70 65 6f 66 20 65 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 4c 69 6e 65 73 20 6d 75 Data Ascii: erties(this,{width:{enumerable:!0,get:function(){return e},set:function(t){if(!r(t))throw new Error("Width must be between 0 and 100.");e=t}},lines:{enumerable:!0,get:function(){return t},set:function(e){if("number"!=typeof e)throw new TypeError("Lines mu
2025-01-09 20:54:47 UTC	1369	IN	Data Raw: 65 41 74 28 73 29 3b 72 65 74 75 72 6e 20 61 7d 7d 29 2e 63 61 6c 6c 28 74 68 69 73 2c 6e 28 22 74 6a 6c 41 22 29 2e 42 75 66 66 65 72 29 7d 2c 30 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 6e 28 22 62 55 43 35 22 29 2c 6e 28 22 58 45 58 6b 22 29 2c 6e 28 22 4f 31 6e 2b 22 29 2c 6e 28 22 69 57 4b 58 22 29 2c 6e 28 22 58 61 69 55 22 29 2c 65 2e 65 78 70 6f 72 74 73 3d 6e 28 22 67 71 41 69 22 29 7d 2c 22 30 43 78 4f 22 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 3d 6e 28 22 37 7a 52 6a 22 29 2c 69 3d 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 7c 7c 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 7d 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 74 29 7b 69 66 28 31 21 3d 3d 61 72 67 75 6d 65 6e 74 73 2e 6c Data Ascii: eAt(s);return a}}).call(this,n("tjlA").Buffer)},0:function(e,t,n){n("bUC5"),n("XEXk"),n("O1n+"),n("iWKX"),n("XaiU"),e.exports=n("gqAi")},"0CxO":function(e,t,n){var r=n("7zRj"),i=Object.create\|\|function(){function e(){}return function(t){if(1!==arguments.l