Edit tour

Windows Analysis Report
https://api.dtf.ru/v2.8/redirect?to=https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=doc

Overview

General Information

Sample URL:	https://api.dtf.ru/v2.8/redirect?to=https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=doc
Analysis ID:	1645242
Infos:

Detection

HTMLPhisher

Score:	60
Range:	0 - 100
Confidence:	100%

Signatures

Yara detected HtmlPhish77

AI detected landing page (webpage, office document or email)

Detected use of open redirect vulnerability

Phishing site or detected (based on various text indicators)

Creates files inside the system directory

Deletes files inside the Windows folder

Detected suspicious crossdomain redirect

HTML body contains low number of good links

HTML body contains password input but no form action

HTML body with high number of embedded images detected

HTML page contains hidden javascript code

HTML title does not match URL

Invalid 'forgot password' link found

Invalid T&C link found

Suricata IDS alerts with low severity for network traffic

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 6944 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)

chrome.exe (PID: 6348 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1980,i,10731384019852493687,14579561413098848484,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2228 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)

chrome.exe (PID: 5580 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://api.dtf.ru/v2.8/redirect?to=https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=doc" MD5: E81F54E6C1129887AEA47E7D092680BF)

cleanup

Yara Signatures

HTML

Source	Rule	Description	Author	Strings
5.11.pages.csv	JoeSecurity_HtmlPhish_77	Yara detected HtmlPhish_77	Joe Security

Suricata Signatures

ET PHISHING Suspicious HTML Decimal Obfuscated Title - Possible Phishing Landing Apr 19 2017

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2025-03-21T15:18:40.416622+0100	2024228	2	Possible Social Engineering Attempted	172.67.162.108	443	192.168.2.17	49979	TCP
2025-03-21T15:18:43.152972+0100	2024228	2	Possible Social Engineering Attempted	172.67.162.108	443	192.168.2.17	49980	TCP
2025-03-21T15:19:06.548189+0100	2024228	2	Possible Social Engineering Attempted	172.67.162.108	443	192.168.2.17	50164	TCP

Joe Sandbox Signatures

• Phishing
• Compliance
• Software Vulnerabilities
• Networking
• System Summary

Click to jump to signature section

Show All Signature Results

Phishing

Yara detected HtmlPhish77

Source: Yara match

File source: 5.11.pages.csv, type: HTML

AI detected landing page (webpage, office document or email)

Source: https://gamma.app/docs/SecureMessagepdf-ga28akpd8nljjf8?mode=doc

Joe Sandbox AI: Page contains button: 'VIEW DOCUMENT' Source: '1.1.pages.csv'

Detected use of open redirect vulnerability

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

HTTP traffic: Proxy from: api.dtf.ru/v2.8/redirect?to=https://gamma.app/docs/incoming-pdf-document-ga28akpd8nljjf8?mode=doc to https://gamma.app/docs/incoming-pdf-document-ga28akpd8nljjf8?mode=doc

Phishing site or detected (based on various text indicators)

Source: Chrome DOM: 1.2	OCR Text: SecureMessage.pdf Present UT Secure PDF Document You just received a new PDF Document for your review. File Type: PDF VIEW DOCUMENT This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use copy disclose, or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message Do not include confidential or sensitive information in your reply to this notification as it will not be encrypted. Thank you for your cooperation.
Source: Chrome DOM: 1.1	OCR Text: SecureMessage.pdf Present UT Secure PDF Document You just received a new PDF Document for your review. File Type: PDF VIEW DOCUMENT This message may contain confidential and/or privileged information If you are not the addressee or authorized to receive this for the addressee you must not use copy disclose, or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Do not include confidential or sensitive information in your reply to this notification as it will not be encrypted Thank you for your cooperation.

Source: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verify

HTTP Parser: Number of links: 0

HTTP Parser: <input type="password" .../> found but no <form action="...

Source: https://www.google.com/search?q=EMAIL+EXAMPLE&rlz=1C1ONGR_enUS1154&oq=EMAIL+EXAMPLE+&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTINCAEQABiDARixAxiABDINCAIQABiDARixAxiABDIKCAMQABixAxiABDINCAQQABiDARixAxiABDINCAUQABiLAxixAxiABDIKCAYQABiLAxiABDIKCAcQABixAxiABDINCAgQABiLAxixAxiABDINCAkQABiLAxixAxiABNIBCDQ5MjFqMWo3qAIHsAIB8QWRqm0CxF8GZw&sourceid=chrome&ie=UTF-8&sei=i3XdZ9vrKPb_ptQPh4Oe8Q8

HTTP Parser: Total embedded image size: 79340

HTTP Parser: Base64 decoded: Sign-in options

HTTP Parser: Title: Connect your account does not match URL

HTTP Parser: Invalid link: Forgot password?

Source: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verify	HTTP Parser: Invalid link: Terms of use
Source: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verify	HTTP Parser: Invalid link: Privacy & cookies

HTTP Parser: <input type="password" .../> found

Source: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/	HTTP Parser: No favicon
Source: https://www.google.com/search?q=EMAIL+EXAMPLE&rlz=1C1ONGR_enUS1154&oq=EMAIL+EXAMPLE+&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTINCAEQABiDARixAxiABDINCAIQABiDARixAxiABDIKCAMQABixAxiABDINCAQQABiDARixAxiABDINCAUQABiLAxixAxiABDIKCAYQABiLAxiABDIKCAcQABixAxiABDINCAgQABiLAxixAxiABDINCAkQABiLAxixAxiABNIBCDQ5MjFqMWo3qAIHsAIB8QWRqm0CxF8GZw&sourceid=chrome&ie=UTF-8&sei=i3XdZ9vrKPb_ptQPh4Oe8Q8	HTTP Parser: No favicon
Source: https://www.google.com/search?q=EMAIL+EXAMPLE&rlz=1C1ONGR_enUS1154&oq=EMAIL+EXAMPLE+&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTINCAEQABiDARixAxiABDINCAIQABiDARixAxiABDIKCAMQABixAxiABDINCAQQABiDARixAxiABDINCAUQABiLAxixAxiABDIKCAYQABiLAxiABDIKCAcQABixAxiABDINCAgQABiLAxixAxiABDINCAkQABiLAxixAxiABNIBCDQ5MjFqMWo3qAIHsAIB8QWRqm0CxF8GZw&sourceid=chrome&ie=UTF-8&sei=i3XdZ9vrKPb_ptQPh4Oe8Q8	HTTP Parser: No favicon
Source: https://www.google.com/search?q=EMAIL+EXAMPLE&rlz=1C1ONGR_enUS1154&oq=EMAIL+EXAMPLE+&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTINCAEQABiDARixAxiABDINCAIQABiDARixAxiABDIKCAMQABixAxiABDINCAQQABiDARixAxiABDINCAUQABiLAxixAxiABDIKCAYQABiLAxiABDIKCAcQABixAxiABDINCAgQABiLAxixAxiABDINCAkQABiLAxixAxiABNIBCDQ5MjFqMWo3qAIHsAIB8QWRqm0CxF8GZw&sourceid=chrome&ie=UTF-8&sei=i3XdZ9vrKPb_ptQPh4Oe8Q8	HTTP Parser: No favicon

HTTP Parser: No <meta name="author".. found

HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: unknown	HTTPS traffic detected: 5.188.161.118:443 -> 192.168.2.17:49718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 5.188.161.118:443 -> 192.168.2.17:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.200:443 -> 192.168.2.17:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.200:443 -> 192.168.2.17:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.85.61.100:443 -> 192.168.2.17:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.152.142:443 -> 192.168.2.17:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.152.134:443 -> 192.168.2.17:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.120.195.249:443 -> 192.168.2.17:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.120.195.249:443 -> 192.168.2.17:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:49758 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.200:443 -> 192.168.2.17:49774 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.66.57:443 -> 192.168.2.17:49811 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.194.217:443 -> 192.168.2.17:49813 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.194.217:443 -> 192.168.2.17:49812 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.200:443 -> 192.168.2.17:49818 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 18.118.124.252:443 -> 192.168.2.17:49815 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 18.118.124.252:443 -> 192.168.2.17:49814 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.200:443 -> 192.168.2.17:49819 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.200:443 -> 192.168.2.17:49820 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.65.57:443 -> 192.168.2.17:49833 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.142.109.26:443 -> 192.168.2.17:49828 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.142.109.26:443 -> 192.168.2.17:49829 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.2.217:443 -> 192.168.2.17:49831 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.2.217:443 -> 192.168.2.17:49832 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 76.223.31.44:443 -> 192.168.2.17:49835 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.200:443 -> 192.168.2.17:49843 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.200:443 -> 192.168.2.17:49844 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.79.73:443 -> 192.168.2.17:49845 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.49.241.189:443 -> 192.168.2.17:49851 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.71.250:443 -> 192.168.2.17:49857 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 76.223.31.44:443 -> 192.168.2.17:49856 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.200:443 -> 192.168.2.17:49858 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.200:443 -> 192.168.2.17:49859 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.200:443 -> 192.168.2.17:49862 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.200:443 -> 192.168.2.17:49863 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.200:443 -> 192.168.2.17:49865 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 18.173.219.110:443 -> 192.168.2.17:49868 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.249.91.44:443 -> 192.168.2.17:49866 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.219.189.64:443 -> 192.168.2.17:49867 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.139.47.108:443 -> 192.168.2.17:49871 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.139.47.108:443 -> 192.168.2.17:49872 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.200:443 -> 192.168.2.17:49873 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.162.108:443 -> 192.168.2.17:49874 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.162.108:443 -> 192.168.2.17:49875 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.21.58.159:443 -> 192.168.2.17:49878 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.21.58.159:443 -> 192.168.2.17:49877 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.21.41.111:443 -> 192.168.2.17:49879 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.21.41.111:443 -> 192.168.2.17:49880 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.174.127.31:443 -> 192.168.2.17:49881 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.38:443 -> 192.168.2.17:49884 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.95.41:443 -> 192.168.2.17:49885 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.95.41:443 -> 192.168.2.17:49892 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.95.41:443 -> 192.168.2.17:49906 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.162.108:443 -> 192.168.2.17:49913 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.229:443 -> 192.168.2.17:50019 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.21.58.159:443 -> 192.168.2.17:50142 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.130.137:443 -> 192.168.2.17:50168 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.174.127.31:443 -> 192.168.2.17:50169 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.174.127.31:443 -> 192.168.2.17:50214 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50219 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50229 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50230 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50231 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50240 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50241 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50242 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50243 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50244 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50245 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50246 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50257 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50262 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.41.14:443 -> 192.168.2.17:50269 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.41.14:443 -> 192.168.2.17:50274 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50275 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50277 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50278 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50281 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50285 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50282 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50283 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50328 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50329 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50331 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50327 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50332 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50330 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.17:50334 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 8MB later: 41MB

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

HTTP traffic: Redirect from: api.dtf.ru to https://gamma.app/docs/incoming-pdf-document-ga28akpd8nljjf8?mode=doc

Source: Network traffic	Suricata IDS: 2024228 - Severity 2 - ET PHISHING Suspicious HTML Decimal Obfuscated Title - Possible Phishing Landing Apr 19 2017 : 172.67.162.108:443 -> 192.168.2.17:49979
Source: Network traffic	Suricata IDS: 2024228 - Severity 2 - ET PHISHING Suspicious HTML Decimal Obfuscated Title - Possible Phishing Landing Apr 19 2017 : 172.67.162.108:443 -> 192.168.2.17:49980
Source: Network traffic	Suricata IDS: 2024228 - Severity 2 - ET PHISHING Suspicious HTML Decimal Obfuscated Title - Possible Phishing Landing Apr 19 2017 : 172.67.162.108:443 -> 192.168.2.17:50164

Source: unknown	TCP traffic detected without corresponding DNS query: 51.132.193.104
Source: unknown	TCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknown	TCP traffic detected without corresponding DNS query: 52.109.28.46
Source: unknown	TCP traffic detected without corresponding DNS query: 51.132.193.104
Source: unknown	TCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknown	TCP traffic detected without corresponding DNS query: 52.109.28.46
Source: unknown	TCP traffic detected without corresponding DNS query: 51.132.193.104
Source: unknown	TCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknown	TCP traffic detected without corresponding DNS query: 52.109.28.46
Source: unknown	TCP traffic detected without corresponding DNS query: 52.123.128.14
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.123.128.14
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 51.132.193.104
Source: unknown	TCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknown	TCP traffic detected without corresponding DNS query: 52.109.28.46
Source: unknown	TCP traffic detected without corresponding DNS query: 52.123.128.14
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.123.128.14
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 51.132.193.104
Source: unknown	TCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknown	TCP traffic detected without corresponding DNS query: 52.109.28.46
Source: unknown	TCP traffic detected without corresponding DNS query: 52.123.128.14
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 51.132.193.104
Source: unknown	TCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknown	TCP traffic detected without corresponding DNS query: 52.109.28.46
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /v2.8/redirect?to=https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=doc HTTP/1.1Host: api.dtf.ruConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=doc HTTP/1.1Host: gamma.appConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_next/static/css/f8b783c6ab1b2b30.css?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/css/d87801e5487946cc.css?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/webpack-e96583cc1369047b.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/framework-89ee881bc4e530f4.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/main-9475221561be5776.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/pages/_app-df952635f0a7e43d.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /embed.js HTTP/1.1Host: cdn.iframe.lyConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://gamma.app/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tiw2cwq.css HTTP/1.1Host: use.typekit.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://gamma.app/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/93656207-5a8710788d43745e.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/b4d7d80c-6672be498163ec97.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/ad54e6ef-c1497d83c32edce5.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/2edb282b-c727a725ba9cab5d.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /p.css?s=1&k=tiw2cwq&ht=tk&f=10870.10872.10873.10874.28201.28205.28208.28222.28225.28226.28227.28238.32157.32159.32163.32164&a=2326044&app=typekit&e=css HTTP/1.1Host: p.typekit.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://use.typekit.net/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/b155a556-6216235a369a735d.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/d08a6a05-cd94e662b24272fc.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/1035ef44-a82a0e0646431fa5.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/b779bb5e-79de22188ac69032.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/91bbf309-32a6ed56d98fa368.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/8c469d57-125fc4e271dbee1b.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/5adc83ef-bcbc74c04583414c.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/b13ba9de-693ee4b2b0cb0b28.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/9b583bcd-e94a9f27afcc219c.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/69bd6bf3-8eac31bce3de269a.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /api/5776661/envelope/?sentry_key=824b9acd00f449f283554475ff8303bb&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.8.0 HTTP/1.1Host: o698378.ingest.sentry.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/998ccc15-d28324c84824644b.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/a29ae703-7accb437ac3a87e9.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/64bbefcc-ad34eaf1d0f1c936.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/7811-95fc21fe63dec224.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/659-8a6828fad9a08284.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/2445-2cebfc2d3c10f6c8.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/995-984ec3894744e0be.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/6267-0f348a7fac09425b.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/9680-e3c4e12efd5d6c79.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/6980-3b5a299f0e1e01a2.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/9695-8f8ecdaf663cd4dd.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/316-91fc125afa02f5ee.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/8325-4eb976cbb20bec79.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/996-7ccc42dd9fcc84ce.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/7981-f12d322f650a764a.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/572-b62633d8525ea3a1.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/3641-a3fcc7ee223db83f.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/9006-f56c86c9a33d98d7.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/4327-1bf4b64f18f68344.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/4324-530c5f9bef4bd486.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/5884-859eb7edeaa7f956.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/8786-aa1757ffc09a6103.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/9863-3e59445465aa465e.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/6953-9883d8f0e87906f6.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/6852-27fc7b05786708df.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/12-130ba82b2a3bc84a.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/3589-cffefc902b846c38.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/4787-978329409cb23e6a.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/9786-239c79d75da680a8.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/1786-05e9315167c0f6df.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/1970-f10ec3b1bd264b66.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/8495-42e1816f3eaeed01.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/3251-175a8df88172c470.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/1368-791ad052cf0ceece.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/9639-adf3eebe6a0407b3.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/847-141eccdf1b67f4c8.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/4229-b14fe1f0c105af0b.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/8911-147aa9985b4def82.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/8766-c5b1d82d7a5b4784.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/6113-39a9ddd1a2b33902.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/9989-9864eb8adea27fa9.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/9277-c4ad10a7f727b891.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/pages/docs/%5BdocId%5D-61e606859fc2b6e4.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/V32iEM-t0L8TcezqJ2Qa_/_buildManifest.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/V32iEM-t0L8TcezqJ2Qa_/_ssgManifest.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/9015.3da411409f75d0c1.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/9484.2d145ec231909a76.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/7413e8b9.26789ad7eaab3ff4.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/1743016e.cafbf12bf63073bf.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; _dd_s=logs=1&id=2ed03498-cae2-4554-9a4b-e4f2073e2954&created=1742566701982&expire=1742567601982
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/3d35b88c.89c8cbcdea31a14b.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; _dd_s=logs=1&id=2ed03498-cae2-4554-9a4b-e4f2073e2954&created=1742566701982&expire=1742567601982
Source: global traffic	HTTP traffic detected: GET /js/20579410255.js HTTP/1.1Host: cdn.optimizely.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://gamma.app/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_app_static/js/tiktoken-640a99ed3ce5ba67.wasm HTTP/1.1Host: cdn.gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Origin: https://gamma.appSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://gamma.app/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/4483.b1e22900348e682f.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; _dd_s=logs=1&id=2ed03498-cae2-4554-9a4b-e4f2073e2954&created=1742566701982&expire=1742567601982
Source: global traffic	HTTP traffic detected: GET /graphql HTTP/1.1Host: api.gamma.appConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gamma.appSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8jSec-WebSocket-Key: AX0y9TxxyNQGq7IQdVV2DQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: graphql-ws
Source: global traffic	HTTP traffic detected: GET /sdk/goals/61e83cfd8ac5a016e6f0d0b6 HTTP/1.1Host: app.launchdarkly.comConnection: keep-aliveX-LaunchDarkly-Wrapper: react-client-sdk-gammasec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36X-LaunchDarkly-User-Agent: JSClient/3.5.0sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Origin: https://gamma.appSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://gamma.app/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sdk/evalx/61e83cfd8ac5a016e6f0d0b6/contexts/eyJraW5kIjoibXVsdGkiLCJ1c2VyIjp7ImtleSI6ImxkX2Fub255bW91c191c2VyIiwiYW5vbnltb3VzIjp0cnVlLCJpc0dhbW1hRTJFIjpmYWxzZSwiaXNHYW1tYVVzZXIiOmZhbHNlLCJvcmdJZCI6Im5vX29yZ19pZCIsImlzTW9iaWxlRGV2aWNlIjpmYWxzZSwiZGVwbG95VGltZSI6MTc0MjUwMTY1NTQ2NSwiZGVwbG95bWVudEhhc2giOiI1dnUxNDd0MDMifX0?withReasons=true HTTP/1.1Host: app.launchdarkly.comConnection: keep-aliveX-LaunchDarkly-Wrapper: react-client-sdk-gammasec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36X-LaunchDarkly-User-Agent: JSClient/3.5.0sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Origin: https://gamma.appSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://gamma.app/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/5776661/envelope/?sentry_key=824b9acd00f449f283554475ff8303bb&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.8.0 HTTP/1.1Host: o698378.ingest.sentry.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sdk/goals/61e83cfd8ac5a016e6f0d0b6 HTTP/1.1Host: app.launchdarkly.comConnection: keep-aliveX-LaunchDarkly-Wrapper: react-client-sdk-gammasec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36X-LaunchDarkly-User-Agent: JSClient/3.5.0sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Origin: https://gamma.appSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://gamma.app/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9If-None-Match: "8082e2de4de1b83503e3a6e82eae19ad"
Source: global traffic	HTTP traffic detected: GET /api/5776661/envelope/?sentry_key=824b9acd00f449f283554475ff8303bb&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.8.0 HTTP/1.1Host: o698378.ingest.sentry.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_storage/a187838077.html HTTP/1.1Host: a187838077.cdn.optimizely.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://gamma.app/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /graphql HTTP/1.1Host: api.gamma.appConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gamma.appSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8jSec-WebSocket-Key: 0J0tYRrKo3Am0dcHc7/eFw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: graphql-ws
Source: global traffic	HTTP traffic detected: GET /v1/user-context HTTP/1.1Host: events.api.gamma.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j
Source: global traffic	HTTP traffic detected: GET /v1/i HTTP/1.1Host: events.api.gamma.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j
Source: global traffic	HTTP traffic detected: GET /sdk/goals/61e83cfd8ac5a016e6f0d0b6 HTTP/1.1Host: app.launchdarkly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sdk/evalx/61e83cfd8ac5a016e6f0d0b6/contexts/eyJraW5kIjoibXVsdGkiLCJ1c2VyIjp7ImtleSI6ImxkX2Fub255bW91c191c2VyIiwiYW5vbnltb3VzIjp0cnVlLCJpc0dhbW1hRTJFIjpmYWxzZSwiaXNHYW1tYVVzZXIiOmZhbHNlLCJvcmdJZCI6Im5vX29yZ19pZCIsImlzTW9iaWxlRGV2aWNlIjpmYWxzZSwiZGVwbG95VGltZSI6MTc0MjUwMTY1NTQ2NSwiZGVwbG95bWVudEhhc2giOiI1dnUxNDd0MDMifX0?withReasons=true HTTP/1.1Host: app.launchdarkly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sdk/evalx/61e83cfd8ac5a016e6f0d0b6/contexts/eyJraW5kIjoibXVsdGkiLCJ1c2VyIjp7ImtleSI6ImxkX2Fub255bW91c191c2VyIiwiYW5vbnltb3VzIjp0cnVlLCJpc0dhbW1hRTJFIjpmYWxzZSwiaXNHYW1tYVVzZXIiOmZhbHNlLCJvcmdJZCI6Im5vX29yZ19pZCIsImlzTW9iaWxlRGV2aWNlIjpmYWxzZSwiZGVwbG95VGltZSI6MTc0MjUwMTY1NTQ2NSwiZGVwbG95bWVudEhhc2giOiI1dnUxNDd0MDMiLCJicm93c2VyIjp7Im5hbWUiOiJDaHJvbWUiLCJ2ZXJzaW9uIjoiMTM0LjAuMC4wIn0sImxvY2FsZSI6ImVuLVVTIiwibG9jYXRpb24iOnsiY2l0eSI6IiIsImNvdW50cnkiOiJVUyIsImxhdGl0dWRlIjozNy43NTEsImxvbmdpdHVkZSI6LTk3LjgyMn19fQ?withReasons=true HTTP/1.1Host: app.launchdarkly.comConnection: keep-aliveX-LaunchDarkly-Wrapper: react-client-sdk-gammasec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36X-LaunchDarkly-User-Agent: JSClient/3.5.0sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Origin: https://gamma.appSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://gamma.app/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /eval/61e83cfd8ac5a016e6f0d0b6/eyJraW5kIjoibXVsdGkiLCJ1c2VyIjp7ImtleSI6ImxkX2Fub255bW91c191c2VyIiwiYW5vbnltb3VzIjp0cnVlLCJpc0dhbW1hRTJFIjpmYWxzZSwiaXNHYW1tYVVzZXIiOmZhbHNlLCJvcmdJZCI6Im5vX29yZ19pZCIsImlzTW9iaWxlRGV2aWNlIjpmYWxzZSwiZGVwbG95VGltZSI6MTc0MjUwMTY1NTQ2NSwiZGVwbG95bWVudEhhc2giOiI1dnUxNDd0MDMifX0?withReasons=true HTTP/1.1Host: clientstream.launchdarkly.comConnection: keep-alivesec-ch-ua-platform: "Windows"Cache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/event-streamsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://gamma.appSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://gamma.app/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sdk/goals/61e83cfd8ac5a016e6f0d0b6 HTTP/1.1Host: app.launchdarkly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9If-None-Match: "8082e2de4de1b83503e3a6e82eae19ad"
Source: global traffic	HTTP traffic detected: GET /graphql HTTP/1.1Host: api.gamma.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j
Source: global traffic	HTTP traffic detected: GET /_app_static/js/tiktoken-640a99ed3ce5ba67.wasm HTTP/1.1Host: cdn.gamma.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j
Source: global traffic	HTTP traffic detected: GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1Host: static.cloudflareinsights.comConnection: keep-aliveOrigin: https://a187838077.cdn.optimizely.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://a187838077.cdn.optimizely.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sdk/evalx/61e83cfd8ac5a016e6f0d0b6/contexts/eyJraW5kIjoibXVsdGkiLCJ1c2VyIjp7ImtleSI6ImxkX2Fub255bW91c191c2VyIiwiYW5vbnltb3VzIjp0cnVlLCJpc0dhbW1hRTJFIjpmYWxzZSwiaXNHYW1tYVVzZXIiOmZhbHNlLCJvcmdJZCI6Im5vX29yZ19pZCIsImlzTW9iaWxlRGV2aWNlIjpmYWxzZSwiZGVwbG95VGltZSI6MTc0MjUwMTY1NTQ2NSwiZGVwbG95bWVudEhhc2giOiI1dnUxNDd0MDMiLCJicm93c2VyIjp7Im5hbWUiOiJDaHJvbWUiLCJ2ZXJzaW9uIjoiMTM0LjAuMC4wIn0sImxvY2FsZSI6ImVuLVVTIiwibG9jYXRpb24iOnsiY2l0eSI6IiIsImNvdW50cnkiOiJVUyIsImxhdGl0dWRlIjozNy43NTEsImxvbmdpdHVkZSI6LTk3LjgyMn19fQ?withReasons=true HTTP/1.1Host: app.launchdarkly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sdk/evalx/61e83cfd8ac5a016e6f0d0b6/contexts/eyJraW5kIjoibXVsdGkiLCJ1c2VyIjp7ImtleSI6ImxkX2Fub255bW91c191c2VyIiwiYW5vbnltb3VzIjp0cnVlLCJpc0dhbW1hRTJFIjpmYWxzZSwiaXNHYW1tYVVzZXIiOmZhbHNlLCJvcmdJZCI6Im5vX29yZ19pZCIsImlzTW9iaWxlRGV2aWNlIjpmYWxzZSwiZGVwbG95VGltZSI6MTc0MjUwMTY1NTQ2NSwiZGVwbG95bWVudEhhc2giOiI1dnUxNDd0MDMifSwid29ya3NwYWNlIjp7ImtleSI6InV3amJibHNrN3lvdWZzZSIsIm5hbWUiOiJLcmlzIEtlbnRyeSdzIFdvcmtzcGFjZSIsInBsYW4iOiJwcm8ifX0?withReasons=true HTTP/1.1Host: app.launchdarkly.comConnection: keep-aliveX-LaunchDarkly-Wrapper: react-client-sdk-gammasec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36X-LaunchDarkly-User-Agent: JSClient/3.5.0sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Origin: https://gamma.appSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://gamma.app/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/5776661/envelope/?sentry_key=824b9acd00f449f283554475ff8303bb&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.8.0 HTTP/1.1Host: o698378.ingest.sentry.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /graphql HTTP/1.1Host: api.gamma.appConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gamma.appSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8jSec-WebSocket-Key: ByXYISdQtZs6DrsBoDAyGw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: graphql-ws
Source: global traffic	HTTP traffic detected: GET /v1/t HTTP/1.1Host: events.api.gamma.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j
Source: global traffic	HTTP traffic detected: GET /graphql HTTP/1.1Host: api.gamma.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j
Source: global traffic	HTTP traffic detected: GET /manifest.json HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://gamma.app/docs/SecureMessagepdf-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/5776661/envelope/?sentry_key=824b9acd00f449f283554475ff8303bb&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.8.0 HTTP/1.1Host: o698378.ingest.sentry.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sdk/evalx/61e83cfd8ac5a016e6f0d0b6/contexts/eyJraW5kIjoibXVsdGkiLCJ1c2VyIjp7ImtleSI6ImxkX2Fub255bW91c191c2VyIiwiYW5vbnltb3VzIjp0cnVlLCJpc0dhbW1hRTJFIjpmYWxzZSwiaXNHYW1tYVVzZXIiOmZhbHNlLCJvcmdJZCI6Im5vX29yZ19pZCIsImlzTW9iaWxlRGV2aWNlIjpmYWxzZSwiZGVwbG95VGltZSI6MTc0MjUwMTY1NTQ2NSwiZGVwbG95bWVudEhhc2giOiI1dnUxNDd0MDMifSwid29ya3NwYWNlIjp7ImtleSI6InV3amJibHNrN3lvdWZzZSIsIm5hbWUiOiJLcmlzIEtlbnRyeSdzIFdvcmtzcGFjZSIsInBsYW4iOiJwcm8ifX0?withReasons=true HTTP/1.1Host: app.launchdarkly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/app.js?appId=7blc4aqmp HTTP/1.1Host: assets.churnkey.coConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://gamma.app/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /eval/61e83cfd8ac5a016e6f0d0b6/eyJraW5kIjoibXVsdGkiLCJ1c2VyIjp7ImtleSI6ImxkX2Fub255bW91c191c2VyIiwiYW5vbnltb3VzIjp0cnVlLCJpc0dhbW1hRTJFIjpmYWxzZSwiaXNHYW1tYVVzZXIiOmZhbHNlLCJvcmdJZCI6Im5vX29yZ19pZCIsImlzTW9iaWxlRGV2aWNlIjpmYWxzZSwiZGVwbG95VGltZSI6MTc0MjUwMTY1NTQ2NSwiZGVwbG95bWVudEhhc2giOiI1dnUxNDd0MDMifSwid29ya3NwYWNlIjp7ImtleSI6InV3amJibHNrN3lvdWZzZSIsIm5hbWUiOiJLcmlzIEtlbnRyeSdzIFdvcmtzcGFjZSIsInBsYW4iOiJwcm8ifX0?withReasons=true HTTP/1.1Host: clientstream.launchdarkly.comConnection: keep-alivesec-ch-ua-platform: "Windows"Cache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/event-streamsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://gamma.appSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://gamma.app/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resize/quality:80/resizing_type:fit/width:2000/https://cdn.gamma.app/uwjbblsk7youfse/c2cff11d66d84a528b4e8baeb0b15eae/original/adobe2.png HTTP/1.1Host: imgproxy.gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gamma.app/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j
Source: global traffic	HTTP traffic detected: GET /resize/quality:80/resizing_type:fit/width:2000/https://cdn.gamma.app/uwjbblsk7youfse/68e80c1fd0bc43c19c0d45d7fc3addd2/original/image.png HTTP/1.1Host: imgproxy.gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gamma.app/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j
Source: global traffic	HTTP traffic detected: GET /graphql HTTP/1.1Host: api.gamma.appConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gamma.appSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8jSec-WebSocket-Key: si1BDEI7+jb4HSUfdOT7lw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: graphql-ws
Source: global traffic	HTTP traffic detected: GET /resize/quality:80/resizing_type:fit/width:2000/https://cdn.gamma.app/uwjbblsk7youfse/68e80c1fd0bc43c19c0d45d7fc3addd2/original/image.png HTTP/1.1Host: imgproxy.gamma.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j
Source: global traffic	HTTP traffic detected: GET /resize/quality:80/resizing_type:fit/width:2000/https://cdn.gamma.app/uwjbblsk7youfse/c2cff11d66d84a528b4e8baeb0b15eae/original/adobe2.png HTTP/1.1Host: imgproxy.gamma.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j
Source: global traffic	HTTP traffic detected: GET /css/app.css HTTP/1.1Host: assets.churnkey.coConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://gamma.app/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicons/favicon-192.svg HTTP/1.1Host: gamma.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gamma.app/docs/SecureMessagepdf-ga28akpd8nljjf8?mode=docAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j; firstPageSeen=https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=doc; lastPageSeen=https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=doc; _dd_s=logs=1&id=2ed03498-cae2-4554-9a4b-e4f2073e2954&created=1742566701982&expire=1742567601982
Source: global traffic	HTTP traffic detected: GET /widget/ihnzqaok HTTP/1.1Host: widget.intercom.ioConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://gamma.app/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sdk.js HTTP/1.1Host: canny.ioConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://gamma.app/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /graphql HTTP/1.1Host: api.gamma.appConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gamma.appSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8jSec-WebSocket-Key: Z3LB2wOIzy7ScOIa/kQdqQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: graphql-ws
Source: global traffic	HTTP traffic detected: GET /frame-modern.21d5902d.js HTTP/1.1Host: js.intercomcdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /vendor-modern.fe3bc4ee.js HTTP/1.1Host: js.intercomcdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicons/favicon-192.svg HTTP/1.1Host: gamma.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j; firstPageSeen=https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=doc; lastPageSeen=https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=doc; _dd_s=logs=1&id=2ed03498-cae2-4554-9a4b-e4f2073e2954&created=1742566701982&expire=1742567601982
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://gamma.app/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /messenger/web/launcher_settings HTTP/1.1Host: api-iam.intercom.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /messenger/web/ping HTTP/1.1Host: api-iam.intercom.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pubsub/5-oEMatXcV6r33fWvTgNASjZW2K4lkLVBz63XAgM5IXCQG6j95VQem9bjHY-essc_iYuGdDgNMBzECXSdr-ZXJTxz2_o7PZqC2_otW?X-Nexus-New-Client=true&X-Nexus-Version=0.14.0&user_role=visitor HTTP/1.1Host: nexus-websocket-a.intercom.ioConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gamma.appSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: ka3KL0HeP/+gASAfbl1urQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /graphql HTTP/1.1Host: api.gamma.appConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gamma.appSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j; intercom-id-ihnzqaok=773690b0-ed8d-4744-b0ec-ffdaa4899010; intercom-session-ihnzqaok=; intercom-device-id-ihnzqaok=5e0ed4b8-c252-46cc-81b0-a3604e1ee7e8Sec-WebSocket-Key: n+lDe7WpNC+JSkMynd24yw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: graphql-ws
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/708f7a809116/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v5s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/jz29c/0x4AAAAAABBXfBg46pY59qVe/auto/fbE/new/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=923e143eb8b47289&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/jz29c/0x4AAAAAABBXfBg46pY59qVe/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/jz29c/0x4AAAAAABBXfBg46pY59qVe/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /page/images/favicon.ico HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /graphql HTTP/1.1Host: api.gamma.appConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gamma.appSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j; intercom-id-ihnzqaok=773690b0-ed8d-4744-b0ec-ffdaa4899010; intercom-session-ihnzqaok=; intercom-device-id-ihnzqaok=5e0ed4b8-c252-46cc-81b0-a3604e1ee7e8Sec-WebSocket-Key: t7f6VHNrVWf+qokzoWyCWw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: graphql-ws
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /page/images/favicon.ico HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/762234782:1742563506:qYmX7U20XhYaiQnjd3zwCfXYYbXJMvnWNqpRtP_BRis/923e143eb8b47289/HDGLYNW5zRJsYJcwtvgBzl4CXKhbYpwq4ChrlgtsvbY-1742566712-1.1.1.1-Qi3ZdbI3tssSUAH2A_7LDTYupnsHZk5.qjiBjKy4kyd5VFTxK4eXAP8.5cc2eivk HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/923e143eb8b47289/1742566713381/08b038e53f3db981c0c5de6d1902889d2a906a97372af89bdc379aaef6bdd7ee/AnlkJDL3zYNBPEc HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/jz29c/0x4AAAAAABBXfBg46pY59qVe/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/d/923e143eb8b47289/1742566713387/Kd8Naq7f6kir-Sp HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/jz29c/0x4AAAAAABBXfBg46pY59qVe/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /vendors~app~tooltips-modern.aefe08bc.js HTTP/1.1Host: js.intercomcdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /vendors~app-modern.d1c89a62.js HTTP/1.1Host: js.intercomcdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/d/923e143eb8b47289/1742566713387/Kd8Naq7f6kir-Sp HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /app~tooltips-modern.7c0c2b53.js HTTP/1.1Host: js.intercomcdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app-modern.182f2cf7.js HTTP/1.1Host: js.intercomcdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/762234782:1742563506:qYmX7U20XhYaiQnjd3zwCfXYYbXJMvnWNqpRtP_BRis/923e143eb8b47289/HDGLYNW5zRJsYJcwtvgBzl4CXKhbYpwq4ChrlgtsvbY-1742566712-1.1.1.1-Qi3ZdbI3tssSUAH2A_7LDTYupnsHZk5.qjiBjKy4kyd5VFTxK4eXAP8.5cc2eivk HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/762234782:1742563506:qYmX7U20XhYaiQnjd3zwCfXYYbXJMvnWNqpRtP_BRis/923e143eb8b47289/HDGLYNW5zRJsYJcwtvgBzl4CXKhbYpwq4ChrlgtsvbY-1742566712-1.1.1.1-Qi3ZdbI3tssSUAH2A_7LDTYupnsHZk5.qjiBjKy4kyd5VFTxK4eXAP8.5cc2eivk HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?cf-turnstile-response=0.AeKzKa6dNKel48c5-H6EhIdwn_0ysgXlr4mjLQ2fUGesV1pcbNlJPuCLPocQopMm0L0llTw2roX1En0ky0YQ3YQVfFTlcCuj6zVOzigI0nnyTBArjpvOF_0pkFCdGpl42F33YsUefOzyBpZ_78j0w46kA7BkFVYqKlADxBI1uklSe8nzjfUqYA3OdBKqUnI0JIz8Nw2XGgrIIInEkNVms_8Qwk1Mo-AStGtYFNapwKAsaDrfGZg-QLrL6ie3ItCM1ffN1EnDrcoqrREOVcXnXZEfculNGDfpBVs4vdpgXpFqmJD7F9prVu5x38WLcZo_cb8mjc0WgF0ibPFVAMzmAGQ58ipQObiZersvKEnB8rhLjJmKy8wOvevDnH_jhVISAVG3CDAAZzJCnuzAZOrQhG-fCwjltEvfXV37MAB1aq5Nnd94QEiaLy0knluT0dempwixaVQb1fq2uDtpXelaUJ1aFeEYz7BTpekkECA6FjRhmXeqBvqUPeI9jHXfKkcE4eOIANauVIIw_PReDj6GVglv58ZzunJKztthGaZT4uS8OVZ4akhn55rHcrQjnvstzFm7X6GpsBJe3U9sl-_B9gk-cQ0sPoL3MqcAl0JIxBStFsc7PDSdT04BQ5pGHlxV4OzIqQMqfMymxkHtjPEat-6dyUnWHTeUa6pGuy6yApyJOctJkD3tne-JiuwGoAPS6XRrdt548JVpBO2V3Dd2icZEiJFM2cUqtuo618CBHIAkOfQAGYm2YusHBsjATOwS47eTC6A1irY0EQ818N95SQ0bNu0vV_e-0sVhZRXEIrwhst3BgBMBoOCBjJv28t8ss3mEd6pHDeCSD9fG6YGkjfa-PIPMT5J0XP5ela4yxXrKAfpU1CcyGyFUCrALJPBd9NgN35-_skcjS-QuVmTn9g.F97iSgnbkDPsIWQEI-SZRQ.98ccebd449f09c5e0d6b3ff1962e5885dd8423071aa133066b3aa533ad528ed5 HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /graphql HTTP/1.1Host: api.gamma.appConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gamma.appSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j; intercom-id-ihnzqaok=773690b0-ed8d-4744-b0ec-ffdaa4899010; intercom-session-ihnzqaok=; intercom-device-id-ihnzqaok=5e0ed4b8-c252-46cc-81b0-a3604e1ee7e8Sec-WebSocket-Key: 1PiaXPc30pejLgEDAbrrcw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: graphql-ws
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/index HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/?cf-turnstile-response=0.AeKzKa6dNKel48c5-H6EhIdwn_0ysgXlr4mjLQ2fUGesV1pcbNlJPuCLPocQopMm0L0llTw2roX1En0ky0YQ3YQVfFTlcCuj6zVOzigI0nnyTBArjpvOF_0pkFCdGpl42F33YsUefOzyBpZ_78j0w46kA7BkFVYqKlADxBI1uklSe8nzjfUqYA3OdBKqUnI0JIz8Nw2XGgrIIInEkNVms_8Qwk1Mo-AStGtYFNapwKAsaDrfGZg-QLrL6ie3ItCM1ffN1EnDrcoqrREOVcXnXZEfculNGDfpBVs4vdpgXpFqmJD7F9prVu5x38WLcZo_cb8mjc0WgF0ibPFVAMzmAGQ58ipQObiZersvKEnB8rhLjJmKy8wOvevDnH_jhVISAVG3CDAAZzJCnuzAZOrQhG-fCwjltEvfXV37MAB1aq5Nnd94QEiaLy0knluT0dempwixaVQb1fq2uDtpXelaUJ1aFeEYz7BTpekkECA6FjRhmXeqBvqUPeI9jHXfKkcE4eOIANauVIIw_PReDj6GVglv58ZzunJKztthGaZT4uS8OVZ4akhn55rHcrQjnvstzFm7X6GpsBJe3U9sl-_B9gk-cQ0sPoL3MqcAl0JIxBStFsc7PDSdT04BQ5pGHlxV4OzIqQMqfMymxkHtjPEat-6dyUnWHTeUa6pGuy6yApyJOctJkD3tne-JiuwGoAPS6XRrdt548JVpBO2V3Dd2icZEiJFM2cUqtuo618CBHIAkOfQAGYm2YusHBsjATOwS47eTC6A1irY0EQ818N95SQ0bNu0vV_e-0sVhZRXEIrwhst3BgBMBoOCBjJv28t8ss3mEd6pHDeCSD9fG6YGkjfa-PIPMT5J0XP5ela4yxXrKAfpU1CcyGyFUCrALJPBd9NgN35-_skcjS-QuVmTn9g.F97iSgnbkDPsIWQEI-SZRQ.98ccebd449f09c5e0d6b3ff1962e5885dd8423071aa133066b3aa533ad528ed5Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /gh/syntaxerror019/HTML-STO/ld.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /graphql HTTP/1.1Host: api.gamma.appConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gamma.appSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j; intercom-id-ihnzqaok=773690b0-ed8d-4744-b0ec-ffdaa4899010; intercom-session-ihnzqaok=; intercom-device-id-ihnzqaok=5e0ed4b8-c252-46cc-81b0-a3604e1ee7e8Sec-WebSocket-Key: QpxVC6l0TFLJO/i8HIA1Qw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: graphql-ws
Source: global traffic	HTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703050v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703051v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703551v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703550v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule704000v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule704001v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule700651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703301v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703300v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule703200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule702450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120128v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120603v8s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule701100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120607v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule120119v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule224900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule704101v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule704100v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule704201v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule704200v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule704151v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /rules/rule704150v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global traffic	HTTP traffic detected: GET /graphql HTTP/1.1Host: api.gamma.appConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gamma.appSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j; intercom-id-ihnzqaok=773690b0-ed8d-4744-b0ec-ffdaa4899010; intercom-session-ihnzqaok=; intercom-device-id-ihnzqaok=5e0ed4b8-c252-46cc-81b0-a3604e1ee7e8Sec-WebSocket-Key: 9Y8RqlLrGdJicjrO7nLJaw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: graphql-ws
Source: global traffic	HTTP traffic detected: GET /O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verify HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/indexAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/styles/app.css HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verifyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/logo.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verifyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/sign.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verifyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pubsub/5-oEMatXcV6r33fWvTgNASjZW2K4lkLVBz63XAgM5IXCQG6j95VQem9bjHY-essc_iYuGdDgNMBzECXSdr-ZXJTxz2_o7PZqC2_otW?X-Nexus-New-Client=true&X-Nexus-Version=0.14.0&user_role=visitor HTTP/1.1Host: nexus-websocket-a.intercom.ioConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gamma.appSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: RELtu8uSenATh0Sx2a9CBQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /page/images/default.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verifyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/emailphone.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verifyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/question.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verifyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/key.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verifyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verifyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/back.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verifyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/enter.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verifyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/push.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verifyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/verifnotif2.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verifyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/info.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verifyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/appnotif2.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verifyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/verify.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verifyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/verify_app.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verifyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/verify_code.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verifyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/verify_sms.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verifyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /v1/t HTTP/1.1Host: events.api.gamma.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j; intercom-id-ihnzqaok=773690b0-ed8d-4744-b0ec-ffdaa4899010; intercom-session-ihnzqaok=; intercom-device-id-ihnzqaok=5e0ed4b8-c252-46cc-81b0-a3604e1ee7e8
Source: global traffic	HTTP traffic detected: GET /graphql HTTP/1.1Host: api.gamma.appConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gamma.appSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j; intercom-id-ihnzqaok=773690b0-ed8d-4744-b0ec-ffdaa4899010; intercom-session-ihnzqaok=; intercom-device-id-ihnzqaok=5e0ed4b8-c252-46cc-81b0-a3604e1ee7e8Sec-WebSocket-Key: mJYtv+jJ1Z6Q1rnKcKe7Fw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: graphql-ws
Source: global traffic	HTTP traffic detected: GET /graphql HTTP/1.1Host: api.gamma.appConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gamma.appSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j; intercom-id-ihnzqaok=773690b0-ed8d-4744-b0ec-ffdaa4899010; intercom-session-ihnzqaok=; intercom-device-id-ihnzqaok=5e0ed4b8-c252-46cc-81b0-a3604e1ee7e8Sec-WebSocket-Key: Br6l7tico7zx8YuI8cQztA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: graphql-ws
Source: global traffic	HTTP traffic detected: GET /messenger/web/metrics HTTP/1.1Host: api-iam.intercom.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /graphql HTTP/1.1Host: api.gamma.appConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gamma.appSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j; intercom-id-ihnzqaok=773690b0-ed8d-4744-b0ec-ffdaa4899010; intercom-session-ihnzqaok=; intercom-device-id-ihnzqaok=5e0ed4b8-c252-46cc-81b0-a3604e1ee7e8Sec-WebSocket-Key: boFtmPTJ2QlDQyZRpzPxnQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: graphql-ws
Source: global traffic	HTTP traffic detected: GET /page/images/sign.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/logo.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/emailphone.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/key.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/back.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/question.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/verifnotif2.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/push.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/default.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/enter.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/info.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/could.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/O3z4d1ao6KQLcGrbEubHpkNnqQGJgzsl1ahe5poDTTioeCW20ovS4Uxs6HOyAVgIo8rIDJi0AVYfvioyR90mYu1nAlqXPxvFLRBHhmkESt8j7fZfb3ucmkV799hd4KMUxXNB2X7lY5TsCKDLP2NgwBnGatIR8ZZqJwt5d3cwP/verifyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/appnotif2.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /pubsub/5-oEMatXcV6r33fWvTgNASjZW2K4lkLVBz63XAgM5IXCQG6j95VQem9bjHY-essc_iYuGdDgNMBzECXSdr-ZXJTxz2_o7PZqC2_otW?X-Nexus-New-Client=true&X-Nexus-Version=0.14.0&user_role=visitor HTTP/1.1Host: nexus-websocket-a.intercom.ioConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gamma.appSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: lyz/f0wlg9i/KKxsb6GkSg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /page/images/verify_code.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/verify.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/verify_app.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /page/images/verify_sms.png HTTP/1.1Host: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=fkofqtp511k0i7oaanvjpgharr
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/ddljson?async=ntp:2 HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLf3ygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=7&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=E&oit=1&cp=1&pgcl=7&gs_rn=42&psi=jWz0QRewyfqI-Qea&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=EMA&oit=1&cp=3&pgcl=7&gs_rn=42&psi=jWz0QRewyfqI-Qea&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=EMAI&oit=1&cp=4&pgcl=7&gs_rn=42&psi=jWz0QRewyfqI-Qea&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=EMAIL&oit=1&cp=5&pgcl=7&gs_rn=42&psi=jWz0QRewyfqI-Qea&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.24R2mrw_td8.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9vR1rNwOjC3PXOxUlyKiCwNBv2Fg/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /X-Client-Data: CLf3ygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /graphql HTTP/1.1Host: api.gamma.appConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gamma.appSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=GVrw8WiA7xy.T331kKrcyYKBV9N3NqZeqYFkX27.92k-1742566694-1.0.1.1-WrJabA6Xtb2TeJa61jBd52g8tf.dF2Fn_66VY.D9SOlOd4i8m2Ai4hUZGjKDJe_CzUiGzGSMGDfkzn.0Hotw9TxiiNi.JUrY_8jV7jukyiw; gamma_visitor_id=zhdxrn1of2mwm8j; ajs_anonymous_id=zhdxrn1of2mwm8j; intercom-id-ihnzqaok=773690b0-ed8d-4744-b0ec-ffdaa4899010; intercom-session-ihnzqaok=; intercom-device-id-ihnzqaok=5e0ed4b8-c252-46cc-81b0-a3604e1ee7e8Sec-WebSocket-Key: U7T9izGnEBDyiWiX9cdF8A==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: graphql-ws
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=EMAIL+&oit=1&cp=6&pgcl=7&gs_rn=42&psi=jWz0QRewyfqI-Qea&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=bl_dpW08ipxzMq-Mzw_9a8sJdVD_bSu2AaD08qB6fmF4JD8txdw9UMFFuBAS_XgAQJb1jvJ1NYaEIbEiMF_ko3WSL2g4tVSgYCe7fjeUDvfGA1wtkae1xvojo3bq77rtJD5PA_WrnILMmejaWkzoYq5XsfyR2uQXivutI2NdkPKsckQSrnFtT9-pA3aKeZd-gw
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=EMAIL+E&oit=4&cp=7&pgcl=7&gs_rn=42&psi=jWz0QRewyfqI-Qea&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=bl_dpW08ipxzMq-Mzw_9a8sJdVD_bSu2AaD08qB6fmF4JD8txdw9UMFFuBAS_XgAQJb1jvJ1NYaEIbEiMF_ko3WSL2g4tVSgYCe7fjeUDvfGA1wtkae1xvojo3bq77rtJD5PA_WrnILMmejaWkzoYq5XsfyR2uQXivutI2NdkPKsckQSrnFtT9-pA3aKeZd-gw
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=EMAIL+EX&oit=4&cp=8&pgcl=7&gs_rn=42&psi=jWz0QRewyfqI-Qea&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=bl_dpW08ipxzMq-Mzw_9a8sJdVD_bSu2AaD08qB6fmF4JD8txdw9UMFFuBAS_XgAQJb1jvJ1NYaEIbEiMF_ko3WSL2g4tVSgYCe7fjeUDvfGA1wtkae1xvojo3bq77rtJD5PA_WrnILMmejaWkzoYq5XsfyR2uQXivutI2NdkPKsckQSrnFtT9-pA3aKeZd-gw
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=EMAIL+EXAMP&oit=4&cp=11&pgcl=7&gs_rn=42&psi=jWz0QRewyfqI-Qea&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=bl_dpW08ipxzMq-Mzw_9a8sJdVD_bSu2AaD08qB6fmF4JD8txdw9UMFFuBAS_XgAQJb1jvJ1NYaEIbEiMF_ko3WSL2g4tVSgYCe7fjeUDvfGA1wtkae1xvojo3bq77rtJD5PA_WrnILMmejaWkzoYq5XsfyR2uQXivutI2NdkPKsckQSrnFtT9-pA3aKeZd-gw
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=EMAIL+EXAMPL&oit=4&cp=12&pgcl=7&gs_rn=42&psi=jWz0QRewyfqI-Qea&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=bl_dpW08ipxzMq-Mzw_9a8sJdVD_bSu2AaD08qB6fmF4JD8txdw9UMFFuBAS_XgAQJb1jvJ1NYaEIbEiMF_ko3WSL2g4tVSgYCe7fjeUDvfGA1wtkae1xvojo3bq77rtJD5PA_WrnILMmejaWkzoYq5XsfyR2uQXivutI2NdkPKsckQSrnFtT9-pA3aKeZd-gw
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=EMAIL+EXAMPLE&oit=4&cp=13&pgcl=7&gs_rn=42&psi=jWz0QRewyfqI-Qea&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=bl_dpW08ipxzMq-Mzw_9a8sJdVD_bSu2AaD08qB6fmF4JD8txdw9UMFFuBAS_XgAQJb1jvJ1NYaEIbEiMF_ko3WSL2g4tVSgYCe7fjeUDvfGA1wtkae1xvojo3bq77rtJD5PA_WrnILMmejaWkzoYq5XsfyR2uQXivutI2NdkPKsckQSrnFtT9-pA3aKeZd-gw
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=EMAIL+EXAMPLE+&oit=4&cp=14&pgcl=7&gs_rn=42&psi=jWz0QRewyfqI-Qea&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=bl_dpW08ipxzMq-Mzw_9a8sJdVD_bSu2AaD08qB6fmF4JD8txdw9UMFFuBAS_XgAQJb1jvJ1NYaEIbEiMF_ko3WSL2g4tVSgYCe7fjeUDvfGA1wtkae1xvojo3bq77rtJD5PA_WrnILMmejaWkzoYq5XsfyR2uQXivutI2NdkPKsckQSrnFtT9-pA3aKeZd-gw
Source: global traffic	HTTP traffic detected: GET /search?q=EMAIL+EXAMPLE&rlz=1C1ONGR_enUS1154&oq=EMAIL+EXAMPLE+&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTINCAEQABiDARixAxiABDINCAIQABiDARixAxiABDIKCAMQABixAxiABDINCAQQABiDARixAxiABDINCAUQABiLAxixAxiABDIKCAYQABiLAxiABDIKCAcQABixAxiABDINCAgQABiLAxixAxiABDINCAkQABiLAxixAxiABNIBCDQ5MjFqMWo3qAIHsAIB8QWRqm0CxF8GZw&sourceid=chrome&ie=UTF-8 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=bl_dpW08ipxzMq-Mzw_9a8sJdVD_bSu2AaD08qB6fmF4JD8txdw9UMFFuBAS_XgAQJb1jvJ1NYaEIbEiMF_ko3WSL2g4tVSgYCe7fjeUDvfGA1wtkae1xvojo3bq77rtJD5PA_WrnILMmejaWkzoYq5XsfyR2uQXivutI2NdkPKsckQSrnFtT9-pA3aKeZd-gw
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&url=https%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3DEMAIL%2BEXAMPLE%26rlz%3D1C1ONGR_enUS1154%26oq%3DEMAIL%2BEXAMPLE%2B%26gs_lcrp%3DEgZjaHJvbWUyBggAEEUYOTINCAEQABiDARixAxiABDINCAIQABiDARixAxiABDIKCAMQABixAxiABDINCAQQABiDARixAxiABDINCAUQABiLAxixAxiABDIKCAYQABiLAxiABDIKCAcQABixAxiABDINCAgQABiLAxixAxiABDINCAkQABiLAxixAxiABNIBCDQ5MjFqMWo3qAIHsAIB8QWRqm0CxF8GZw%26sourceid%3Dchrome%26ie%3DUTF-8&pgcl=22&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=uGJwfeHHkYm4jsTdQ-Ca0FkHQPUSxW-bbcf3nsf-lbb-w7r9aO6X6M8V7x7trfUTxc9rI9bwlI3NtG9eT_Z0GzqPDQVjQf-4Xr8g1hixUj469uBwrSwRJJZctFXdDhH2wMt-REg3ufJFoIZUlZao8fX8ANENqnj3q12kQyxJKr9E8RPA4d70qSTmjqWiyGHh6AJkcLUcEDZUALE
Source: global traffic	HTTP traffic detected: GET /search?q=EMAIL+EXAMPLE&rlz=1C1ONGR_enUS1154&oq=EMAIL+EXAMPLE+&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTINCAEQABiDARixAxiABDINCAIQABiDARixAxiABDIKCAMQABixAxiABDINCAQQABiDARixAxiABDINCAUQABiLAxixAxiABDIKCAYQABiLAxiABDIKCAcQABixAxiABDINCAgQABiLAxixAxiABDINCAkQABiLAxixAxiABNIBCDQ5MjFqMWo3qAIHsAIB8QWRqm0CxF8GZw&sourceid=chrome&ie=UTF-8&sei=i3XdZ9vrKPb_ptQPh4Oe8Q8 HTTP/1.1Host: www.google.comConnection: keep-alivertt: 300downlink: 10sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "134.0.6998.36"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-wow64: ?0sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-form-factors: "Desktop"sec-ch-prefers-color-scheme: lightUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.google.com/search?q=EMAIL+EXAMPLE&rlz=1C1ONGR_enUS1154&oq=EMAIL+EXAMPLE+&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTINCAEQABiDARixAxiABDINCAIQABiDARixAxiABDIKCAMQABixAxiABDINCAQQABiDARixAxiABDINCAUQABiLAxixAxiABDIKCAYQABiLAxiABDIKCAcQABixAxiABDINCAgQABiLAxixAxiABDINCAkQABiLAxixAxiABNIBCDQ5MjFqMWo3qAIHsAIB8QWRqm0CxF8GZw&sourceid=chrome&ie=UTF-8Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=uGJwfeHHkYm4jsTdQ-Ca0FkHQPUSxW-bbcf3nsf-lbb-w7r9aO6X6M8V7x7trfUTxc9rI9bwlI3NtG9eT_Z0GzqPDQVjQf-4Xr8g1hixUj469uBwrSwRJJZctFXdDhH2wMt-REg3ufJFoIZUlZao8fX8ANENqnj3q12kQyxJKr9E8RPA4d70qSTmjqWiyGHh6AJkcLUcEDZUALE; SG_SS=*LBCaEEjyAAYDHskLIx59Krs0o2uFwG0EADQBEArZ1La2zHTKgJJD4pRcJ5ybOPZaeLhwJBPWMzRH9xwZunqCguZzn_Jt48RZ3bjXoFWdPQAAADNtAAAACVcBB0EANWWI1Oqh-As1YA-ta6HRL-X__yZ8PlCgb0No41Lun_UqflJfocqWa7o3WiYhosF4Oa8PnZs_NQAj3W6nqCStzUnfiqoaLeAGGINPcna7L5aBASWppgObJAL9I62mAjrFlLueMivVt_ih3nkMox4gHJXbyZTJwKhp1CvpArHYADhbtXd84SpR175IkKjtjIIAQun0hxBF0W7L0hu3nK4Dck2B8GTXKnA_WRAHwiJwSEIWwVHY2j6GCK1ATOLtLPb_lA8UA-lgWgxr5XDWc_zpeD9iYEHaV_FN86CSNHX9MmNbCeljgkaFTqL6H8LayPASa4dA9WmAYf1KQ76b3pdpgAIJH66GjUnAZ7XYJklSO693Lb323LrUhpewtGg-JC9sF7BkVpaA3I8eIxYVVJoBVqo6dg-QMw7G5bMoM36B-I7HWz6s5rxqzAf0Z-QVpVwZTwSH7QoNkoskc3DANMaFRpkuRrFCcn-9t0cEgFWXtoBBZxytHSJu61uv_MONkMqlQggoN3KZu_X80ZBMqIeZM9B7RbZUl7cX6cDtV6n8pCcU2jNbsVk-A4PQtLefjq3OyperQV1BY7c6z68nYxbz-7U9sbkLWmh-Tmxf1-O7zL5xfWzInXzPY9FKa31HS8vsghYRv
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&url=https%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3DEMAIL%2BEXAMPLE%26rlz%3D1C1ONGR_enUS1154%26oq%3DEMAIL%2BEXAMPLE%2B%26gs_lcrp%3DEgZjaHJvbWUyBggAEEUYOTINCAEQABiDARixAxiABDINCAIQABiDARixAxiABDIKCAMQABixAxiABDINCAQQABiDARixAxiABDINCAUQABiLAxixAxiABDIKCAYQABiLAxiABDIKCAcQABixAxiABDINCAgQABiLAxixAxiABDINCAkQABiLAxixAxiABNIBCDQ5MjFqMWo3qAIHsAIB8QWRqm0CxF8GZw%26sourceid%3Dchrome%26ie%3DUTF-8%26sei%3Di3XdZ9vrKPb_ptQPh4Oe8Q8&pgcl=22&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=LYInS_RYzZkvP7lr8MiEU7H70RIw6KJTvPHi1PDgCjIVpkNBVSiF36VcO8omgHjhp0Tji2BrK3AJmjWDlMmvoL11G33uCdT9zW4P-c150nWP_ZD-UWCIoxjJIPaQF8SxYPOjcX4J5DfCmeb6OuOrJGDFPN5KPyj71-LLqHOnH17whFzaFDsDodF9_HBH-gCf30S9oaKfSygfn72l4iVYV8g27WoSxcLzPI-cSwTmvcZ5
Source: global traffic	HTTP traffic detected: GET /logos/doodles/2025/womens-college-basketball-tournament-first-round-2025-6753651837110737-shs.png HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=LYInS_RYzZkvP7lr8MiEU7H70RIw6KJTvPHi1PDgCjIVpkNBVSiF36VcO8omgHjhp0Tji2BrK3AJmjWDlMmvoL11G33uCdT9zW4P-c150nWP_ZD-UWCIoxjJIPaQF8SxYPOjcX4J5DfCmeb6OuOrJGDFPN5KPyj71-LLqHOnH17whFzaFDsDodF9_HBH-gCf30S9oaKfSygfn72l4iVYV8g27WoSxcLzPI-cSwTmvcZ5
Source: global traffic	HTTP traffic detected: GET /logos/doodles/2025/womens-college-basketball-tournament-first-round-2025-6753651837110737.2-s.png HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=LYInS_RYzZkvP7lr8MiEU7H70RIw6KJTvPHi1PDgCjIVpkNBVSiF36VcO8omgHjhp0Tji2BrK3AJmjWDlMmvoL11G33uCdT9zW4P-c150nWP_ZD-UWCIoxjJIPaQF8SxYPOjcX4J5DfCmeb6OuOrJGDFPN5KPyj71-LLqHOnH17whFzaFDsDodF9_HBH-gCf30S9oaKfSygfn72l4iVYV8g27WoSxcLzPI-cSwTmvcZ5
Source: global traffic	HTTP traffic detected: GET /images/searchbox/desktop_searchbox_sprites318_hr.webp HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/search?q=EMAIL+EXAMPLE&rlz=1C1ONGR_enUS1154&oq=EMAIL+EXAMPLE+&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTINCAEQABiDARixAxiABDINCAIQABiDARixAxiABDIKCAMQABixAxiABDINCAQQABiDARixAxiABDINCAUQABiLAxixAxiABDIKCAYQABiLAxiABDIKCAcQABixAxiABDINCAgQABiLAxixAxiABDINCAkQABiLAxixAxiABNIBCDQ5MjFqMWo3qAIHsAIB8QWRqm0CxF8GZw&sourceid=chrome&ie=UTF-8&sei=i3XdZ9vrKPb_ptQPh4Oe8Q8Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=LYInS_RYzZkvP7lr8MiEU7H70RIw6KJTvPHi1PDgCjIVpkNBVSiF36VcO8omgHjhp0Tji2BrK3AJmjWDlMmvoL11G33uCdT9zW4P-c150nWP_ZD-UWCIoxjJIPaQF8SxYPOjcX4J5DfCmeb6OuOrJGDFPN5KPyj71-LLqHOnH17whFzaFDsDodF9_HBH-gCf30S9oaKfSygfn72l4iVYV8g27WoSxcLzPI-cSwTmvcZ5
Source: global traffic	HTTP traffic detected: GET /pagead/1p-conversion/16521530460/?gad_source=1&adview_type=4&adview_query_id=CPatpJevm4wDFb9G_wEdFc48Pg HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Attribution-Reporting-Eligible: trigger, event-source;navigation-sourceAttribution-Reporting-Support: not-os, webX-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=LYInS_RYzZkvP7lr8MiEU7H70RIw6KJTvPHi1PDgCjIVpkNBVSiF36VcO8omgHjhp0Tji2BrK3AJmjWDlMmvoL11G33uCdT9zW4P-c150nWP_ZD-UWCIoxjJIPaQF8SxYPOjcX4J5DfCmeb6OuOrJGDFPN5KPyj71-LLqHOnH17whFzaFDsDodF9_HBH-gCf30S9oaKfSygfn72l4iVYV8g27WoSxcLzPI-cSwTmvcZ5
Source: global traffic	HTTP traffic detected: GET /images/nav_logo321.webp HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/search?q=EMAIL+EXAMPLE&rlz=1C1ONGR_enUS1154&oq=EMAIL+EXAMPLE+&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTINCAEQABiDARixAxiABDINCAIQABiDARixAxiABDIKCAMQABixAxiABDINCAQQABiDARixAxiABDINCAUQABiLAxixAxiABDIKCAYQABiLAxiABDIKCAcQABixAxiABDINCAgQABiLAxixAxiABDINCAkQABiLAxixAxiABNIBCDQ5MjFqMWo3qAIHsAIB8QWRqm0CxF8GZw&sourceid=chrome&ie=UTF-8&sei=i3XdZ9vrKPb_ptQPh4Oe8Q8Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=LYInS_RYzZkvP7lr8MiEU7H70RIw6KJTvPHi1PDgCjIVpkNBVSiF36VcO8omgHjhp0Tji2BrK3AJmjWDlMmvoL11G33uCdT9zW4P-c150nWP_ZD-UWCIoxjJIPaQF8SxYPOjcX4J5DfCmeb6OuOrJGDFPN5KPyj71-LLqHOnH17whFzaFDsDodF9_HBH-gCf30S9oaKfSygfn72l4iVYV8g27WoSxcLzPI-cSwTmvcZ5
Source: global traffic	HTTP traffic detected: GET /xjs/_/ss/k=xjs.s.tWGBBDf-ZD4.L.B1.O/am=AOIhgBAAAAAIAAAAIQBUAAIAAAAAAAAAAAAAAAAAAAAAAAAASAAAAAABAAAAAAAAgAAAGAMiAIBQJgEaAAQQnBAAsgMAAAAAH8AhThWAAgAAAACAACABAAAAAAACAAIAQEIIAABEAQAAACAghDAAIACACQAAEAEAIBAAACAEBgAAGQAAAAAIAOQSAHEAAAQAwAAAwAEQACQAAABCYQEIAABACQEAAAAAACgAAAAgAACAEIAcgmEABBUABnAEAAAAACIAQCAAAAAIAAgBADAAoAAAECAAAPQAgAB8AABAAkQAACgAAxABQCEAIADABgAEAAAAJAAAAACgBQAOIwyAAAAAAAAAACABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAEAAAAAAAAAAAAAAAAAAAAAAAE/d=1/ed=1/br=1/rs=ACT90oEEdVDYs-Vy_xluoaljbM9cdWK_zA/m=X3N0Bf,attn,cdos,gwc,hsm,jsa,mb4ZUb,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl,YV5bee,d,csi HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: text/css,/;q=0.1X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=LYInS_RYzZkvP7lr8MiEU7H70RIw6KJTvPHi1PDgCjIVpkNBVSiF36VcO8omgHjhp0Tji2BrK3AJmjWDlMmvoL11G33uCdT9zW4P-c150nWP_ZD-UWCIoxjJIPaQF8SxYPOjcX4J5DfCmeb6OuOrJGDFPN5KPyj71-LLqHOnH17whFzaFDsDodF9_HBH-gCf30S9oaKfSygfn72l4iVYV8g27WoSxcLzPI-cSwTmvcZ5
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/k=xjs.s.en.49VjBiClxPs.2018.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAigIAACAAAAAAAAgAQAAgAAAAAAAEACAAAAAAAAAwKAgCABAAAAAgAAAAAAYAIAQCBkAQAoAAAAAAAAAAAACAAAAAACIgDs9x8GAAAAAAAAAAAAAAAAAAGQAAAAAAAAAAAXAAACMABCdgEBAAAAAAAAACAAAAAAAAAgAAAAAAAAAgAAABQAAAAAAAAAABAAAAAAAAAABAAAABAAABAAAAAAAAAAAAAAAAAAAAAAAAAAABgAQAEABPADAAAAAADgAAAAgAAAAAAOIwyAAAAAAAAAAOQB4PEAHFJQAAAAAAAAAAAAAAAAIAAJgjmQfkEAAQAAAAAAAAAAAAAAAAAASBE0ca0BAAI/d=1/ed=1/dg=3/br=1/rs=ACT90oGVkpB_ancHhsaVQxRq8eg4A2WRpQ/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;Afksuc:wMx0R;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DM55c:imLrKe;DMzTfb:fNTHad;DULqB:RKfG5c;Dkk6ge:JZmW9e;DpcR3d:zL72xf;Du7NI:C6zLgf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EjXHpb:pSHqh;EnlcNd:WeHg4;F9mqte:UoRcbe;FqHJkd:yQamIb;G0KhTb:LIaoZ;G6wU6e:hezEbd;GEkGdd:e1RzQd;GleZL:J1A7Od;HMDDWe:G8QUdb;HoYVKb:PkDN7e;HqeXPd:cmbnH;IBADCc:RYquRb;IZrNqe:P8ha2c;IoGlCf:b5lhvb;JXJSm:ii1RGf;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LEikZe:byfTOb,lsjVmc;LXA8b:q7OdKd;LsNahb:ucGLNb;Me32dd:MEeYgc;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;PpTLXd:pJYjx;PqHfGe:im2cZe;Q1Ow7b:x5CSu;Q6C5kf:pfdZCe;QGR0gd:Mlhmy;Qw8Feb:jpavUe;R2kc8b:ALJqWb;R9Ulx:CR7Ufe;RCF5Sd:X1kBmd;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO,fTfGO;ScI3Yc:e7Hzgb,e7Hzgb;ShpF6e:N0pvGc;SwCqAd:fXbCZc;SzQQ3e:dNhofb;TroZ1d:vVVzjb;TxfV6d:YORN0b;U96pRd:FsR04;UBKJZ:LGDJGb;UDrY1c:eps46d;UVmjEd:EesRsb;UVzb9c:IvPZ6d;Uvc8o:VDovNc;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VhA7bd:vAmQFf;VsAqSb:PGf2Re;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;YIZmRd:A1yn5d;YV5bee:IvPZ6d;ZMvdv:PHFPjb;ZSH6tc:QAvyLe;ZWEUA:afR4Cf;Zen4yb:jMF88c;ZlOOMb:P0I0Ec;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aCJ9tf:qKftvc;aZ61od:arTwJ;af0EJf:ghinId;bDXwRe:UsyOtc;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;dowIGb:ebZ3mb,ebZ3mb;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;euOXY:OZjbQ;flqRgb:ox2Q7c;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:iAmrSd;heHB1:sFczq;hjRo6e:F62sG;hlqGX:FWz1ic;hsLsYc:Vl118;hwoVHd:zw4U8c;imqimf:jKGL2e;iySzae:a6xXfd;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;lOO0Vd:OTA3Ae;lbfkyf:MqGdUd;lkq0A:JyBE3e;mWzs9c:fz5ukf;mzW4Id:nYdusb;nJw4Gd:dPFZH;oSUNyd:fTfGO,fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:ww04Df;qGV2uc:HHi04c;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qafBPd:sgY6Zb,yDVVkb;qavrXe:zQzcXe;qddgKe:x4FYXe;rQSrae:C6D5Fc;rdexKf:FEkKD;sTsDMc:kHVSUb;sZmdvc:rdGEfc;slIQ5d:pnOULd;tGdRVe:CS1mob;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uknmt:GkPrzb;uuQkY:u2V3ud;vEYCNb:FaqsVd;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:TtcOte;wV5Pjc:L8KGxe;xBbsrc:NEW1Qc;xbe2wc:wbTLEd;ysNiMc:CpIBjd;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=X3N0Bf,attn,cdos,gwc,hsm,jsa,mb4ZUb,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl,YV5bee,d,csi HTTP/1.1Host: www.google.comConnection: ke
Source: global traffic	HTTP traffic detected: GET /compressiontest/gzip.html HTTP/1.1Host: www.google.comConnection: keep-alivertt: 300downlink: 10sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "134.0.6998.36"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-wow64: ?0sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-form-factors: "Desktop"sec-ch-prefers-color-scheme: lightUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF7oc3-3Hxkdvp9cZ0Bh5-g7Du6A_MGt5Cs1UIcnOqrqSpaFgmZbcAEZVmutGGNW8b7xHCl7uTthfOZWNk-T0x0pJO2KIgopHgg4dvApevMpkv-x7w; GZ=Z=0
Source: global traffic	HTTP traffic detected: GET /logos/doodles/2025/womens-college-basketball-tournament-first-round-2025-6753651837110737.2-lsg.png HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF7oc3-3Hxkdvp9cZ0Bh5-g7Du6A_MGt5Cs1UIcnOqrqSpaFgmZbcAEZVmutGGNW8b7xHCl7uTthfOZWNk-T0x0pJO2KIgopHgg4dvApevMpkv-x7w; GZ=Z=0
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/k=xjs.s.en.49VjBiClxPs.2018.O/ck=xjs.s.tWGBBDf-ZD4.L.B1.O/am=AOIhgBAAAAAIAAAAIQBUAAIAAAAAAAAAAAAAAAAAAAAAAAAASAAAAAABAAAAAAAAgAAAGAuiIIBSJgEaAAQQnBQAsgMAAAAAH8AjThWAAgAAAwKAgCABAAAAAgACAAIAYEIIQCBkAQAoACAghDAAIACACQAAEAECIhDs9z8GBgAAGQAAAAAIAOQSAHGQAAQAwAAAwAEXACQCMABCdwEJAABACQEAACAAACgAAAAgAACAEIAcgmEABBUABnAEAAAAADIAQCAAAAAIBAgBADAAoBAAECAAAPQAgAB8AABAAkQAACgAAxgBQCEAJPDDBgAEAADgJAAAgACgBQAOIwyAAAAAAAAAAOQB4PEAHFJQAAAAAAAAAAAAAAAAIAAJgjmQfkEAAQAAAAAAAAAAAAAAAAAASBE0ca0BAAI/d=0/dg=0/br=1/ujg=1/rs=ACT90oHdCXVx1HqrjKFswfYt4B3HOrFvKA/m=UMk45c,bplExb,nMfLA,O19q8,xMHx5e,o7oVhd,R6UkWb,tW711b,UX8qee,tDA9G,dMJ4he,sy4w9,sy33s,sy11q,sy2y1,syqx,sy2xy,sy2xv,syxy,syxw,sy143,syyc,syxv,syyb,syux,syy1,syxz,syy0,sy17b,sy17c,sy17d,sy16q,sy140,sy141,sy142,sy3k0,sy3br,sy19w,sy13z,sy12b,sy128,sy126,sy127,sy3cj,sy33q,sy19v,sy13h,sy14q,sy12v,sy12t,sy13g,Eox39d,sy7v,sy7u,syid,syi9,syia,syi8,syim,syik,syij,syii,syie,syi7,syc4,sye2,sye3,syc6,syck,sycd,sych,sycg,sycf,sycc,syc1,syca,sycb,syci,sycn,sycl,syc7,sybw,syc5,syc2,sycp,syco,syc0,sybq,sybn,sybj,syb7,syau,sybl,syav,syaa,sye5,sye0,sydo,syds,sydj,sydi,sydd,sydc,sya9,sya8,sydb,syda,sydh,syde,syd7,syd6,syd5,syd3,syd2,syd4,sycz,syan,sycx,sybg,sybc,syaw,syba,syaz,syay,syb6,syb4,syb3,syax,syac,sya7,sya0,syd0,sycr,sycs,sybp,sybt,sydf,syhz,syi6,syi4,syi2,sy82,sy7x,sy7y,sy81,syi1,syg4,syi5,syi0,syhy,syhv,syhu,syht,syhr,sy8d,uxMpU,syhj,syeg,sydl,syeb,syed,sye6,syef,sye8,syee,sybs,syct,sye9,sye1,sy91,sy8w,sy8v,sy8u,sy8t,Mlhmy,QGR0gd,OTA3Ae,sy7w,EEDORb,PoEs9b,Pjplud,sy8q,sy8m,sy8k,A1yn5d,YIZmRd,uY49fb,sy8a,sy88,sy89,sy87,sy85,byfTOb,lsjVmc,LEikZe,kWgXee,ovKuLd,sgY6Zb,sy97,sy95?xjs=s3 HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: /X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF7oc3-3Hxkdvp9cZ0Bh5-g7Du6A_MGt5Cs1UIcnOqrqSpaFgmZbcAEZVmutGGNW8b7xHCl7uTthfOZWNk-T0x0pJO2KIgopHgg4dvApevMpkv-x7w; GZ=Z=0
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/md=2/k=xjs.s.en.49VjBiClxPs.2018.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAigIAACAAAAAAAAgAQAAgAAAAAAAEACAAAAAAAAAwKAgCABAAAAAgAAAAAAYAIAQCBkAQAoAAAAAAAAAAAACAAAAAACIgDs9x8GAAAAAAAAAAAAAAAAAAGQAAAAAAAAAAAXAAACMABCdgEBAAAAAAAAACAAAAAAAAAgAAAAAAAAAgAAABQAAAAAAAAAABAAAAAAAAAABAAAABAAABAAAAAAAAAAAAAAAAAAAAAAAAAAABgAQAEABPADAAAAAADgAAAAgAAAAAAOIwyAAAAAAAAAAOQB4PEAHFJQAAAAAAAAAAAAAAAAIAAJgjmQfkEAAQAAAAAAAAAAAAAAAAAASBE0ca0BAAI/rs=ACT90oGVkpB_ancHhsaVQxRq8eg4A2WRpQ HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: /X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF7oc3-3Hxkdvp9cZ0Bh5-g7Du6A_MGt5Cs1UIcnOqrqSpaFgmZbcAEZVmutGGNW8b7xHCl7uTthfOZWNk-T0x0pJO2KIgopHgg4dvApevMpkv-x7w; GZ=Z=0
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/k=xjs.s.en.49VjBiClxPs.2018.O/ck=xjs.s.tWGBBDf-ZD4.L.B1.O/am=AOIhgBAAAAAIAAAAIQBUAAIAAAAAAAAAAAAAAAAAAAAAAAAASAAAAAABAAAAAAAAgAAAGAuiIIBSJgEaAAQQnBQAsgMAAAAAH8AjThWAAgAAAwKAgCABAAAAAgACAAIAYEIIQCBkAQAoACAghDAAIACACQAAEAECIhDs9z8GBgAAGQAAAAAIAOQSAHGQAAQAwAAAwAEXACQCMABCdwEJAABACQEAACAAACgAAAAgAACAEIAcgmEABBUABnAEAAAAADIAQCAAAAAIBAgBADAAoBAAECAAAPQAgAB8AABAAkQAACgAAxgBQCEAJPDDBgAEAADgJAAAgACgBQAOIwyAAAAAAAAAAOQB4PEAHFJQAAAAAAAAAAAAAAAAIAAJgjmQfkEAAQAAAAAAAAAAAAAAAAAASBE0ca0BAAI/d=0/dg=0/br=1/ujg=1/rs=ACT90oHdCXVx1HqrjKFswfYt4B3HOrFvKA/m=sy8c,xUdipf,NwH0H,gychg,ZfAoz,yDVVkb,qafBPd,ebZ3mb,dowIGb,sy5us,sy4um,DpX64d,uKlGbf,sy5ut,EufiNb,sy4hs,syxf,syxe,syx7,syxd,syxg,XCToU,sy5n7,sy2dy,tIj4fb,sy2eq,w4UyN,sy1av,sy19y,sykk,syjg,sy11r,Mbif2,ipWLfe,sy1ax,QVaUhf,sy4x2,sy4x1,sy4x0,sy4wz,SJpD2c,sy87e,sy2is,sy135,sy2im,sy2f1,syuf,syfw,sy870,sy84i,sy15b,sy154,sy14x,sy14z,sy13b,sy13a,sy12s,sy13c,sy136,sy36l,syxr,bEGPrc,sy1sg,sy87g,sy87f,mBG1hd,sy67i,mscaJf,sy6jp,sGwFce,HxbScf,eAR4Hf,sy6jq,sy4u2,h3zgVb,lRePd,sy4ww,nN2e1e,sy5wg,sy6jr,sy27o,IRJCef,sy5wh,scFHte,pr5okc,IFqxxc,sy4wx,OXpAmf,sy6k2,sy4tw,sy4tv,sy170,sy13d,sy133,sy134,sy12z,sy130,sy12x,sy12w,sy12y,syz4,syz5,syz0,syz6,syyz,syz7,syyr,syyq,syys,syz8,syz9,GElbSc,sytp,sytm,sytl,sytj,DPreE,sy6jm,xdV1C,sy5ud,HYSCof,sy8fm,sy6hm,sy1vg,sy1pu,KSk4yc,sy6b0,qTdDb,sy1c3,sy1br,sy18v,sy18w,sy190,sy17k,sy18u,sytt,sytu,syg3,syg2,syft,syfs,syg0,sytx,syty,sy1c2,ma4xG,sy1c1,E9M6Uc,sytz,NO84gd,b5lhvb,IoGlCf,syts,sytr,C8HsP,syu4,syu2,sytw,gOTY1,syvc,syv8,syva,syv9,syuv,syuz,syvb,syv7,syv5,syv3,syv2,syun,syuq,syup,syut,syus,syur,syul,syu5,syuo,syuc,syub,syud,syua,syv6,PbHo4e,sy169,L1AAkb,hezEbd,G6wU6e,sy18y,sy1bu,sy18x,sy1bt,sy1bs,Wn3aEc,sy7y9,sy6n6,syyo,Um3BXb,K02r3e?xjs=s3 HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: /X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF7oc3-3Hxkdvp9cZ0Bh5-g7Du6A_MGt5Cs1UIcnOqrqSpaFgmZbcAEZVmutGGNW8b7xHCl7uTthfOZWNk-T0x0pJO2KIgopHgg4dvApevMpkv-x7w; GZ=Z=0
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/k=xjs.s.en.49VjBiClxPs.2018.O/ck=xjs.s.tWGBBDf-ZD4.L.B1.O/am=AOIhgBAAAAAIAAAAIQBUAAIAAAAAAAAAAAAAAAAAAAAAAAAASAAAAAABAAAAAAAAgAAAGAuiIIBSJgEaAAQQnBQAsgMAAAAAH8AjThWAAgAAAwKAgCABAAAAAgACAAIAYEIIQCBkAQAoACAghDAAIACACQAAEAECIhDs9z8GBgAAGQAAAAAIAOQSAHGQAAQAwAAAwAEXACQCMABCdwEJAABACQEAACAAACgAAAAgAACAEIAcgmEABBUABnAEAAAAADIAQCAAAAAIBAgBADAAoBAAECAAAPQAgAB8AABAAkQAACgAAxgBQCEAJPDDBgAEAADgJAAAgACgBQAOIwyAAAAAAAAAAOQB4PEAHFJQAAAAAAAAAAAAAAAAIAAJgjmQfkEAAQAAAAAAAAAAAAAAAAAASBE0ca0BAAI/d=0/dg=0/br=1/ujg=1/rs=ACT90oHdCXVx1HqrjKFswfYt4B3HOrFvKA/m=sy4b8,sy1by,sy1cc,qKrDxc,sy5wf,sy1u7,Z2vhDb,sy6n8,XN4wKf,RagDlc,oUlnpc,sy6pl,sy4nn,sy2ui,sy1oy,sy1qc,syvq,syvv,Da4hkd,sy7ln,pHXghd?xjs=s3 HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: /X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF7oc3-3Hxkdvp9cZ0Bh5-g7Du6A_MGt5Cs1UIcnOqrqSpaFgmZbcAEZVmutGGNW8b7xHCl7uTthfOZWNk-T0x0pJO2KIgopHgg4dvApevMpkv-x7w; GZ=Z=0
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/k=xjs.s.en.49VjBiClxPs.2018.O/ck=xjs.s.tWGBBDf-ZD4.L.B1.O/am=AOIhgBAAAAAIAAAAIQBUAAIAAAAAAAAAAAAAAAAAAAAAAAAASAAAAAABAAAAAAAAgAAAGAuiIIBSJgEaAAQQnBQAsgMAAAAAH8AjThWAAgAAAwKAgCABAAAAAgACAAIAYEIIQCBkAQAoACAghDAAIACACQAAEAECIhDs9z8GBgAAGQAAAAAIAOQSAHGQAAQAwAAAwAEXACQCMABCdwEJAABACQEAACAAACgAAAAgAACAEIAcgmEABBUABnAEAAAAADIAQCAAAAAIBAgBADAAoBAAECAAAPQAgAB8AABAAkQAACgAAxgBQCEAJPDDBgAEAADgJAAAgACgBQAOIwyAAAAAAAAAAOQB4PEAHFJQAAAAAAAAAAAAAAAAIAAJgjmQfkEAAQAAAAAAAAAAAAAAAAAASBE0ca0BAAI/d=0/dg=0/br=1/ujg=1/rs=ACT90oHdCXVx1HqrjKFswfYt4B3HOrFvKA/m=sy3rp,fVaWL,sy1wc,syww,syws,aD8OEe,sy6pj,sy1wr,xfmZMb?xjs=s3 HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: /X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF7oc3-3Hxkdvp9cZ0Bh5-g7Du6A_MGt5Cs1UIcnOqrqSpaFgmZbcAEZVmutGGNW8b7xHCl7uTthfOZWNk-T0x0pJO2KIgopHgg4dvApevMpkv-x7w; GZ=Z=0
Source: global traffic	HTTP traffic detected: GET /client_204?atyp=i&biw=1280&bih=897&ei=jHXdZ72EIY78ptQPq-n0mAE&opi=89978449 HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF7oc3-3Hxkdvp9cZ0Bh5-g7Du6A_MGt5Cs1UIcnOqrqSpaFgmZbcAEZVmutGGNW8b7xHCl7uTthfOZWNk-T0x0pJO2KIgopHgg4dvApevMpkv-x7w; GZ=Z=0
Source: global traffic	HTTP traffic detected: GET /xjs/_/ss/k=xjs.s.tWGBBDf-ZD4.L.B1.O/am=AOIhgBAAAAAIAAAAIQBUAAIAAAAAAAAAAAAAAAAAAAAAAAAASAAAAAABAAAAAAAAgAAAGAMiAIBQJgEaAAQQnBAAsgMAAAAAH8AhThWAAgAAAACAACABAAAAAAACAAIAQEIIAABEAQAAACAghDAAIACACQAAEAEAIBAAACAEBgAAGQAAAAAIAOQSAHEAAAQAwAAAwAEQACQAAABCYQEIAABACQEAAAAAACgAAAAgAACAEIAcgmEABBUABnAEAAAAACIAQCAAAAAIAAgBADAAoAAAECAAAPQAgAB8AABAAkQAACgAAxABQCEAIADABgAEAAAAJAAAAACgBQAOIwyAAAAAAAAAACABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAEAAAAAAAAAAAAAAAAAAAAAAAE/d=0/br=1/rs=ACT90oEEdVDYs-Vy_xluoaljbM9cdWK_zA/m=y05UD,PPhKqf,sy7ta,sy1yh,sy1wu,sy1fm,sy1x3,sy1x4,sy1xg,sy1d4,syqy,sy2n1,sy1wt,sy22e,sy22h,sy1j0,epYOx?xjs=s4 HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: /X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF7oc3-3Hxkdvp9cZ0Bh5-g7Du6A_MGt5Cs1UIcnOqrqSpaFgmZbcAEZVmutGGNW8b7xHCl7uTthfOZWNk-T0x0pJO2KIgopHgg4dvApevMpkv-x7w; GZ=Z=0
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF7oc3-3Hxkdvp9cZ0Bh5-g7Du6A_MGt5Cs1UIcnOqrqSpaFgmZbcAEZVmutGGNW8b7xHCl7uTthfOZWNk-T0x0pJO2KIgopHgg4dvApevMpkv-x7w; GZ=Z=0
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/k=xjs.s.en.49VjBiClxPs.2018.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAigIAACAAAAAAAAAAQAAgAAAAAAAEACAAAAAAAAAwKAgCABAAAAAgAAAAAAYAIAQCBgAQAoAAAAAAAAAAAACAAAAAACIgDs9x8GAAAAAAAAAAAAAAAAAAGQAAAAAAAAAAAXAAACMABCdgEBAAAAAAAAACAAAAAAAAAgAAAAAAAAAgAAABQAAAAAAAAAABAAAAAAAAAABAAAABAAABAAAAAAAAAAAAAAAAAAAAAAAAAAABgAQAEABPADAAAAAADgAAAAgAAAAAAOIwyAAAAAAAAAAOQB4PEAHFJQAAAAAAAAAAAAAAAAIAAJgjmQfkEAAQAAAAAAAAAAAAAAAAAASBE0ca0BAAI/d=0/dg=0/br=1/rs=ACT90oFQyfFefxJ74SpWI-j_gqNApxgXDg/m=sb_wiz,aa,abd,sy15x,async,sy18i,bgd,sy8a5,foot,sy27m,kyn,sy16f,sy2dp,lli,sf,sy17z,sy180,sy7s8,sonic,sy1oa,syh0,sy3r9,sy17p,sy1vs,sy1vt,spch,tl,syw5,syw4,rtH1bd,sy4hr,sy4hp,syxa,syxb,sywe,sywb,sy4hq,syyi,EkevXb,SMquOb,EiD4Fe,sywc,syw8,sywa,d5EhJe,syxt,sy1sa,sy1s9,sy1s8,sy1s7,sy1s6,sy1s5,sy1s2,sy1or,sy14p,sy1fo,sy1fq,sy1fp,sy1fn,sywn,sywk,sywp,T1HOxc,sywl,sywi,sywj,sywf,zx30Y,sy1sf,sy1se,sy1rz,Wo3n8,sy4hg,msmzHf,sy2cn,NEW1Qc,xBbsrc,sy2cp,IX53Tb,sy4n7,Q8FUWe,sy4n6,g5dM4c,sy1v8,sy1v6,sy1v5,E23uIf,sy3rc,qwbW4b,sy3r0,JHnpme,sy3r2,g4PEk,sy3rd,qzpJXc,sy3r3,sy1vh,oFYokc,syhq,aLUfP,sy18a,sy189,QQ51Ce,syvh,UBXHI,syvi,R3fhkb,sy6pn,ND0kmf,sy6cn,sy16m,zGLm3b,sy4kl,sy4kd,sy4kf,sy3zy,sy1jg,sy4kk,sy4ky,sy4kx,sy4ka,sy4kw,sy4kc,sy4km,KHourd,sy6h7,vrkJ0e,sy4xv,T5VV,sy435,aDVF7,sy6ct,rhYw1b,sy4xj,FzTajd,IhkWbc,sy4xl,sy4xg,oPmHrb,sy2dn,sy2ed,Tia57b,KpRAue,sy2dq,sy2e0,sy2ee,NyeqM,sy4kq,sy4kj,O9SqHb,M6QgBb,sy1ce,sy1cd,sy14m,sy13f,EO13pd,sy41s,I9y8sd,syh5,sytc,MkHyGd,MpJwZc,UUJqVe,sy9b,sOXFj,sy9a,s39S4,oGtAuc,nAFL3,sy9m,q0xTif,y05UD,PPhKqf,sy7ta,sy4u1,sy1yh,sy2nz,sy1wu,sy2lh,sy1xb,sy1fm,sy1x3,sy1fl,sy1fk,sy1d3,sy1g8,sy2lg,sy1x8,sy16r,sy1x9,sy1dw,sy1ww,sy1x7,sy1wx,sy1x4,sy2li,sy1xg,sy1d4,syqy,sy2n1?xjs=s4 HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: /X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF7oc3-3Hxkdvp9cZ0Bh5-g7Du6A_MGt5Cs1UIcnOqrqSpaFgmZbcAEZVmutGGNW8b7xHCl7uTthfOZWNk-T0x0pJO2KIgopHgg4dvApevMpkv-x7w; GZ=Z=0
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/k=xjs.s.en.49VjBiClxPs.2018.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAigIAACAAAAAAAAAAQAAgAAAAAAAEACAAAAAAAAAwKAgCABAAAAAgAAAAAAYAIAQCBgAQAoAAAAAAAAAAAACAAAAAACIgDs9x8GAAAAAAAAAAAAAAAAAAGQAAAAAAAAAAAXAAACMABCdgEBAAAAAAAAACAAAAAAAAAgAAAAAAAAAgAAABQAAAAAAAAAABAAAAAAAAAABAAAABAAABAAAAAAAAAAAAAAAAAAAAAAAAAAABgAQAEABPADAAAAAADgAAAAgAAAAAAOIwyAAAAAAAAAAOQB4PEAHFJQAAAAAAAAAAAAAAAAIAAJgjmQfkEAAQAAAAAAAAAAAAAAAAAASBE0ca0BAAI/d=0/dg=0/br=1/rs=ACT90oFQyfFefxJ74SpWI-j_gqNApxgXDg/m=sy2g4,sy145,sy2n4,sy1wt,sy2ls,sy22e,sy2le,sy22h,sy1wz,sy2lv,sy1j0,sy2dx,sy1zh,sy1zi,epYOx?xjs=s4 HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: /X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF7oc3-3Hxkdvp9cZ0Bh5-g7Du6A_MGt5Cs1UIcnOqrqSpaFgmZbcAEZVmutGGNW8b7xHCl7uTthfOZWNk-T0x0pJO2KIgopHgg4dvApevMpkv-x7w; GZ=Z=0
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/k=xjs.s.en.49VjBiClxPs.2018.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAigIAACAAAAAAAAAAQAAgAAAAAAAEACAAAAAAAAAwKAgCABAAAAAgAAAAAAYAIAQCBgAQAoAAAAAAAAAAAACAAAAAACIgDs9x8GAAAAAAAAAAAAAAAAAAGQAAAAAAAAAAAXAAACMABCdgEBAAAAAAAAACAAAAAAAAAgAAAAAAAAAgAAABQAAAAAAAAAABAAAAAAAAAABAAAABAAABAAAAAAAAAAAAAAAAAAAAAAAAAAABgAQAEABPADAAAAAADgAAAAgAAAAAAOIwyAAAAAAAAAAOQB4PEAHFJQAAAAAAAAAAAAAAAAIAAJgjmQfkEAAQAAAAAAAAAAAAAAAAAASBE0ca0BAAI/d=0/dg=0/br=1/rs=ACT90oFQyfFefxJ74SpWI-j_gqNApxgXDg/m=sy184,bwixAb,wQlYve,sy187,sy186,syyl,syyj,s0j7C,sy7fq,eWOJ8,sy5ug,sy1jn,UB1PCd,sy7fm,k8v0pe?xjs=s4 HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: /X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF7oc3-3Hxkdvp9cZ0Bh5-g7Du6A_MGt5Cs1UIcnOqrqSpaFgmZbcAEZVmutGGNW8b7xHCl7uTthfOZWNk-T0x0pJO2KIgopHgg4dvApevMpkv-x7w; GZ=Z=0
Source: global traffic	HTTP traffic detected: GET /gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=jHXdZ72EIY78ptQPq-n0mAE&zx=1742566800383&opi=89978449 HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF7oc3-3Hxkdvp9cZ0Bh5-g7Du6A_MGt5Cs1UIcnOqrqSpaFgmZbcAEZVmutGGNW8b7xHCl7uTthfOZWNk-T0x0pJO2KIgopHgg4dvApevMpkv-x7w; GZ=Z=0
Source: global traffic	HTTP traffic detected: GET /async/bgasy?ei=jHXdZ72EIY78ptQPq-n0mAE&opi=89978449&rlz=1C1ONGR_enUS1154&yv=3&cs=0&async=_fmt:jspb HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"downlink: 10X-DoS-Behavior: Embedsec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: /X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF7oc3-3Hxkdvp9cZ0Bh5-g7Du6A_MGt5Cs1UIcnOqrqSpaFgmZbcAEZVmutGGNW8b7xHCl7uTthfOZWNk-T0x0pJO2KIgopHgg4dvApevMpkv-x7w; GZ=Z=0; DV=k9Z28NGpqcoSwPhEXvq4VJEO5TKRWxk
Source: global traffic	HTTP traffic detected: GET /xjs/_/ss/k=xjs.s.tWGBBDf-ZD4.L.B1.O/am=AOIhgBAAAAAIAAAAIQBUAAIAAAAAAAAAAAAAAAAAAAAAAAAASAAAAAABAAAAAAAAgAAAGAMiAIBQJgEaAAQQnBAAsgMAAAAAH8AhThWAAgAAAACAACABAAAAAAACAAIAQEIIAABEAQAAACAghDAAIACACQAAEAEAIBAAACAEBgAAGQAAAAAIAOQSAHEAAAQAwAAAwAEQACQAAABCYQEIAABACQEAAAAAACgAAAAgAACAEIAcgmEABBUABnAEAAAAACIAQCAAAAAIAAgBADAAoAAAECAAAPQAgAB8AABAAkQAACgAAxABQCEAIADABgAEAAAAJAAAAACgBQAOIwyAAAAAAAAAACABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAEAAAAAAAAAAAAAAAAAAAAAAAE/d=0/br=1/rs=ACT90oEEdVDYs-Vy_xluoaljbM9cdWK_zA/m=symn,sy1re?xjs=s4 HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: /X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF7oc3-3Hxkdvp9cZ0Bh5-g7Du6A_MGt5Cs1UIcnOqrqSpaFgmZbcAEZVmutGGNW8b7xHCl7uTthfOZWNk-T0x0pJO2KIgopHgg4dvApevMpkv-x7w; GZ=Z=0; DV=k9Z28NGpqcoSwPhEXvq4VJEO5TKRWxk
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/k=xjs.s.en.49VjBiClxPs.2018.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAigIAACAAAAAAAAAAQAAgAAAAAAAEACAAAAAAAAAwKAgCABAAAAAgAAAAAAYAIAQCBgAQAoAAAAAAAAAAAACAAAAAACIgDs9x8GAAAAAAAAAAAAAAAAAAGQAAAAAAAAAAAXAAACMABCdgEBAAAAAAAAACAAAAAAAAAgAAAAAAAAAgAAABQAAAAAAAAAABAAAAAAAAAABAAAABAAABAAAAAAAAAAAAAAAAAAAAAAAAAAABgAQAEABPADAAAAAADgAAAAgAAAAAAOIwyAAAAAAAAAAOQB4PEAHFJQAAAAAAAAAAAAAAAAIAAJgjmQfkEAAQAAAAAAAAAAAAAAAAAASBE0ca0BAAI/d=0/dg=0/br=1/rs=ACT90oFQyfFefxJ74SpWI-j_gqNApxgXDg/m=sy2d5,P10Owf,sy1s0,gSZvdb,sy1tg,WlNQGd,sy4n8,sy3s9,nabPbb,sy1sp,sy1sn,symn,sy1re,CnSW2d,sy87k,sy5uj,sy1ji,syyf,syyd,syye,sy1tm,sy1tk,VD4Qme,syhk,BYwJlf,sy19u,sy19t,VEbNoe,sy4lj,xuUld,sy408,sy15i,sy14t,sy15f,sy15e,M2ABbc,sy7f6,SC7lYd,sy1ux,fiAufb,sy1uw,q00IXe,sy1v1,sy1v0,sy1uy,Fh0l0,sy4l6,qcH9Lc,gCngrf,pjDTFb,sy4kv,sy2tl,KgxeNb,sy4kr,khkNpe?xjs=s4 HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: /X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF7oc3-3Hxkdvp9cZ0Bh5-g7Du6A_MGt5Cs1UIcnOqrqSpaFgmZbcAEZVmutGGNW8b7xHCl7uTthfOZWNk-T0x0pJO2KIgopHgg4dvApevMpkv-x7w; GZ=Z=0; DV=k9Z28NGpqcoSwPhEXvq4VJEO5TKRWxk
Source: global traffic	HTTP traffic detected: GET /client_204?cs=1&opi=89978449 HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: /X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF7oc3-3Hxkdvp9cZ0Bh5-g7Du6A_MGt5Cs1UIcnOqrqSpaFgmZbcAEZVmutGGNW8b7xHCl7uTthfOZWNk-T0x0pJO2KIgopHgg4dvApevMpkv-x7w; GZ=Z=0; DV=k9Z28NGpqcoSwPhEXvq4VJEO5TKRWxk
Source: global traffic	HTTP traffic detected: GET /complete/search?q&cp=0&client=gws-wiz-serp&xssi=t&gs_pcrt=2&hl=en&authuser=0&pq=EMAIL%20EXAMPLE&psi=jHXdZ72EIY78ptQPq-n0mAE.1742566799304&dpr=1&ofp=GPr636TJx7rLaRjIrpTGxOud7eQBGMeysczd-OLp5AEY8MKqmtfQgptNGM3Q4pfYreTD4AE&nolsbt=1 HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: /X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF7oc3-3Hxkdvp9cZ0Bh5-g7Du6A_MGt5Cs1UIcnOqrqSpaFgmZbcAEZVmutGGNW8b7xHCl7uTthfOZWNk-T0x0pJO2KIgopHgg4dvApevMpkv-x7w; GZ=Z=0; DV=k9Z28NGpqcoSwPhEXvq4VJEO5TKRWxk
Source: global traffic	HTTP traffic detected: GET /complete/search?q=EMAIL%20EXAMPLE&cp=0&client=desktop-gws-wiz-on-focus-serp&xssi=t&gs_pcrt=3&hl=en&authuser=0&pq=EMAIL%20EXAMPLE&psi=jHXdZ72EIY78ptQPq-n0mAE.1742566799304&dpr=1&ofp=EAEY-vrfpMnHustpGMiulMbE653t5AEYx7KxzN344unkARjwwqqa19CCm00YzdDil9it5MPgATLtAQodChtlbWFpbCBleGFtcGxlcyBmb3Igc3R1ZGVudHMKFgoUZm9ybWFsIGVtYWlsIGV4YW1wbGUKFAoSMyBleGFtcGxlIG9mIGVtYWlsCiMKIWZvcm1hbCBlbWFpbCBleGFtcGxlIHRvIGEgY29tcGFueQojCiFlbWFpbCBleGFtcGxlIGZvciBqb2IgYXBwbGljYXRpb24KGAoWaW5mb3JtYWwgZW1haWwgZXhhbXBsZQohCh9wcm9mZXNzaW9uYWwgZW1haWwgZXhhbXBsZSBuYW1lChUKE2dvb2QgZW1haWwgZXhhbXBsZXMQRzJqChoKGFdoYXQgYXJlIGVtYWlsIGV4YW1wbGVzPwopCidXaGF0IGlzIGFuIGV4YW1wbGUgb2YgYW4gZW1haWwgYWRkcmVzcz8KHgocV2hhdCBpcyBhbiBleGFtcGxlIG9mIEdtYWlsPxDkAg HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: /X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF7oc3-3Hxkdvp9cZ0Bh5-g7Du6A_MGt5Cs1UIcnOqrqSpaFgmZbcAEZVmutGGNW8b7xHCl7uTthfOZWNk-T0x0pJO2KIgopHgg4dvApevMpkv-x7w; GZ=Z=0; DV=k9Z28NGpqcoSwPhEXvq4VJEO5TKRWxk
Source: global traffic	HTTP traffic detected: GET /async/asyncContextualTask?vet=12ahUKEwi9-p6Xr5uMAxUOvokEHas0HRMQ4dMLegQIChAA..i&ei=jHXdZ72EIY78ptQPq-n0mAE&opi=89978449&rlz=1C1ONGR_enUS1154&yv=3&cid=7359516200581613344&cs=0&async=_basejs:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.s.en.49VjBiClxPs.2018.O%2Fam%3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAigIAACAAAAAAAAAAQAAgAAAAAAAEACAAAAAAAAAwKAgCABAAAAAgAAAAAAYAIAQCBgAQAoAAAAAAAAAAAACAAAAAACIgDs9x8GAAAAAAAAAAAAAAAAAAGQAAAAAAAAAAAXAAACMABCdgEBAAAAAAAAACAAAAAAAAAgAAAAAAAAAgAAABQAAAAAAAAAABAAAAAAAAAABAAAABAAABAAAAAAAAAAAAAAAAAAAAAAAAAAABgAQAEABPADAAAAAADgAAAAgAAAAAAOIwyAAAAAAAAAAOQB4PEAHFJQAAAAAAAAAAAAAAAAIAAJgjmQfkEAAQAAAAAAAAAAAAAAAAAASBE0ca0BAAI%2Fdg%3D0%2Fbr%3D1%2Frs%3DACT90oFQyfFefxJ74SpWI-j_gqNApxgXDg,_basecss:%2Fxjs%2F_%2Fss%2Fk%3Dxjs.s.tWGBBDf-ZD4.L.B1.O%2Fam%3DAOIhgBAAAAAIAAAAIQBUAAIAAAAAAAAAAAAAAAAAAAAAAAAASAAAAAABAAAAAAAAgAAAGAMiAIBQJgEaAAQQnBAAsgMAAAAAH8AhThWAAgAAAACAACABAAAAAAACAAIAQEIIAABEAQAAACAghDAAIACACQAAEAEAIBAAACAEBgAAGQAAAAAIAOQSAHEAAAQAwAAAwAEQACQAAABCYQEIAABACQEAAAAAACgAAAAgAACAEIAcgmEABBUABnAEAAAAACIAQCAAAAAIAAgBADAAoAAAECAAAPQAgAB8AABAAkQAACgAAxABQCEAIADABgAEAAAAJAAAAACgBQAOIwyAAAAAAAAAACABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAEAAAAAAAAAAAAAAAAAAAAAAAE%2Fbr%3D1%2Frs%3DACT90oEEdVDYs-Vy_xluoaljbM9cdWK_zA,_basecomb:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.s.en.49VjBiClxPs.2018.O%2Fck%3Dxjs.s.tWGBBDf-ZD4.L.B1.O%2Fam%3DAOIhgBAAAAAIAAAAIQBUAAIAAAAAAAAAAAAAAAAAAAAAAAAASAAAAAABAAAAAAAAgAAAGAuiIIBSJgEaAAQQnBQAsgMAAAAAH8AjThWAAgAAAwKAgCABAAAAAgACAAIAYEIIQCBkAQAoACAghDAAIACACQAAEAECIhDs9z8GBgAAGQAAAAAIAOQSAHGQAAQAwAAAwAEXACQCMABCdwEJAABACQEAACAAACgAAAAgAACAEIAcgmEABBUABnAEAAAAADIAQCAAAAAIBAgBADAAoBAAECAAAPQAgAB8AABAAkQAACgAAxgBQCEAJPDDBgAEAADgJAAAgACgBQAOIwyAAAAAAAAAAOQB4PEAHFJQAAAAAAAAAAAAAAAAIAAJgjmQfkEAAQAAAAAAAAAAAAAAAAAASBE0ca0BAAI%2Fd%3D1%2Fed%3D1%2Fdg%3D0%2Fbr%3D1%2Fujg%3D1%2Frs%3DACT90oHdCXVx1HqrjKFswfYt4B3HOrFvKA,_fmt:prog,_id:rNi7Zc HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"downlink: 10X-DoS-Behavior: Embedsec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: /X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPe
Source: global traffic	HTTP traffic detected: GET /async/asyncContextualTask?vet=12ahUKEwi9-p6Xr5uMAxUOvokEHas0HRMQ4dMLegQICRAA..i&ei=jHXdZ72EIY78ptQPq-n0mAE&opi=89978449&rlz=1C1ONGR_enUS1154&yv=3&cid=17536405454505776931&cs=0&async=_basejs:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.s.en.49VjBiClxPs.2018.O%2Fam%3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAigIAACAAAAAAAAAAQAAgAAAAAAAEACAAAAAAAAAwKAgCABAAAAAgAAAAAAYAIAQCBgAQAoAAAAAAAAAAAACAAAAAACIgDs9x8GAAAAAAAAAAAAAAAAAAGQAAAAAAAAAAAXAAACMABCdgEBAAAAAAAAACAAAAAAAAAgAAAAAAAAAgAAABQAAAAAAAAAABAAAAAAAAAABAAAABAAABAAAAAAAAAAAAAAAAAAAAAAAAAAABgAQAEABPADAAAAAADgAAAAgAAAAAAOIwyAAAAAAAAAAOQB4PEAHFJQAAAAAAAAAAAAAAAAIAAJgjmQfkEAAQAAAAAAAAAAAAAAAAAASBE0ca0BAAI%2Fdg%3D0%2Fbr%3D1%2Frs%3DACT90oFQyfFefxJ74SpWI-j_gqNApxgXDg,_basecss:%2Fxjs%2F_%2Fss%2Fk%3Dxjs.s.tWGBBDf-ZD4.L.B1.O%2Fam%3DAOIhgBAAAAAIAAAAIQBUAAIAAAAAAAAAAAAAAAAAAAAAAAAASAAAAAABAAAAAAAAgAAAGAMiAIBQJgEaAAQQnBAAsgMAAAAAH8AhThWAAgAAAACAACABAAAAAAACAAIAQEIIAABEAQAAACAghDAAIACACQAAEAEAIBAAACAEBgAAGQAAAAAIAOQSAHEAAAQAwAAAwAEQACQAAABCYQEIAABACQEAAAAAACgAAAAgAACAEIAcgmEABBUABnAEAAAAACIAQCAAAAAIAAgBADAAoAAAECAAAPQAgAB8AABAAkQAACgAAxABQCEAIADABgAEAAAAJAAAAACgBQAOIwyAAAAAAAAAACABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAEAAAAAAAAAAAAAAAAAAAAAAAE%2Fbr%3D1%2Frs%3DACT90oEEdVDYs-Vy_xluoaljbM9cdWK_zA,_basecomb:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.s.en.49VjBiClxPs.2018.O%2Fck%3Dxjs.s.tWGBBDf-ZD4.L.B1.O%2Fam%3DAOIhgBAAAAAIAAAAIQBUAAIAAAAAAAAAAAAAAAAAAAAAAAAASAAAAAABAAAAAAAAgAAAGAuiIIBSJgEaAAQQnBQAsgMAAAAAH8AjThWAAgAAAwKAgCABAAAAAgACAAIAYEIIQCBkAQAoACAghDAAIACACQAAEAECIhDs9z8GBgAAGQAAAAAIAOQSAHGQAAQAwAAAwAEXACQCMABCdwEJAABACQEAACAAACgAAAAgAACAEIAcgmEABBUABnAEAAAAADIAQCAAAAAIBAgBADAAoBAAECAAAPQAgAB8AABAAkQAACgAAxgBQCEAJPDDBgAEAADgJAAAgACgBQAOIwyAAAAAAAAAAOQB4PEAHFJQAAAAAAAAAAAAAAAAIAAJgjmQfkEAAQAAAAAAAAAAAAAAAAAASBE0ca0BAAI%2Fd%3D1%2Fed%3D1%2Fdg%3D0%2Fbr%3D1%2Fujg%3D1%2Frs%3DACT90oHdCXVx1HqrjKFswfYt4B3HOrFvKA,_fmt:prog,_id:rNi7Zc HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"downlink: 10X-DoS-Behavior: Embedsec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: /X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDP
Source: global traffic	HTTP traffic detected: GET /async/vpkg?vet=10ahUKEwi9-p6Xr5uMAxUOvokEHas0HRMQj5gNCCc..i&ei=jHXdZ72EIY78ptQPq-n0mAE&opi=89978449&rlz=1C1ONGR_enUS1154&yv=3&cs=0&async=_basejs:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.s.en.49VjBiClxPs.2018.O%2Fam%3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAigIAACAAAAAAAAAAQAAgAAAAAAAEACAAAAAAAAAwKAgCABAAAAAgAAAAAAYAIAQCBgAQAoAAAAAAAAAAAACAAAAAACIgDs9x8GAAAAAAAAAAAAAAAAAAGQAAAAAAAAAAAXAAACMABCdgEBAAAAAAAAACAAAAAAAAAgAAAAAAAAAgAAABQAAAAAAAAAABAAAAAAAAAABAAAABAAABAAAAAAAAAAAAAAAAAAAAAAAAAAABgAQAEABPADAAAAAADgAAAAgAAAAAAOIwyAAAAAAAAAAOQB4PEAHFJQAAAAAAAAAAAAAAAAIAAJgjmQfkEAAQAAAAAAAAAAAAAAAAAASBE0ca0BAAI%2Fdg%3D0%2Fbr%3D1%2Frs%3DACT90oFQyfFefxJ74SpWI-j_gqNApxgXDg,_basecss:%2Fxjs%2F_%2Fss%2Fk%3Dxjs.s.tWGBBDf-ZD4.L.B1.O%2Fam%3DAOIhgBAAAAAIAAAAIQBUAAIAAAAAAAAAAAAAAAAAAAAAAAAASAAAAAABAAAAAAAAgAAAGAMiAIBQJgEaAAQQnBAAsgMAAAAAH8AhThWAAgAAAACAACABAAAAAAACAAIAQEIIAABEAQAAACAghDAAIACACQAAEAEAIBAAACAEBgAAGQAAAAAIAOQSAHEAAAQAwAAAwAEQACQAAABCYQEIAABACQEAAAAAACgAAAAgAACAEIAcgmEABBUABnAEAAAAACIAQCAAAAAIAAgBADAAoAAAECAAAPQAgAB8AABAAkQAACgAAxABQCEAIADABgAEAAAAJAAAAACgBQAOIwyAAAAAAAAAACABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAEAAAAAAAAAAAAAAAAAAAAAAAE%2Fbr%3D1%2Frs%3DACT90oEEdVDYs-Vy_xluoaljbM9cdWK_zA,_basecomb:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.s.en.49VjBiClxPs.2018.O%2Fck%3Dxjs.s.tWGBBDf-ZD4.L.B1.O%2Fam%3DAOIhgBAAAAAIAAAAIQBUAAIAAAAAAAAAAAAAAAAAAAAAAAAASAAAAAABAAAAAAAAgAAAGAuiIIBSJgEaAAQQnBQAsgMAAAAAH8AjThWAAgAAAwKAgCABAAAAAgACAAIAYEIIQCBkAQAoACAghDAAIACACQAAEAECIhDs9z8GBgAAGQAAAAAIAOQSAHGQAAQAwAAAwAEXACQCMABCdwEJAABACQEAACAAACgAAAAgAACAEIAcgmEABBUABnAEAAAAADIAQCAAAAAIBAgBADAAoBAAECAAAPQAgAB8AABAAkQAACgAAxgBQCEAJPDDBgAEAADgJAAAgACgBQAOIwyAAAAAAAAAAOQB4PEAHFJQAAAAAAAAAAAAAAAAIAAJgjmQfkEAAQAAAAAAAAAAAAAAAAAASBE0ca0BAAI%2Fd%3D1%2Fed%3D1%2Fdg%3D0%2Fbr%3D1%2Fujg%3D1%2Frs%3DACT90oHdCXVx1HqrjKFswfYt4B3HOrFvKA,_fmt:prog,_id:QPwIld HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"downlink: 10X-DoS-Behavior: Embedsec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: /X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/k=xjs.s.en.49VjBiClxPs.2018.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAigIAACAAAAAAAAAAQAAgAAAAAAAEACAAAAAAAAAwKAgCABAAAAAgAAAAAAYAIAQCBgAQAoAAAAAAAAAAAACAAAAAACIgDs9x8GAAAAAAAAAAAAAAAAAAGQAAAAAAAAAAAXAAACMABCdgEBAAAAAAAAACAAAAAAAAAgAAAAAAAAAgAAABQAAAAAAAAAABAAAAAAAAAABAAAABAAABAAAAAAAAAAAAAAAAAAAAAAAAAAABgAQAEABPADAAAAAADgAAAAgAAAAAAOIwyAAAAAAAAAAOQB4PEAHFJQAAAAAAAAAAAAAAAAIAAJgjmQfkEAAQAAAAAAAAAAAAAAAAAASBE0ca0BAAI/d=0/dg=0/br=1/rs=ACT90oFQyfFefxJ74SpWI-j_gqNApxgXDg/m=sy6pk,n7h7Lc?xjs=s4 HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: /X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; NID=522=onWdb3DtvZ99VQwUSPPX8nTb5TGTPmllA5vnDU1sOspKxhaIpR-W16I4Q7CVzjjSp-i6QIE1CYNeY67eugT46uzu9xPDPeSoXiVAtEWSqLEydCgj9xyhpS2zMftn6y1LvULZsLBVvF7oc3-3Hxkdvp9cZ0Bh5-g7Du6A_MGt5Cs1UIcnOqrqSpaFgmZbcAEZVmutGGNW8b7xHCl7uTthfOZWNk-T0x0pJO2KIgopHgg4dvApevMpkv-x7w; GZ=Z=0; DV=k9Z28NGpqcoSwPhEXvq4VJEO5TKRWxk
Source: global traffic	HTTP traffic detected: GET /js/bg/Ph-gd9sCPF6QpBFT5fAzVYmjYMhzS6XU7kSEZ0TZyFg.js HTTP/1.1Host: www.google.comConnection: keep-alivedownlink: 10sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"sec-ch-prefers-color-scheme: lightUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36rtt: 250sec-ch-ua-platform-version: "10.0.0"Accept: /X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AEC=AVcja2dnEAETXYFAPKsnFCnaYabLuo8xqSXxZNmDXqu-ccfDrv6DfVXOhw; GZ=Z=0; DV=k9Z28NGpqcoSwPhEXvq4VJEO5TKRWxk; NID=522=oqJHihU1hBa3fn77ZUkEPlUtVsl0DZW2jIRTQgWEF9uWVv3JJgMpAdnhJV69Y_dznWQrXWCr5fYFu4RKevZGhR1GqcRLk977OBS4XI_69V5HzMB9WnxZd_ZSGI39hdvrR-IJrtsx2hzMD0cIF3yHXSFhDl0wpuRQc3B3JMS0KFjM79zlX535TKPk6NNKbJUYgsc8LUpQkClQRo4T20hPzw6rs2xZlGc6nx8rCFOLlwDH6MgFD5LpWsb2yqmb43CBqBQm

Source: global traffic	DNS traffic detected: DNS query: api.dtf.ru
Source: global traffic	DNS traffic detected: DNS query: gamma.app
Source: global traffic	DNS traffic detected: DNS query: use.typekit.net
Source: global traffic	DNS traffic detected: DNS query: cdn.iframe.ly
Source: global traffic	DNS traffic detected: DNS query: p.typekit.net
Source: global traffic	DNS traffic detected: DNS query: o698378.ingest.sentry.io
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: cdn.optimizely.com
Source: global traffic	DNS traffic detected: DNS query: events.api.gamma.app
Source: global traffic	DNS traffic detected: DNS query: app.launchdarkly.com
Source: global traffic	DNS traffic detected: DNS query: cdn.gamma.app
Source: global traffic	DNS traffic detected: DNS query: api.gamma.app
Source: global traffic	DNS traffic detected: DNS query: a187838077.cdn.optimizely.com
Source: global traffic	DNS traffic detected: DNS query: clientstream.launchdarkly.com
Source: global traffic	DNS traffic detected: DNS query: static.cloudflareinsights.com
Source: global traffic	DNS traffic detected: DNS query: logx.optimizely.com
Source: global traffic	DNS traffic detected: DNS query: assets.churnkey.co
Source: global traffic	DNS traffic detected: DNS query: imgproxy.gamma.app
Source: global traffic	DNS traffic detected: DNS query: signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org
Source: global traffic	DNS traffic detected: DNS query: widget.intercom.io
Source: global traffic	DNS traffic detected: DNS query: events.launchdarkly.com
Source: global traffic	DNS traffic detected: DNS query: canny.io
Source: global traffic	DNS traffic detected: DNS query: js.intercomcdn.com
Source: global traffic	DNS traffic detected: DNS query: api-iam.intercom.io
Source: global traffic	DNS traffic detected: DNS query: nexus-websocket-a.intercom.io
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: cdn.jsdelivr.net
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: apis.google.com
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: id.google.com
Source: global traffic	DNS traffic detected: DNS query: dns-tunnel-check.googlezip.net
Source: global traffic	DNS traffic detected: DNS query: tunnel.googlezip.net

Source: unknown

HTTP traffic detected: POST /api/5776661/envelope/?sentry_key=824b9acd00f449f283554475ff8303bb&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.8.0 HTTP/1.1Host: o698378.ingest.sentry.ioConnection: keep-aliveContent-Length: 490sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: text/plain;charset=UTF-8sec-ch-ua-mobile: ?0Accept: */*Origin: https://gamma.appSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://gamma.app/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginxDate: Fri, 21 Mar 2025 14:18:17 GMTContent-Type: text/htmlContent-Length: 548Strict-Transport-Security: max-age=31536000; includeSubDomains; preloadVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginxDate: Fri, 21 Mar 2025 14:18:23 GMTContent-Type: text/htmlContent-Length: 548Strict-Transport-Security: max-age=31536000; includeSubDomains; preloadVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginxDate: Fri, 21 Mar 2025 14:18:24 GMTContent-Type: text/htmlContent-Length: 548Strict-Transport-Security: max-age=31536000; includeSubDomains; preloadVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 21 Mar 2025 14:18:24 GMTContent-Type: application/json; charset=utf-8Content-Length: 67Connection: closeX-Powered-By: ExpressVary: OriginAccess-Control-Allow-Credentials: trueETag: W/"43-VS8Zk4sa6WhQp4atvaFlfxregaw"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 21 Mar 2025 14:18:24 GMTContent-Type: application/json; charset=utf-8Content-Length: 78Connection: closeX-Powered-By: ExpressVary: OriginAccess-Control-Allow-Credentials: trueETag: W/"4e-zsIbJVw6xrpzOUC/ZlEdZPzWsAE"
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginxDate: Fri, 21 Mar 2025 14:18:24 GMTContent-Type: text/htmlContent-Length: 548Strict-Transport-Security: max-age=31536000; includeSubDomains; preloadVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 21 Mar 2025 14:18:25 GMTContent-Type: text/html; charset=UTF-8Content-Length: 7641Connection: closeaccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UAcf-mitigated: challengecritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UAcross-origin-embedder-policy: require-corpcross-origin-opener-policy: same-origincross-origin-resource-policy: same-originorigin-agent-cluster: ?1permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()referrer-policy: same-originserver-timing: chlray;desc="923e1412ceae42d1"x-content-options: nosniffx-frame-options: SAMEORIGIN
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 21 Mar 2025 14:18:25 GMTContent-Type: application/json; charset=utf-8Content-Length: 67Connection: closeX-Powered-By: ExpressVary: OriginAccess-Control-Allow-Credentials: trueETag: W/"43-tRn5gtlf1DvZQJH7tcLHAe4uZTY"
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginxDate: Fri, 21 Mar 2025 14:18:25 GMTContent-Type: text/htmlContent-Length: 548Strict-Transport-Security: max-age=31536000; includeSubDomains; preloadVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 21 Mar 2025 14:19:12 GMTContent-Type: application/json; charset=utf-8Content-Length: 67Connection: closeX-Powered-By: ExpressVary: OriginAccess-Control-Allow-Credentials: trueETag: W/"43-tRn5gtlf1DvZQJH7tcLHAe4uZTY"

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50131 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50211 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 50177 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50257 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 50085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50360 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 50165 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50325 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 50359 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50303 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50269 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 50280 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50153 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 50061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50187 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50221 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50301 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49682 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50270 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 50347 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 50282 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50247 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50095 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50155 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 50313 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 50038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 50143 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50208 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 50083 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown	Network traffic detected: HTTP traffic on port 50121 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49993
Source: unknown	Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 50277 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50151 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50331
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50330
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50332
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50334
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50071 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50106
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50348
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50105
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50347
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50107
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50349
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50109
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50100
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50102
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50101
Source: unknown	Network traffic detected: HTTP traffic on port 50243 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50104
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50346
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50103
Source: unknown	Network traffic detected: HTTP traffic on port 50289 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50117
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50359
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50358
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50119
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50118
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50350
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50111
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50353
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50110
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50113
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50355
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50112
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50114
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50360
Source: unknown	Network traffic detected: HTTP traffic on port 50175 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50213 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50128
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50127
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50129
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50120
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50362
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 50093 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50361
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50122
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50121
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50124
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50123
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50126
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50125
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50315 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50350 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50106 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50267 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50362 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50304
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50303
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50306
Source: unknown	Network traffic detected: HTTP traffic on port 50173 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50308
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50307
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50309
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50201 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50300
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50302
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50301
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50141 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50315
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50314
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50316
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50319
Source: unknown	Network traffic detected: HTTP traffic on port 50118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50279 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50311
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50310
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50313
Source: unknown	Network traffic detected: HTTP traffic on port 50223 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50312
Source: unknown	Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50163 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50349 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50326
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50325
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50328
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50327
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50329
Source: unknown	Network traffic detected: HTTP traffic on port 50245 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50322
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50321
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50324
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50323
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50327 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50054
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50053
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50055
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50059
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50061
Source: unknown	Network traffic detected: HTTP traffic on port 50286 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50062
Source: unknown	Network traffic detected: HTTP traffic on port 50102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50148 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50065
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50064
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50067
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50066
Source: unknown	Network traffic detected: HTTP traffic on port 50331 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50069
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50068
Source: unknown	Network traffic detected: HTTP traffic on port 50205 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50240 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50183 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50070
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50071
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50074
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50073
Source: unknown	Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50308 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50252 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50075
Source: unknown	Network traffic detected: HTTP traffic on port 50057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50078
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50077
Source: unknown	Network traffic detected: HTTP traffic on port 50114 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50079
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50081
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50080
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50083
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50082
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50085
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50084
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50087
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50086
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50089
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50088
Source: unknown	Network traffic detected: HTTP traffic on port 50079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50090
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50091
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50094
Source: unknown	Network traffic detected: HTTP traffic on port 50136 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50093
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50096
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50095
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown	Network traffic detected: HTTP traffic on port 50193 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50252
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50251
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown	Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 50090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50016
Source: unknown	Network traffic detected: HTTP traffic on port 50353 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50015
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50257
Source: unknown	Network traffic detected: HTTP traffic on port 50161 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50261
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50215 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50230 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50263
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50262
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50264
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50267
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50269
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50026
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50268
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50264 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50270
Source: unknown	Network traffic detected: HTTP traffic on port 50021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50030
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50272
Source: unknown	Network traffic detected: HTTP traffic on port 50138 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50271
Source: unknown	Network traffic detected: HTTP traffic on port 50067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50039
Source: unknown	Network traffic detected: HTTP traffic on port 49995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50274
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50031
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50273
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50276
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50275
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50278
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50277
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50038
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50037
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50279
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50242 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50281
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50280
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50041

Source: unknown	HTTPS traffic detected: 5.188.161.118:443 -> 192.168.2.17:49718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 5.188.161.118:443 -> 192.168.2.17:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.200:443 -> 192.168.2.17:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.200:443 -> 192.168.2.17:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.85.61.100:443 -> 192.168.2.17:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.152.142:443 -> 192.168.2.17:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.152.134:443 -> 192.168.2.17:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.120.195.249:443 -> 192.168.2.17:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.120.195.249:443 -> 192.168.2.17:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:49758 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.200:443 -> 192.168.2.17:49774 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.66.57:443 -> 192.168.2.17:49811 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.194.217:443 -> 192.168.2.17:49813 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.194.217:443 -> 192.168.2.17:49812 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.200:443 -> 192.168.2.17:49818 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 18.118.124.252:443 -> 192.168.2.17:49815 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 18.118.124.252:443 -> 192.168.2.17:49814 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.200:443 -> 192.168.2.17:49819 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.200:443 -> 192.168.2.17:49820 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.65.57:443 -> 192.168.2.17:49833 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.142.109.26:443 -> 192.168.2.17:49828 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.142.109.26:443 -> 192.168.2.17:49829 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.2.217:443 -> 192.168.2.17:49831 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.2.217:443 -> 192.168.2.17:49832 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 76.223.31.44:443 -> 192.168.2.17:49835 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.200:443 -> 192.168.2.17:49843 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.200:443 -> 192.168.2.17:49844 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.79.73:443 -> 192.168.2.17:49845 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.49.241.189:443 -> 192.168.2.17:49851 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.71.250:443 -> 192.168.2.17:49857 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 76.223.31.44:443 -> 192.168.2.17:49856 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.200:443 -> 192.168.2.17:49858 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.200:443 -> 192.168.2.17:49859 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.200:443 -> 192.168.2.17:49862 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.200:443 -> 192.168.2.17:49863 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.200:443 -> 192.168.2.17:49865 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 18.173.219.110:443 -> 192.168.2.17:49868 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.249.91.44:443 -> 192.168.2.17:49866 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.219.189.64:443 -> 192.168.2.17:49867 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.139.47.108:443 -> 192.168.2.17:49871 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.139.47.108:443 -> 192.168.2.17:49872 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.200:443 -> 192.168.2.17:49873 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.162.108:443 -> 192.168.2.17:49874 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.162.108:443 -> 192.168.2.17:49875 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.21.58.159:443 -> 192.168.2.17:49878 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.21.58.159:443 -> 192.168.2.17:49877 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.21.41.111:443 -> 192.168.2.17:49879 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.21.41.111:443 -> 192.168.2.17:49880 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.174.127.31:443 -> 192.168.2.17:49881 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.38:443 -> 192.168.2.17:49884 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.95.41:443 -> 192.168.2.17:49885 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.95.41:443 -> 192.168.2.17:49892 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.95.41:443 -> 192.168.2.17:49906 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.162.108:443 -> 192.168.2.17:49913 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.229:443 -> 192.168.2.17:50019 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.21.58.159:443 -> 192.168.2.17:50142 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.130.137:443 -> 192.168.2.17:50168 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.174.127.31:443 -> 192.168.2.17:50169 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.174.127.31:443 -> 192.168.2.17:50214 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50219 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50229 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50230 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50231 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50240 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50241 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50242 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50243 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50244 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50245 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50246 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50257 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50262 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.41.14:443 -> 192.168.2.17:50269 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.41.14:443 -> 192.168.2.17:50274 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50275 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50277 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50278 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50281 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50285 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50282 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50283 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50328 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50329 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50331 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50327 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50332 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.17:50330 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.17:50334 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\scoped_dir6944_1169445050

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File deleted: C:\Windows\SystemTemp\scoped_dir6944_1169445050

Source: classification engine

Classification label: mal60.phis.win@33/0@101/407

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1980,i,10731384019852493687,14579561413098848484,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2228 /prefetch:3
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://api.dtf.ru/v2.8/redirect?to=https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=doc"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1980,i,10731384019852493687,14579561413098848484,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2228 /prefetch:3
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Browser Extensions	1 Process Injection	12 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Extra Window Memory Injection	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	1 File Deletion	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	1 Web Protocols	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	1 Extra Window Memory Injection	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	5 Application Layer Protocol	Traffic Duplication	Data Destruction
Gather Victim Network Information	Server	Cloud Accounts	Launchd	Network Logon Script	Network Logon Script	Software Packing	LSA Secrets	Internet Connection Discovery	SSH	Keylogging	3 Ingress Tool Transfer	Scheduled Transfer	Data Encrypted for Impact

Source	Detection	Scanner	Label	Link
https://api.dtf.ru/v2.8/redirect?to=https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=doc	0%	Avira URL Cloud	safe

Source	Detection	Scanner	Label
https://gamma.app/_next/static/chunks/8c469d57-125fc4e271dbee1b.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/ad54e6ef-c1497d83c32edce5.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/7811-95fc21fe63dec224.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/9639-adf3eebe6a0407b3.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://app.launchdarkly.com/sdk/evalx/61e83cfd8ac5a016e6f0d0b6/contexts/eyJraW5kIjoibXVsdGkiLCJ1c2VyIjp7ImtleSI6ImxkX2Fub255bW91c191c2VyIiwiYW5vbnltb3VzIjp0cnVlLCJpc0dhbW1hRTJFIjpmYWxzZSwiaXNHYW1tYVVzZXIiOmZhbHNlLCJvcmdJZCI6Im5vX29yZ19pZCIsImlzTW9iaWxlRGV2aWNlIjpmYWxzZSwiZGVwbG95VGltZSI6MTc0MjUwMTY1NTQ2NSwiZGVwbG95bWVudEhhc2giOiI1dnUxNDd0MDMifX0?withReasons=true	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/572-b62633d8525ea3a1.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/webpack-e96583cc1369047b.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/4787-978329409cb23e6a.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://clientstream.launchdarkly.com/eval/61e83cfd8ac5a016e6f0d0b6/eyJraW5kIjoibXVsdGkiLCJ1c2VyIjp7ImtleSI6ImxkX2Fub255bW91c191c2VyIiwiYW5vbnltb3VzIjp0cnVlLCJpc0dhbW1hRTJFIjpmYWxzZSwiaXNHYW1tYVVzZXIiOmZhbHNlLCJvcmdJZCI6Im5vX29yZ19pZCIsImlzTW9iaWxlRGV2aWNlIjpmYWxzZSwiZGVwbG95VGltZSI6MTc0MjUwMTY1NTQ2NSwiZGVwbG95bWVudEhhc2giOiI1dnUxNDd0MDMifX0?withReasons=true	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/93656207-5a8710788d43745e.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/9015.3da411409f75d0c1.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/3641-a3fcc7ee223db83f.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/b4d7d80c-6672be498163ec97.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/8766-c5b1d82d7a5b4784.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/1035ef44-a82a0e0646431fa5.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/9b583bcd-e94a9f27afcc219c.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/9863-3e59445465aa465e.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/1743016e.cafbf12bf63073bf.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/659-8a6828fad9a08284.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/1786-05e9315167c0f6df.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/998ccc15-d28324c84824644b.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/7981-f12d322f650a764a.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/2edb282b-c727a725ba9cab5d.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/64bbefcc-ad34eaf1d0f1c936.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/91bbf309-32a6ed56d98fa368.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/V32iEM-t0L8TcezqJ2Qa_/_buildManifest.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/4324-530c5f9bef4bd486.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/d08a6a05-cd94e662b24272fc.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/4327-1bf4b64f18f68344.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/7413e8b9.26789ad7eaab3ff4.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/9006-f56c86c9a33d98d7.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/8495-42e1816f3eaeed01.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://app.launchdarkly.com/sdk/evalx/61e83cfd8ac5a016e6f0d0b6/contexts/eyJraW5kIjoibXVsdGkiLCJ1c2VyIjp7ImtleSI6ImxkX2Fub255bW91c191c2VyIiwiYW5vbnltb3VzIjp0cnVlLCJpc0dhbW1hRTJFIjpmYWxzZSwiaXNHYW1tYVVzZXIiOmZhbHNlLCJvcmdJZCI6Im5vX29yZ19pZCIsImlzTW9iaWxlRGV2aWNlIjpmYWxzZSwiZGVwbG95VGltZSI6MTc0MjUwMTY1NTQ2NSwiZGVwbG95bWVudEhhc2giOiI1dnUxNDd0MDMiLCJicm93c2VyIjp7Im5hbWUiOiJDaHJvbWUiLCJ2ZXJzaW9uIjoiMTM0LjAuMC4wIn0sImxvY2FsZSI6ImVuLVVTIiwibG9jYXRpb24iOnsiY2l0eSI6IiIsImNvdW50cnkiOiJVUyIsImxhdGl0dWRlIjozNy43NTEsImxvbmdpdHVkZSI6LTk3LjgyMn19fQ?withReasons=true	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/3589-cffefc902b846c38.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=doc	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/8325-4eb976cbb20bec79.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/V32iEM-t0L8TcezqJ2Qa_/_ssgManifest.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/6980-3b5a299f0e1e01a2.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/4483.b1e22900348e682f.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/pages/docs/%5BdocId%5D-61e606859fc2b6e4.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/12-130ba82b2a3bc84a.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/6852-27fc7b05786708df.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/a29ae703-7accb437ac3a87e9.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/9989-9864eb8adea27fa9.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/3d35b88c.89c8cbcdea31a14b.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/9695-8f8ecdaf663cd4dd.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/3251-175a8df88172c470.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/9277-c4ad10a7f727b891.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/b13ba9de-693ee4b2b0cb0b28.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/css/d87801e5487946cc.css?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/9484.2d145ec231909a76.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://app.launchdarkly.com/sdk/evalx/61e83cfd8ac5a016e6f0d0b6/contexts/eyJraW5kIjoibXVsdGkiLCJ1c2VyIjp7ImtleSI6ImxkX2Fub255bW91c191c2VyIiwiYW5vbnltb3VzIjp0cnVlLCJpc0dhbW1hRTJFIjpmYWxzZSwiaXNHYW1tYVVzZXIiOmZhbHNlLCJvcmdJZCI6Im5vX29yZ19pZCIsImlzTW9iaWxlRGV2aWNlIjpmYWxzZSwiZGVwbG95VGltZSI6MTc0MjUwMTY1NTQ2NSwiZGVwbG95bWVudEhhc2giOiI1dnUxNDd0MDMifSwid29ya3NwYWNlIjp7ImtleSI6InV3amJibHNrN3lvdWZzZSIsIm5hbWUiOiJLcmlzIEtlbnRyeSdzIFdvcmtzcGFjZSIsInBsYW4iOiJwcm8ifX0?withReasons=true	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/316-91fc125afa02f5ee.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/995-984ec3894744e0be.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/pages/_app-df952635f0a7e43d.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/9680-e3c4e12efd5d6c79.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/6953-9883d8f0e87906f6.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/1368-791ad052cf0ceece.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/69bd6bf3-8eac31bce3de269a.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/css/f8b783c6ab1b2b30.css?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/b779bb5e-79de22188ac69032.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/8786-aa1757ffc09a6103.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/main-9475221561be5776.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/6113-39a9ddd1a2b33902.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/5884-859eb7edeaa7f956.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/8911-147aa9985b4def82.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/5adc83ef-bcbc74c04583414c.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/6267-0f348a7fac09425b.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/9786-239c79d75da680a8.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/2445-2cebfc2d3c10f6c8.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/847-141eccdf1b67f4c8.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/4229-b14fe1f0c105af0b.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/1970-f10ec3b1bd264b66.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/b155a556-6216235a369a735d.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/996-7ccc42dd9fcc84ce.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://gamma.app/_next/static/chunks/framework-89ee881bc4e530f4.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	0%	Avira URL Cloud	safe
https://imgproxy.gamma.app/resize/quality:80/resizing_type:fit/width:2000/https://cdn.gamma.app/uwjbblsk7youfse/68e80c1fd0bc43c19c0d45d7fc3addd2/original/image.png	0%	Avira URL Cloud	safe
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/jz29c/0x4AAAAAABBXfBg46pY59qVe/auto/fbE/new/normal/auto/	0%	Avira URL Cloud	safe
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/762234782:1742563506:qYmX7U20XhYaiQnjd3zwCfXYYbXJMvnWNqpRtP_BRis/923e143eb8b47289/HDGLYNW5zRJsYJcwtvgBzl4CXKhbYpwq4ChrlgtsvbY-1742566712-1.1.1.1-Qi3ZdbI3tssSUAH2A_7LDTYupnsHZk5.qjiBjKy4kyd5VFTxK4eXAP8.5cc2eivk	0%	Avira URL Cloud	safe
https://clientstream.launchdarkly.com/eval/61e83cfd8ac5a016e6f0d0b6/eyJraW5kIjoibXVsdGkiLCJ1c2VyIjp7ImtleSI6ImxkX2Fub255bW91c191c2VyIiwiYW5vbnltb3VzIjp0cnVlLCJpc0dhbW1hRTJFIjpmYWxzZSwiaXNHYW1tYVVzZXIiOmZhbHNlLCJvcmdJZCI6Im5vX29yZ19pZCIsImlzTW9iaWxlRGV2aWNlIjpmYWxzZSwiZGVwbG95VGltZSI6MTc0MjUwMTY1NTQ2NSwiZGVwbG95bWVudEhhc2giOiI1dnUxNDd0MDMifSwid29ya3NwYWNlIjp7ImtleSI6InV3amJibHNrN3lvdWZzZSIsIm5hbWUiOiJLcmlzIEtlbnRyeSdzIFdvcmtzcGFjZSIsInBsYW4iOiJwcm8ifX0?withReasons=true	0%	Avira URL Cloud	safe
https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/page/images/enter.png	0%	Avira URL Cloud	safe
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/923e143eb8b47289/1742566713381/08b038e53f3db981c0c5de6d1902889d2a906a97372af89bdc379aaef6bdd7ee/AnlkJDL3zYNBPEc	0%	Avira URL Cloud	safe
https://js.intercomcdn.com/app~tooltips-modern.7c0c2b53.js	0%	Avira URL Cloud	safe
https://js.intercomcdn.com/app-modern.182f2cf7.js	0%	Avira URL Cloud	safe
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&url=https%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3DEMAIL%2BEXAMPLE%26rlz%3D1C1ONGR_enUS1154%26oq%3DEMAIL%2BEXAMPLE%2B%26gs_lcrp%3DEgZjaHJvbWUyBggAEEUYOTINCAEQABiDARixAxiABDINCAIQABiDARixAxiABDIKCAMQABixAxiABDINCAQQABiDARixAxiABDINCAUQABiLAxixAxiABDIKCAYQABiLAxiABDIKCAcQABixAxiABDINCAgQABiLAxixAxiABDINCAkQABiLAxixAxiABNIBCDQ5MjFqMWo3qAIHsAIB8QWRqm0CxF8GZw%26sourceid%3Dchrome%26ie%3DUTF-8&pgcl=22&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE	0%	Avira URL Cloud	safe
https://www.google.com/logos/doodles/2025/womens-college-basketball-tournament-first-round-2025-6753651837110737.2-s.png	0%	Avira URL Cloud	safe
https://www.google.com/logos/doodles/2025/womens-college-basketball-tournament-first-round-2025-6753651837110737-shs.png	0%	Avira URL Cloud	safe
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=EMAIL+&oit=1&cp=6&pgcl=7&gs_rn=42&psi=jWz0QRewyfqI-Qea&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE	0%	Avira URL Cloud	safe
https://www.google.com/gen_204?atyp=csi&ei=jHXdZ72EIY78ptQPq-n0mAE&s=web&nt=navigate&t=fi&st=5386&fid=1&zx=1742566801257&opi=89978449	0%	Avira URL Cloud	safe
https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=jHXdZ72EIY78ptQPq-n0mAE&zx=1742566800383&opi=89978449	0%	Avira URL Cloud	safe
https://www.google.com/async/bgasy?ei=jHXdZ72EIY78ptQPq-n0mAE&opi=89978449&rlz=1C1ONGR_enUS1154&yv=3&cs=0&async=_fmt:jspb	0%	Avira URL Cloud	safe
https://www.google.com/gen_204?atyp=i&ei=jHXdZ72EIY78ptQPq-n0mAE&ved=0ahUKEwi9-p6Xr5uMAxUOvokEHas0HRMQj5gNCCc&vet=10ahUKEwi9-p6Xr5uMAxUOvokEHas0HRMQj5gNCCc..i&bl=L2vL&s=web&zx=1742566801550&opi=89978449	0%	Avira URL Cloud	safe
https://www.google.com/complete/search?q=EMAIL%20EXAMPLE&cp=0&client=desktop-gws-wiz-on-focus-serp&xssi=t&gs_pcrt=3&hl=en&authuser=0&pq=EMAIL%20EXAMPLE&psi=jHXdZ72EIY78ptQPq-n0mAE.1742566799304&dpr=1&ofp=EAEY-vrfpMnHustpGMiulMbE653t5AEYx7KxzN344unkARjwwqqa19CCm00YzdDil9it5MPgATLtAQodChtlbWFpbCBleGFtcGxlcyBmb3Igc3R1ZGVudHMKFgoUZm9ybWFsIGVtYWlsIGV4YW1wbGUKFAoSMyBleGFtcGxlIG9mIGVtYWlsCiMKIWZvcm1hbCBlbWFpbCBleGFtcGxlIHRvIGEgY29tcGFueQojCiFlbWFpbCBleGFtcGxlIGZvciBqb2IgYXBwbGljYXRpb24KGAoWaW5mb3JtYWwgZW1haWwgZXhhbXBsZQohCh9wcm9mZXNzaW9uYWwgZW1haWwgZXhhbXBsZSBuYW1lChUKE2dvb2QgZW1haWwgZXhhbXBsZXMQRzJqChoKGFdoYXQgYXJlIGVtYWlsIGV4YW1wbGVzPwopCidXaGF0IGlzIGFuIGV4YW1wbGUgb2YgYW4gZW1haWwgYWRkcmVzcz8KHgocV2hhdCBpcyBhbiBleGFtcGxlIG9mIEdtYWlsPxDkAg	0%	Avira URL Cloud	safe
https://www.google.com/gen_204?atyp=i&ei=jHXdZ72EIY78ptQPq-n0mAE&vet=&bl=L2vL&s=web&zx=1742566801512&opi=89978449	0%	Avira URL Cloud	safe
https://www.google.com/xjs/_/ss/k=xjs.s.tWGBBDf-ZD4.L.B1.O/am=AOIhgBAAAAAIAAAAIQBUAAIAAAAAAAAAAAAAAAAAAAAAAAAASAAAAAABAAAAAAAAgAAAGAMiAIBQJgEaAAQQnBAAsgMAAAAAH8AhThWAAgAAAACAACABAAAAAAACAAIAQEIIAABEAQAAACAghDAAIACACQAAEAEAIBAAACAEBgAAGQAAAAAIAOQSAHEAAAQAwAAAwAEQACQAAABCYQEIAABACQEAAAAAACgAAAAgAACAEIAcgmEABBUABnAEAAAAACIAQCAAAAAIAAgBADAAoAAAECAAAPQAgAB8AABAAkQAACgAAxABQCEAIADABgAEAAAAJAAAAACgBQAOIwyAAAAAAAAAACABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAEAAAAAAAAAAAAAAAAAAAAAAAE/d=0/br=1/rs=ACT90oEEdVDYs-Vy_xluoaljbM9cdWK_zA/m=y05UD,PPhKqf,sy7ta,sy1yh,sy1wu,sy1fm,sy1x3,sy1x4,sy1xg,sy1d4,syqy,sy2n1,sy1wt,sy22e,sy22h,sy1j0,epYOx?xjs=s4	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
jsdelivr.map.fastly.net	151.101.1.229	true	false	high
static.cloudflareinsights.com	104.16.79.73	true	false	high
events.launchdarkly.com	3.219.189.64	true	false	high
a1874.dscg1.akamai.net	23.204.152.134	true	false	high
assets.churnkey.co	172.67.71.250	true	false	high
cdn.gamma.app	104.18.11.200	true	false	high
canny.io	18.173.219.110	true	false	high
code.jquery.com	151.101.130.137	true	false	high
gamma.app	104.18.10.200	true	false	high
tunnel.googlezip.net	216.239.34.157	true	false	high
id.google.com	142.250.72.99	true	false	high
www.google.com	142.250.81.228	true	false	high
nexus-websocket-a.intercom.io	35.174.127.31	true	false	high
cdn.iframe.ly	52.85.61.100	true	false	high
c3.shared.global.fastly.net	151.101.194.217	true	false	high
js.intercomcdn.com	108.139.47.108	true	false	high
logx.optimizely.com	34.49.241.189	true	false	high
event-tracking-prod-1378027167.us-east-2.elb.amazonaws.com	18.118.124.252	true	false	high
plus.l.google.com	142.251.32.110	true	false	high
widget.intercom.io	13.249.91.44	true	false	high
clientstream-ga.launchdarkly.com	76.223.31.44	true	false	high
o698378.ingest.sentry.io	34.120.195.249	true	false	high
api.gamma.app	104.18.11.200	true	false	high
api-iam.intercom.io	107.21.58.159	true	false	high
signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org	104.21.58.182	true	false	unknown
cdn.optimizely.com	104.18.66.57	true	false	high
play.google.com	142.251.40.142	true	false	high
dns-tunnel-check.googlezip.net	216.239.34.159	true	false	high
challenges.cloudflare.com	104.18.95.41	true	false	high
a187838077.cdn.optimizely.com	104.18.65.57	true	false	high
front.dtf.ru	5.188.161.118	true	false	unknown
imgproxy.gamma.app	104.18.10.200	true	false	high
a1988.dscg1.akamai.net	23.204.152.142	true	false	high
cdn.jsdelivr.net	unknown	unknown	false	high
api.dtf.ru	unknown	unknown	true	unknown
use.typekit.net	unknown	unknown	false	high
clientstream.launchdarkly.com	unknown	unknown	false	high
app.launchdarkly.com	unknown	unknown	false	high
events.api.gamma.app	unknown	unknown	false	high
p.typekit.net	unknown	unknown	false	high
apis.google.com	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://otelrules.svc.static.microsoft/rules/rule701151v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule704001v0s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule702151v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule700151v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule703151v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule120630v0s19.xml	false		high
https://www.google.com/gen_204?atyp=csi&ei=jHXdZ72EIY78ptQPq-n0mAE&s=web&nt=navigate&t=fi&st=5386&fid=1&zx=1742566801257&opi=89978449	false	Avira URL Cloud: safe	unknown
https://signon-00000000700000ff3ce000000000009380000000.nibsaesthetics.org/page/images/enter.png	false	Avira URL Cloud: safe	unknown
https://app.launchdarkly.com/sdk/evalx/61e83cfd8ac5a016e6f0d0b6/contexts/eyJraW5kIjoibXVsdGkiLCJ1c2VyIjp7ImtleSI6ImxkX2Fub255bW91c191c2VyIiwiYW5vbnltb3VzIjp0cnVlLCJpc0dhbW1hRTJFIjpmYWxzZSwiaXNHYW1tYVVzZXIiOmZhbHNlLCJvcmdJZCI6Im5vX29yZ19pZCIsImlzTW9iaWxlRGV2aWNlIjpmYWxzZSwiZGVwbG95VGltZSI6MTc0MjUwMTY1NTQ2NSwiZGVwbG95bWVudEhhc2giOiI1dnUxNDd0MDMifX0?withReasons=true	false	Avira URL Cloud: safe	unknown
https://otelrules.svc.static.microsoft/rules/rule120663v0s19.xml	false		high
https://gamma.app/_next/static/chunks/9015.3da411409f75d0c1.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	false	Avira URL Cloud: safe	unknown
https://gamma.app/_next/static/chunks/9b583bcd-e94a9f27afcc219c.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	false	Avira URL Cloud: safe	unknown
https://otelrules.svc.static.microsoft/rules/rule120627v0s19.xml	false		high
https://www.google.com/async/bgasy?ei=jHXdZ72EIY78ptQPq-n0mAE&opi=89978449&rlz=1C1ONGR_enUS1154&yv=3&cs=0&async=_fmt:jspb	false	Avira URL Cloud: safe	unknown
https://otelrules.svc.static.microsoft/rules/rule700901v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule700400v2s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule701901v1s19.xml	false		high
https://gamma.app/_next/static/chunks/9006-f56c86c9a33d98d7.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	false	Avira URL Cloud: safe	unknown
https://app.launchdarkly.com/sdk/evalx/61e83cfd8ac5a016e6f0d0b6/contexts/eyJraW5kIjoibXVsdGkiLCJ1c2VyIjp7ImtleSI6ImxkX2Fub255bW91c191c2VyIiwiYW5vbnltb3VzIjp0cnVlLCJpc0dhbW1hRTJFIjpmYWxzZSwiaXNHYW1tYVVzZXIiOmZhbHNlLCJvcmdJZCI6Im5vX29yZ19pZCIsImlzTW9iaWxlRGV2aWNlIjpmYWxzZSwiZGVwbG95VGltZSI6MTc0MjUwMTY1NTQ2NSwiZGVwbG95bWVudEhhc2giOiI1dnUxNDd0MDMiLCJicm93c2VyIjp7Im5hbWUiOiJDaHJvbWUiLCJ2ZXJzaW9uIjoiMTM0LjAuMC4wIn0sImxvY2FsZSI6ImVuLVVTIiwibG9jYXRpb24iOnsiY2l0eSI6IiIsImNvdW50cnkiOiJVUyIsImxhdGl0dWRlIjozNy43NTEsImxvbmdpdHVkZSI6LTk3LjgyMn19fQ?withReasons=true	false	Avira URL Cloud: safe	unknown
https://otelrules.svc.static.microsoft/rules/rule120635v0s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule702901v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule703000v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule703450v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule700700v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule702000v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule702450v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule703750v0s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule703300v0s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule700450v1s19.xml	false		high
https://www.google.com/logos/doodles/2025/womens-college-basketball-tournament-first-round-2025-6753651837110737-shs.png	false	Avira URL Cloud: safe	unknown
https://otelrules.svc.static.microsoft/rules/rule701700v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule702700v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule700851v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule703701v0s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule701851v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule702851v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule120619v0s19.xml	false		high
https://gamma.app/favicons/favicon-192.svg	false		high
https://www.google.com/logos/doodles/2025/womens-college-basketball-tournament-first-round-2025-6753651837110737.2-s.png	false	Avira URL Cloud: safe	unknown
https://otelrules.svc.static.microsoft/rules/rule120622v0s19.xml	false		high
https://www.google.com/gen_204?atyp=i&ei=jHXdZ72EIY78ptQPq-n0mAE&ved=0ahUKEwi9-p6Xr5uMAxUOvokEHas0HRMQj5gNCCc&vet=10ahUKEwi9-p6Xr5uMAxUOvokEHas0HRMQj5gNCCc..i&bl=L2vL&s=web&zx=1742566801550&opi=89978449	false	Avira URL Cloud: safe	unknown
https://app.launchdarkly.com/sdk/evalx/61e83cfd8ac5a016e6f0d0b6/contexts/eyJraW5kIjoibXVsdGkiLCJ1c2VyIjp7ImtleSI6ImxkX2Fub255bW91c191c2VyIiwiYW5vbnltb3VzIjp0cnVlLCJpc0dhbW1hRTJFIjpmYWxzZSwiaXNHYW1tYVVzZXIiOmZhbHNlLCJvcmdJZCI6Im5vX29yZ19pZCIsImlzTW9iaWxlRGV2aWNlIjpmYWxzZSwiZGVwbG95VGltZSI6MTc0MjUwMTY1NTQ2NSwiZGVwbG95bWVudEhhc2giOiI1dnUxNDd0MDMifSwid29ya3NwYWNlIjp7ImtleSI6InV3amJibHNrN3lvdWZzZSIsIm5hbWUiOiJLcmlzIEtlbnRyeSdzIFdvcmtzcGFjZSIsInBsYW4iOiJwcm8ifX0?withReasons=true	false	Avira URL Cloud: safe	unknown
https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=jHXdZ72EIY78ptQPq-n0mAE&zx=1742566800383&opi=89978449	false	Avira URL Cloud: safe	unknown
https://gamma.app/_next/static/chunks/316-91fc125afa02f5ee.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	false	Avira URL Cloud: safe	unknown
https://otelrules.svc.static.microsoft/rules/rule120647v0s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule224900v0s19.xml	false		high
https://www.google.com/gen_204?atyp=i&ei=jHXdZ72EIY78ptQPq-n0mAE&vet=&bl=L2vL&s=web&zx=1742566801512&opi=89978449	false	Avira URL Cloud: safe	unknown
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&url=https%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3DEMAIL%2BEXAMPLE%26rlz%3D1C1ONGR_enUS1154%26oq%3DEMAIL%2BEXAMPLE%2B%26gs_lcrp%3DEgZjaHJvbWUyBggAEEUYOTINCAEQABiDARixAxiABDINCAIQABiDARixAxiABDIKCAMQABixAxiABDINCAQQABiDARixAxiABDINCAUQABiLAxixAxiABDIKCAYQABiLAxiABDIKCAcQABixAxiABDINCAgQABiLAxixAxiABDINCAkQABiLAxixAxiABNIBCDQ5MjFqMWo3qAIHsAIB8QWRqm0CxF8GZw%26sourceid%3Dchrome%26ie%3DUTF-8&pgcl=22&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE	false	Avira URL Cloud: safe	unknown
https://otelrules.svc.static.microsoft/rules/rule120668v0s19.xml	false		high
https://www.google.com/favicon.ico	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/jz29c/0x4AAAAAABBXfBg46pY59qVe/auto/fbE/new/normal/auto/	false	Avira URL Cloud: safe	unknown
https://gamma.app/_next/static/chunks/8911-147aa9985b4def82.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	false	Avira URL Cloud: safe	unknown
https://cdn.optimizely.com/js/20579410255.js	false		high
https://otelrules.svc.static.microsoft/rules/rule120128v0s19.xml	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=EMAIL+&oit=1&cp=6&pgcl=7&gs_rn=42&psi=jWz0QRewyfqI-Qea&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE	false	Avira URL Cloud: safe	unknown
https://api-iam.intercom.io/messenger/web/ping	false		high
https://otelrules.svc.static.microsoft/rules/rule120650v0s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule703051v3s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule120655v0s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule120614v0s19.xml	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/762234782:1742563506:qYmX7U20XhYaiQnjd3zwCfXYYbXJMvnWNqpRtP_BRis/923e143eb8b47289/HDGLYNW5zRJsYJcwtvgBzl4CXKhbYpwq4ChrlgtsvbY-1742566712-1.1.1.1-Qi3ZdbI3tssSUAH2A_7LDTYupnsHZk5.qjiBjKy4kyd5VFTxK4eXAP8.5cc2eivk	false	Avira URL Cloud: safe	unknown
https://otelrules.svc.static.microsoft/rules/rule120639v0s19.xml	false		high
https://gamma.app/_next/static/chunks/9639-adf3eebe6a0407b3.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	false	Avira URL Cloud: safe	unknown
https://otelrules.svc.static.microsoft/rules/rule702200v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule704050v0s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule120648v0s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule702500v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule703500v0s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule703950v0s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule700200v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule700500v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule701650v1s19.xml	false		high
https://gamma.app/_next/static/chunks/1035ef44-a82a0e0646431fa5.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	false	Avira URL Cloud: safe	unknown
https://clientstream.launchdarkly.com/eval/61e83cfd8ac5a016e6f0d0b6/eyJraW5kIjoibXVsdGkiLCJ1c2VyIjp7ImtleSI6ImxkX2Fub255bW91c191c2VyIiwiYW5vbnltb3VzIjp0cnVlLCJpc0dhbW1hRTJFIjpmYWxzZSwiaXNHYW1tYVVzZXIiOmZhbHNlLCJvcmdJZCI6Im5vX29yZ19pZCIsImlzTW9iaWxlRGV2aWNlIjpmYWxzZSwiZGVwbG95VGltZSI6MTc0MjUwMTY1NTQ2NSwiZGVwbG95bWVudEhhc2giOiI1dnUxNDd0MDMifSwid29ya3NwYWNlIjp7ImtleSI6InV3amJibHNrN3lvdWZzZSIsIm5hbWUiOiJLcmlzIEtlbnRyeSdzIFdvcmtzcGFjZSIsInBsYW4iOiJwcm8ifX0?withReasons=true	false	Avira URL Cloud: safe	unknown
https://otelrules.svc.static.microsoft/rules/rule224902v2s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule700950v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule120651v0s19.xml	false		high
https://www.google.com/complete/search?q=EMAIL%20EXAMPLE&cp=0&client=desktop-gws-wiz-on-focus-serp&xssi=t&gs_pcrt=3&hl=en&authuser=0&pq=EMAIL%20EXAMPLE&psi=jHXdZ72EIY78ptQPq-n0mAE.1742566799304&dpr=1&ofp=EAEY-vrfpMnHustpGMiulMbE653t5AEYx7KxzN344unkARjwwqqa19CCm00YzdDil9it5MPgATLtAQodChtlbWFpbCBleGFtcGxlcyBmb3Igc3R1ZGVudHMKFgoUZm9ybWFsIGVtYWlsIGV4YW1wbGUKFAoSMyBleGFtcGxlIG9mIGVtYWlsCiMKIWZvcm1hbCBlbWFpbCBleGFtcGxlIHRvIGEgY29tcGFueQojCiFlbWFpbCBleGFtcGxlIGZvciBqb2IgYXBwbGljYXRpb24KGAoWaW5mb3JtYWwgZW1haWwgZXhhbXBsZQohCh9wcm9mZXNzaW9uYWwgZW1haWwgZXhhbXBsZSBuYW1lChUKE2dvb2QgZW1haWwgZXhhbXBsZXMQRzJqChoKGFdoYXQgYXJlIGVtYWlsIGV4YW1wbGVzPwopCidXaGF0IGlzIGFuIGV4YW1wbGUgb2YgYW4gZW1haWwgYWRkcmVzcz8KHgocV2hhdCBpcyBhbiBleGFtcGxlIG9mIEdtYWlsPxDkAg	false	Avira URL Cloud: safe	unknown
https://otelrules.svc.static.microsoft/rules/rule120642v0s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule702950v1s19.xml	false		high
https://gamma.app/_next/static/chunks/2edb282b-c727a725ba9cab5d.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	false	Avira URL Cloud: safe	unknown
https://otelrules.svc.static.microsoft/rules/rule702651v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule120623v0s19.xml	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/923e143eb8b47289/1742566713381/08b038e53f3db981c0c5de6d1902889d2a906a97372af89bdc379aaef6bdd7ee/AnlkJDL3zYNBPEc	false	Avira URL Cloud: safe	unknown
https://otelrules.svc.static.microsoft/rules/rule702201v1s19.xml	false		high
https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=doc	false	Avira URL Cloud: safe	unknown
https://otelrules.svc.static.microsoft/rules/rule703951v0s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule120676v0s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule700651v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule700201v1s19.xml	false		high
https://www.google.com/xjs/_/ss/k=xjs.s.tWGBBDf-ZD4.L.B1.O/am=AOIhgBAAAAAIAAAAIQBUAAIAAAAAAAAAAAAAAAAAAAAAAAAASAAAAAABAAAAAAAAgAAAGAMiAIBQJgEaAAQQnBAAsgMAAAAAH8AhThWAAgAAAACAACABAAAAAAACAAIAQEIIAABEAQAAACAghDAAIACACQAAEAEAIBAAACAEBgAAGQAAAAAIAOQSAHEAAAQAwAAAwAEQACQAAABCYQEIAABACQEAAAAAACgAAAAgAACAEIAcgmEABBUABnAEAAAAACIAQCAAAAAIAAgBADAAoAAAECAAAPQAgAB8AABAAkQAACgAAxABQCEAIADABgAEAAAAJAAAAACgBQAOIwyAAAAAAAAAACABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAEAAAAAAAAAAAAAAAAAAAAAAAE/d=0/br=1/rs=ACT90oEEdVDYs-Vy_xluoaljbM9cdWK_zA/m=y05UD,PPhKqf,sy7ta,sy1yh,sy1wu,sy1fm,sy1x3,sy1x4,sy1xg,sy1d4,syqy,sy2n1,sy1wt,sy22e,sy22h,sy1j0,epYOx?xjs=s4	false	Avira URL Cloud: safe	unknown
https://events.launchdarkly.com/events/diagnostic/61e83cfd8ac5a016e6f0d0b6	false		high
https://gamma.app/_next/static/chunks/3d35b88c.89c8cbcdea31a14b.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	false	Avira URL Cloud: safe	unknown
https://gamma.app/_next/static/chunks/12-130ba82b2a3bc84a.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	false	Avira URL Cloud: safe	unknown
https://gamma.app/_next/static/chunks/9695-8f8ecdaf663cd4dd.js?dpl=dpl_3EByn9EZ3wQYLUPxbtrRf37bjZtu	false	Avira URL Cloud: safe	unknown
https://otelrules.svc.static.microsoft/rules/rule120670v0s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule120610v0s19.xml	false		high
https://js.intercomcdn.com/app-modern.182f2cf7.js	false	Avira URL Cloud: safe	unknown
https://otelrules.svc.static.microsoft/rules/rule701701v1s19.xml	false		high
https://otelrules.svc.static.microsoft/rules/rule702401v1s19.xml	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
172.67.71.250	assets.churnkey.co	United States	13335	CLOUDFLARENETUS	false
142.251.40.206	unknown	United States	15169	GOOGLEUS	false
13.249.91.44	widget.intercom.io	United States	16509	AMAZON-02US	false
35.174.127.31	nexus-websocket-a.intercom.io	United States	14618	AMAZON-AESUS	false
142.250.64.110	unknown	United States	15169	GOOGLEUS	false
151.101.130.137	code.jquery.com	United States	54113	FASTLYUS	false
142.250.80.3	unknown	United States	15169	GOOGLEUS	false
3.142.109.26	unknown	United States	16509	AMAZON-02US	false
34.49.241.189	logx.optimizely.com	United States	2686	ATGS-MMD-ASUS	false
142.251.40.174	unknown	United States	15169	GOOGLEUS	false
108.139.47.108	js.intercomcdn.com	United States	16509	AMAZON-02US	false
142.251.35.174	unknown	United States	15169	GOOGLEUS	false
142.250.80.35	unknown	United States	15169	GOOGLEUS	false
142.250.65.170	unknown	United States	15169	GOOGLEUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
104.18.65.57	a187838077.cdn.optimizely.com	United States	13335	CLOUDFLARENETUS	false
142.250.65.174	unknown	United States	15169	GOOGLEUS	false
107.21.41.111	unknown	United States	14618	AMAZON-AESUS	false
104.18.95.41	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
142.250.80.74	unknown	United States	15169	GOOGLEUS	false
142.250.80.78	unknown	United States	15169	GOOGLEUS	false
142.251.40.142	play.google.com	United States	15169	GOOGLEUS	false
142.250.65.206	unknown	United States	15169	GOOGLEUS	false
76.223.31.44	clientstream-ga.launchdarkly.com	United States	16509	AMAZON-02US	false
142.251.32.110	plus.l.google.com	United States	15169	GOOGLEUS	false
142.250.72.99	id.google.com	United States	15169	GOOGLEUS	false
52.85.61.100	cdn.iframe.ly	United States	16509	AMAZON-02US	false
142.250.72.110	unknown	United States	15169	GOOGLEUS	false
142.251.41.2	unknown	United States	15169	GOOGLEUS	false
104.18.66.57	cdn.optimizely.com	United States	13335	CLOUDFLARENETUS	false
142.251.40.227	unknown	United States	15169	GOOGLEUS	false
142.250.176.206	unknown	United States	15169	GOOGLEUS	false
142.251.32.99	unknown	United States	15169	GOOGLEUS	false
104.18.10.200	gamma.app	United States	13335	CLOUDFLARENETUS	false
107.21.58.159	api-iam.intercom.io	United States	14618	AMAZON-AESUS	false
142.250.80.42	unknown	United States	15169	GOOGLEUS	false
142.251.41.14	unknown	United States	15169	GOOGLEUS	false
142.251.32.106	unknown	United States	15169	GOOGLEUS	false
151.101.194.217	c3.shared.global.fastly.net	United States	54113	FASTLYUS	false
18.118.124.252	event-tracking-prod-1378027167.us-east-2.elb.amazonaws.com	United States	3	MIT-GATEWAYSUS	false
3.219.189.64	events.launchdarkly.com	United States	14618	AMAZON-AESUS	false
23.204.152.142	a1988.dscg1.akamai.net	United States	20940	AKAMAI-ASN1EU	false
104.16.79.73	static.cloudflareinsights.com	United States	13335	CLOUDFLARENETUS	false
151.101.1.229	jsdelivr.map.fastly.net	United States	54113	FASTLYUS	false
18.173.219.110	canny.io	United States	3	MIT-GATEWAYSUS	false
142.250.81.228	www.google.com	United States	15169	GOOGLEUS	false
5.188.161.118	front.dtf.ru	Russian Federation	49505	SELECTELRU	false
23.204.152.134	a1874.dscg1.akamai.net	United States	20940	AKAMAI-ASN1EU	false
151.101.2.217	unknown	United States	54113	FASTLYUS	false
172.67.162.108	unknown	United States	13335	CLOUDFLARENETUS	false
104.18.11.200	cdn.gamma.app	United States	13335	CLOUDFLARENETUS	false
34.120.195.249	o698378.ingest.sentry.io	United States	15169	GOOGLEUS	false
142.250.31.84	unknown	United States	15169	GOOGLEUS	false
44.194.233.247	unknown	United States	14618	AMAZON-AESUS	false
216.239.34.157	tunnel.googlezip.net	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.17
192.168.2.26

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1645242
Start date and time:	2025-03-21 15:17:33 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://api.dtf.ru/v2.8/redirect?to=https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=doc
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	14
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal60.phis.win@33/0@101/407

Warnings

Exclude process from analysis (whitelisted): SIHClient.exe, SgrmBroker.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.65.206, 142.250.80.3, 142.250.64.110, 142.250.31.84, 142.250.64.78, 142.251.40.142, 142.250.80.74, 142.250.80.35, 142.250.65.238, 172.202.163.200, 184.31.69.3
Excluded domains from analysis (whitelisted): fonts.googleapis.com, fs.microsoft.com, clients2.google.com, accounts.google.com, redirector.gvt1.com, slscr.update.microsoft.com, fonts.gstatic.com, clientservices.googleapis.com, clients.l.google.com, fe3cr.delivery.mp.microsoft.com
HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtOpenFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://api.dtf.ru/v2.8/redirect?to=https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=doc

Created / dropped Files

⊘No created / dropped files found

Static File Info

⊘No static file info

Description:	Adversaries may abuse Internet browser extensions to establish persistent access to victim systems. Browser extensions or plugins are small programs that can add functionality and customize aspects of Internet browsers. They can be installed directly or through a browser's app store and generally have access and permissions to everything that the browser can access.
Tactics:	Persistence
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Process: Process Creation, Windows Registry: Windows Registry Key Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject malicious code into process via Extra Window Memory (EWM) in order to evade process-based defenses as well as possibly elevate privileges. EWM injection is a method of executing arbitrary code in the address space of a separate live process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	Process: OS API Execution
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer ) may leave traces to indicate to what was done within a network and how. Removal of these files can occur during an intrusion, or as part of a post-intrusion process to minimize the adversary's footprint.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Deletion
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols associated with web traffic to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://api.dtf.ru/v2.8/redirect?to=https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=doc

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

HTML

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Created / dropped Files

Static File Info

Windows Analysis Report
https://api.dtf.ru/v2.8/redirect?to=https://gamma.app/docs/Incoming-PDF-Document-ga28akpd8nljjf8?mode=doc