Windows Analysis Report
https://go2.israelandafrica.com/f/a/y5H0bDO4woHaMQouJjYlOfq~~/OMbOowf~/aHR0cDovL0N1cmF0ZWJpby5VU0VSaEJNWUkubXNibG9nZ2VyLmNvbS5hdS9qYXNvbi53YWxzaEBjdXJhdGViaW8uY29t

Overview

General Information

Sample URL:	https://go2.israelandafrica.com/f/a/y5H0bDO4woHaMQouJjYlOfq~~/OMbOowf~/aHR0cDovL0N1cmF0ZWJpby5VU0VSaEJNWUkubXNibG9nZ2VyLmNvbS5hdS9qYXNvbi53YWxzaEBjdXJhdGViaW8uY29t
Analysis ID:	17568
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus detection for URL or domain

Sample execution stops while process was sleeping (likely an evasion)

Yara signature match

Found iframes

No HTML title found

Classification

Signatures

AV Detection

Antivirus detection for URL or domain

Source: https://pretoeadvogadosassociados.adv.br/gert/gert.html#amFzb24ud2Fsc2hAY3VyYXRlYmlvLmNvbQ==

SlashNext: Label: Credential Stealing type: Phishing & Social Engineering

Found iframes

Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-NL5LTF
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C&co=aHR0cHM6Ly93d3cuYnV5ZG9tYWlucy5jb206NDQz&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=y189nut6t10x
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://accounts.google.com/o/oauth2/iframe#origin=https%3A%2F%2Fwww.buydomains.com&rpcToken=248487890.4473936&clearCache=1
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://6928088.fls.doubleclick.net/activityi;src=6928088;type=remar0;cat=bd-al0;ord=5403398804933;u=elitesoldiers.com;gtm=45He32r0;auiddc=1118355647.1677695847;u2=elitesoldiers.com;u1=unknown%20value;~oref=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect?
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-NL5LTF
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C&co=aHR0cHM6Ly93d3cuYnV5ZG9tYWlucy5jb206NDQz&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=y189nut6t10x
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://accounts.google.com/o/oauth2/iframe#origin=https%3A%2F%2Fwww.buydomains.com&rpcToken=248487890.4473936&clearCache=1
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://6928088.fls.doubleclick.net/activityi;src=6928088;type=remar0;cat=bd-al0;ord=5403398804933;u=elitesoldiers.com;gtm=45He32r0;auiddc=1118355647.1677695847;u2=elitesoldiers.com;u1=unknown%20value;~oref=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect?
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-NL5LTF
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C&co=aHR0cHM6Ly93d3cuYnV5ZG9tYWlucy5jb206NDQz&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=y189nut6t10x
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://accounts.google.com/o/oauth2/iframe#origin=https%3A%2F%2Fwww.buydomains.com&rpcToken=248487890.4473936&clearCache=1
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://6928088.fls.doubleclick.net/activityi;src=6928088;type=remar0;cat=bd-al0;ord=5403398804933;u=elitesoldiers.com;gtm=45He32r0;auiddc=1118355647.1677695847;u2=elitesoldiers.com;u1=unknown%20value;~oref=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect?
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C

No HTML title found

Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: HTML title missing
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: HTML title missing
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: HTML title missing

Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: No <meta name="author".. found
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: No <meta name="author".. found
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: No <meta name="author".. found

Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: No <meta name="copyright".. found
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: No <meta name="copyright".. found
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\GoogleUpdater

Jump to behavior

Source: unknown

DNS traffic detected: queries for: clients2.google.com

Source: global traffic

HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 01 Mar 2023 18:36:07 GMTServer: ApacheUpgrade: h2,h2cConnection: Upgrade, Keep-AliveVary: Accept-EncodingContent-Encoding: gzipContent-Length: 208Keep-Alive: timeout=5, max=75Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e c1 6e c2 30 10 44 ef f9 0a d7 bd db 28 d0 1e 90 63 09 b5 70 42 a5 a0 0a 35 47 c7 d9 c4 46 0e 8e ec c5 81 7e 7d 13 72 d9 79 9a 59 69 46 bc 7c 1e 3e 7e ca ef 2d 31 d8 39 2a 33 31 a9 cc 08 11 06 54 3d c1 88 68 d1 81 3c 41 b2 30 ac 09 59 34 8d d5 b0 7c 7f 13 7c 4e e6 af a8 83 ed 91 e0 a3 87 82 22 dc 91 5f 54 52 b3 4b e5 60 af b5 1f 98 f3 5a a1 f5 57 66 02 34 a4 20 d4 20 f6 71 cd 79 1f 00 fd 58 99 7c ab 6a 1f 55 8c 5e db 89 d8 e8 b1 2a f0 16 02 3e 0f 9b 26 be aa 6e f7 57 e5 ab 5b 9d ef a2 ce cd a6 5c 9e 1f e5 ef c9 95 9d 4b fb ee 2b 55 c7 a2 a0 82 cf f5 32 fb 07 f5 dd 2c 90 e9 00 00 00 Data Ascii: %n0D(cpB5GF~}ryYiF|>~-19*31T=h<A0Y4||N"_TRK`ZWf4 qyX|jU^*>&nW[\K+U2,

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50054
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50056
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50057
Source: unknown	Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 50039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 50010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 50034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50040 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown	Network traffic detected: HTTP traffic on port 50049 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50030
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50039
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 50038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 50011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50031
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50038
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50050 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50040
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50043
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50042
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50049
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50048
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50050
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 50020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown	Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50019 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 49937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 50030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.102&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmiedaX-Goog-Update-Updater: chromecrx-104.0.5112.102Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /f/a/y5H0bDO4woHaMQouJjYlOfq~~/OMbOowf~/aHR0cDovL0N1cmF0ZWJpby5VU0VSaEJNWUkubXNibG9nZ2VyLmNvbS5hdS9qYXNvbi53YWxzaEBjdXJhdGViaW8uY29t HTTP/1.1Host: go2.israelandafrica.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /gert/gert.html HTTP/1.1Host: pretoeadvogadosassociados.adv.brConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: http://curatebio.userhbmyi.msblogger.com.au/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: pretoeadvogadosassociados.adv.brConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pretoeadvogadosassociados.adv.br/gert/gert.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://pretoeadvogadosassociados.adv.brsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://pretoeadvogadosassociados.adv.br/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_sms_27a6d18b56f46818420e60a773c36d4e.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pretoeadvogadosassociados.adv.br/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_call_fe87496cc7a44412f7893a72099c120a.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pretoeadvogadosassociados.adv.br/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_fluent_authenticator_b59c16ca9bf156438a8a96d45e33db64.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pretoeadvogadosassociados.adv.br/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /async/ddljson?async=ntp:2 HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c&oit=1&cp=1&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2&oit=1&cp=2&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.&oit=1&cp=3&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.e&oit=1&cp=4&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.el&oit=1&cp=5&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.eli&oit=1&cp=6&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elit&oit=1&cp=7&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elite&oit=1&cp=8&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elites&oit=1&cp=9&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.eliteso&oit=1&cp=10&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesol&oit=1&cp=11&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesold&oit=1&cp=12&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesolde&oit=1&cp=13&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesolder&oit=1&cp=14&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesolde&oit=1&cp=13&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesold&oit=1&cp=12&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldi&oit=1&cp=13&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldie&oit=1&cp=14&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldier&oit=1&cp=15&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers&oit=1&cp=16&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers.&oit=1&cp=17&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers.c&oit=1&cp=18&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers.co&oit=3&cp=19&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers.com&oit=3&cp=20&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect HTTP/1.1Host: www.buydomains.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /browser/js/worker/workerJS.min.js HTTP/1.1Host: www.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirectAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=m1jigcpdmqaorcrvdh2m0l8s15; USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new
Source: global traffic	HTTP traffic detected: GET //browser/css/lander/g/lander-v7.css?version=2023-02-09-1 HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new
Source: global traffic	HTTP traffic detected: GET //eloqua.js?version=2023-02-09-1 HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new
Source: global traffic	HTTP traffic detected: GET //trackingParams.js?version=2023-02-09-1 HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new
Source: global traffic	HTTP traffic detected: GET //google_oauth.js?version=2023-02-09-1 HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new
Source: global traffic	HTTP traffic detected: GET /browser/js/vendor/genesys-chat-widgets.min.css HTTP/1.1Host: www.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirectAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=m1jigcpdmqaorcrvdh2m0l8s15; USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new
Source: global traffic	HTTP traffic detected: GET /browser/js/vendor/genesys-chat-widgets.min.js HTTP/1.1Host: www.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirectAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=m1jigcpdmqaorcrvdh2m0l8s15; USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET //browser/img/tdfs/logo-custom.svg?version=2023-02-09-1 HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new
Source: global traffic	HTTP traffic detected: GET /widgets/9.0/cxbus.min.js HTTP/1.1Host: apps.mypurecloud.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET //browser/js/vendor/elqCfg.min.js?version=2023-02-09-1 HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true
Source: global traffic	HTTP traffic detected: GET /browser/img/icons/person-24px.svg HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://static.buydomains.com//browser/css/lander/g/lander-v7.css?version=2023-02-09-1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true
Source: global traffic	HTTP traffic detected: GET /browser/img/icons/email-24px.svg HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://static.buydomains.com//browser/css/lander/g/lander-v7.css?version=2023-02-09-1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true
Source: global traffic	HTTP traffic detected: GET /browser/img/icons/local-phone-24px.svg HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://static.buydomains.com//browser/css/lander/g/lander-v7.css?version=2023-02-09-1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true
Source: global traffic	HTTP traffic detected: GET /browser/html/offendingChars.html HTTP/1.1Host: www.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirectAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=m1jigcpdmqaorcrvdh2m0l8s15; USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true
Source: global traffic	HTTP traffic detected: GET /browser/img/icons/public-24px.svg HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://static.buydomains.com//browser/css/lander/g/lander-v7.css?version=2023-02-09-1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true
Source: global traffic	HTTP traffic detected: GET /get-user-country-info/ HTTP/1.1Host: www.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirectAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=m1jigcpdmqaorcrvdh2m0l8s15; USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true
Source: global traffic	HTTP traffic detected: GET /get-user-fields HTTP/1.1Host: www.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirectAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=m1jigcpdmqaorcrvdh2m0l8s15; USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true
Source: global traffic	HTTP traffic detected: GET /browser/img/icons/selectArrowGrey.svg HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://static.buydomains.com//browser/css/lander/g/lander-v7.css?version=2023-02-09-1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true
Source: global traffic	HTTP traffic detected: GET /browser/img/icons/checkmark-blue.svg HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://static.buydomains.com//browser/css/lander/g/lander-v7.css?version=2023-02-09-1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true
Source: global traffic	HTTP traffic detected: GET /scripttemplates/otSDKStub.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /locale/detect?timestamp=1677695845259 HTTP/1.1Host: api.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://www.buydomains.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /o/oauth2/iframe HTTP/1.1Host: accounts.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9X-Chrome-ID-Consistency-Request: version=1,client_id=77185425430.apps.googleusercontent.com,device_id=5ed65fba-9b05-4097-a6cd-ff5b0cbc5f02,signin_mode=all_accounts,signout_mode=show_confirmationX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C&co=aHR0cHM6Ly93d3cuYnV5ZG9tYWlucy5jb206NDQz&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=y189nut6t10x HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /widgets/9.0/plugins/widgets-core.min.js HTTP/1.1Host: apps.mypurecloud.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/91181fd5-0816-4a3d-8427-63a8d53f717e/91181fd5-0816-4a3d-8427-63a8d53f717e.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.buydomains.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"accept: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://www.buydomains.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /visitor/v200/svrGP?pps=70&siteid=1731649222&ref=&ms=235 HTTP/1.1Host: s1731649222.t.eloqua.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /visitor/v200/svrGP?pps=3&siteid=1731649222&ref2=elqNone&tzo=-60&ms=235&optin=disabled HTTP/1.1Host: s1731649222.t.eloqua.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202301.2.0/otBannerSdk.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/91181fd5-0816-4a3d-8427-63a8d53f717e/6cb1a7b0-5ed5-4585-b708-bbbfbee82576/en.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.buydomains.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /visitor/v200/svrGP.aspx?pps=70&siteid=1731649222&ref=&ms=235&elqCookie=1 HTTP/1.1Host: s1731649222.t.eloqua.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ELOQUA=GUID=6A806887AE3B4ECD9B6A7B9D26F28171; ELQSTATUS=OK
Source: global traffic	HTTP traffic detected: GET /o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.buydomains.com&client_id=26200011094-f6n31v26gh6o5hsjh2960tei8tdeiq28.apps.googleusercontent.com HTTP/1.1Host: accounts.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"X-Requested-With: XmlHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Chrome-ID-Consistency-Request: version=1,client_id=77185425430.apps.googleusercontent.com,device_id=5ed65fba-9b05-4097-a6cd-ff5b0cbc5f02,signin_mode=all_accounts,signout_mode=show_confirmationX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://accounts.google.com/o/oauth2/iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /webfonts/roboto.css HTTP/1.1Host: apps.mypurecloud.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c/hotjar-541823.js?sv=7 HTTP/1.1Host: static.hotjar.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202301.2.0/assets/otFloatingRoundedCorner.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.buydomains.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202301.2.0/assets/v2/otPcCenter.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.buydomains.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /webfonts/fonts/roboto-v29-latin-700.woff2 HTTP/1.1Host: apps.mypurecloud.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://www.buydomains.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://apps.mypurecloud.com/webfonts/roboto.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /en_US/sdk.js HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202301.2.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.buydomains.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /activityi;src=6928088;type=remar0;cat=bd-al0;ord=5403398804933;u=elitesoldiers.com;gtm=45He32r0;auiddc=1118355647.1677695847;u2=elitesoldiers.com;u1=unknown%20value;~oref=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect? HTTP/1.1Host: 6928088.fls.doubleclick.netConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlM32rdqga-RSO5Voy8fUNR1tvsqN2FvOOy20WgI0Ay2Wi2lSPaBZvDvgI6sjE
Source: global traffic	HTTP traffic detected: GET /modules.3bdf981e73ecd1bf9fca.js HTTP/1.1Host: script.hotjar.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/1067119116/?random=1677695847339&cv=11&fst=1677695847339&bg=ffffff&guid=ON&async=1&gtm=45He32r0&u_w=1280&u_h=1024&label=9jrJCIX4tW0QjOTr_AM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect&tiba=Buy%20Domains%20-%20elitesoldiers.com%20is%20for%20sale!&auid=1118355647.1677695847&uaa=x86&uab=64&uafvl=Chromium%3B104.0.5112.102%7C%2520Not%2520A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B104.0.5112.102&uamb=0&uap=Windows&uapv=8.0.0&uaw=0&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlM32rdqga-RSO5Voy8fUNR1tvsqN2FvOOy20WgI0Ay2Wi2lSPaBZvDvgI6sjE
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C&co=aHR0cHM6Ly93d3cuYnV5ZG9tYWlucy5jb206NDQz&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=y189nut6t10xAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /A136666-2811-40ba-bff2-3df3af8bc2ae1.js HTTP/1.1Host: d.impactradius-event.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /en_US/sdk.js?hash=bc91546a6be007a51eb44b9f223eb53e HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://www.buydomains.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/bframe?hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /activityi;dc_pre=CPyky4iwu_0CFSoFewodco0BhQ;src=6928088;type=remar0;cat=bd-al0;ord=5403398804933;u=elitesoldiers.com;gtm=45He32r0;auiddc=1118355647.1677695847;u2=elitesoldiers.com;u1=unknown%20value;~oref=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect? HTTP/1.1Host: 6928088.fls.doubleclick.netConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlM32rdqga-RSO5Voy8fUNR1tvsqN2FvOOy20WgI0Ay2Wi2lSPaBZvDvgI6sjE
Source: global traffic	HTTP traffic detected: GET /webfonts/fonts/roboto-v29-latin-regular.woff2 HTTP/1.1Host: apps.mypurecloud.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://www.buydomains.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://apps.mypurecloud.com/webfonts/roboto.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /webfonts/fonts/roboto-v29-latin-700.woff HTTP/1.1Host: apps.mypurecloud.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://www.buydomains.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://apps.mypurecloud.com/webfonts/roboto.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/ot_close.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ddm/fls/z/dc_pre=CPyky4iwu_0CFSoFewodco0BhQ;src=6928088;type=remar0;cat=bd-al0;ord=5403398804933;u=elitesoldiers.com;gtm=45He32r0;auiddc=;u2=elitesoldiers.com;u1=unknown%20value;~oref=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect HTTP/1.1Host: adservice.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://6928088.fls.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /logos/static/ot_guard_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.buydomains.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/evnt/?adv=b7xg2v6&ct=0:92joh6v&fmt=3 HTTP/1.1Host: insight.adsrvr.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://6928088.fls.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/03213524-9e9e-4852-a3ab-334c10e24fe4/a4e57db3-75be-4450-843d-640b760b40c3/c63e0daa-fd7e-4ff3-8fa1-3bc8b00d8047/BlankImg.png HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/powered_by_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET //browser/img/favicon.ico?version=2023-02-09-1 HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://www.buydomains.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/1067119116/?random=1677695847339&cv=11&fst=1677693600000&bg=ffffff&guid=ON&async=1&gtm=45He32r0&u_w=1280&u_h=1024&label=9jrJCIX4tW0QjOTr_AM&frm=0&url=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect&tiba=Buy%20Domains%20-%20elitesoldiers.com%20is%20for%20sale!&fmt=3&is_vtc=1&cid=CAQSKQDUE5ymrYICgWv1O0klvpjD4kJNJMwZyD1GXm_vEaFB9wJ2QNMEPVhc&random=1690235126&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47761645-6&cid=95733560.1677695849&jid=460476489&_u=YGBAgEABAAAAAEgAI~&z=108882502 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /webfonts/fonts/roboto-v29-latin-regular.woff HTTP/1.1Host: apps.mypurecloud.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://www.buydomains.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://apps.mypurecloud.com/webfonts/roboto.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47761645-6&cid=95733560.1677695849&jid=262765478&_u=YGDAAEABAAAAAGgCI~&z=355222334 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET //browser/img/favicon.ico?version=2023-02-09-1 HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true; utm_medium=%22direct-visit%22; _gcl_au=1.1.1118355647.1677695847; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Mar+01+2023+19%3A37%3A28+GMT%2B0100+(Central+European+Standard+Time)&version=202301.2.0&isIABGlobal=false&hosts=&consentId=2145276b-5dce-4803-b23a-2a2cdf229021&interactionCount=0&landingPath=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1; _hjSessionUser_541823=eyJpZCI6IjNiYzMzN2U4LTE5MjYtNWQxNC05YWFiLTFlZWUyNjkzMGYwMCIsImNyZWF0ZWQiOjE2Nzc2OTU4NDg0OTEsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample_541823=1; _hjSession_541823=eyJpZCI6IjY4MDY1NmExLWRhZjYtNDNiZi1hZDA4LTMyY2YxMzhmZTExYyIsImNyZWF0ZWQiOjE2Nzc2OTU4NDg1MDYsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0; _ga=GA1.2.95733560.1677695849; _gid=GA1.2.213938997.1677695849; _dc_gtm_UA-47761645-6=1; _gat_UA-69116836-15=1; _gat_UA-47761645-6=1
Source: global traffic	HTTP traffic detected: GET /version.html HTTP/1.1Host: www.buydomains.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Content-type: application/x-www-form-urlencodedAccept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/browser/js/worker/workerJS.min.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=m1jigcpdmqaorcrvdh2m0l8s15; USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true; G_ENABLED_IDPS=google; utm_medium=%22direct-visit%22; _gcl_au=1.1.1118355647.1677695847; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Mar+01+2023+19%3A37%3A28+GMT%2B0100+(Central+European+Standard+Time)&version=202301.2.0&isIABGlobal=false&hosts=&consentId=2145276b-5dce-4803-b23a-2a2cdf229021&interactionCount=0&landingPath=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1; _hjSessionUser_541823=eyJpZCI6IjNiYzMzN2U4LTE5MjYtNWQxNC05YWFiLTFlZWUyNjkzMGYwMCIsImNyZWF0ZWQiOjE2Nzc2OTU4NDg0OTEsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample_541823=1; _hjSession_541823=eyJpZCI6IjY4MDY1NmExLWRhZjYtNDNiZi1hZDA4LTMyY2YxMzhmZTExYyIsImNyZWF0ZWQiOjE2Nzc2OTU4NDg1MDYsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0; _ga=GA1.2.95733560.1677695849; _gid=GA1.2.213938997.1677695849; _dc_gtm_UA-47761645-6=1; _gat_UA-69116836-15=1; _gat_UA-47761645-6=1
Source: global traffic	HTTP traffic detected: GET /ddm/fls/z/dc_pre=CPyky4iwu_0CFSoFewodco0BhQ;src=6928088;type=remar0;cat=bd-al0;ord=5403398804933;u=elitesoldiers.com;gtm=45He32r0;auiddc=;u2=elitesoldiers.com;u1=unknown%20value;~oref=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect HTTP/1.1Host: adservice.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://6928088.fls.doubleclick.netsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://6928088.fls.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/evnt/?adv=b7xg2v6&ct=0:92joh6v&fmt=3 HTTP/1.1Host: insight.adsrvr.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://6928088.fls.doubleclick.netsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://6928088.fls.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /aid/2882483596352441248/bc.vms4/vms.js HTTP/1.1Host: vmss.boldchat.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trk/4/s/a-685a7abb/d/www.qa.buydomains.com/479339224-0?mr=t1545228048&mi=%272.106500537.1677695849599%27&mt=!n&cs=!f&e=!(viewPage,gt)&pt=unknown&r=%27%27&sw=1280&sh=1024&sc=24&j=!f&u=%27https://www.buydomains.com/lander/elitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect%27&fl=!f&hvc=!t&eoq=!t HTTP/1.1Host: d.monetate.netConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /visitor-token-service/visitor-token HTTP/1.1Host: visitor-services.boldchat.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.buydomains.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /aid/2882483596352441248/api/v1/extendedvisitorinfo/setup HTTP/1.1Host: vms.boldchat.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.buydomains.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /aid/2882483596352441248/bc.pv?script=true&securevm=true&&blur=false&vm=true&poll=65000&swidth=1280&sheight=1024&sdpi=96&url=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect&wdid=2943214817915460751&idid=815288250086333991&1677695850978&tabIdentifier=6110055183325786431&clientScheme=https&visitorTrackingAllowed=true&visitorToken=7036766419288412160&_bcvm_vrid_=true&_bcvm_vid_combined=1677695850980Sundefined&_bcvm_vrid_combined=1677695850980Sundefined&&hasbutton=false HTTP/1.1Host: vms.boldchat.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bc.visitor_token=7036766419288412160
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c&oit=1&cp=1&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2&oit=1&cp=2&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.&oit=1&cp=3&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.e&oit=1&cp=4&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /ddm/fls/z/dc_pre=CPyky4iwu_0CFSoFewodco0BhQ;src=6928088;type=remar0;cat=bd-al0;ord=5403398804933;u=elitesoldiers.com;gtm=45He32r0;auiddc=;u2=elitesoldiers.com;u1=unknown%20value;~oref=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect HTTP/1.1Host: adservice.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://6928088.fls.doubleclick.netsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://6928088.fls.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/evnt/?adv=b7xg2v6&ct=0:92joh6v&fmt=3 HTTP/1.1Host: insight.adsrvr.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://6928088.fls.doubleclick.netsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://6928088.fls.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.el&oit=1&cp=5&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.eli&oit=1&cp=6&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elit&oit=1&cp=7&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elite&oit=1&cp=8&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elites&oit=1&cp=9&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.eliteso&oit=1&cp=10&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesol&oit=1&cp=11&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesold&oit=1&cp=12&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldi&oit=1&cp=13&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldie&oit=1&cp=14&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldier&oit=1&cp=15&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers&oit=1&cp=16&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers.&oit=1&cp=17&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers.o&oit=1&cp=18&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers.org&oit=3&cp=20&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: c2.elitesoldiers.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: c2.elitesoldiers.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://c2.elitesoldiers.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jason.walsh@curatebio.com HTTP/1.1Host: curatebio.userhbmyi.msblogger.com.auConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: c2.elitesoldiers.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=utf-8Date: Wed, 01 Mar 2023 18:37:52 GMTContent-Length: 9Connection: close

Source: unknown

HTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704

Yara signature match

Source: 93690.0.pages.csv, type: HTML

Matched rule: SUSP_obfuscated_JS_obfuscatorio date = 2021-08-25, author = @imp0rtp3, description = Detects JS obfuscation done by the js obfuscator (often malicious), score = , reference = https://obfuscator.io

Source: classification engine

Classification label: mal48.win@43/2@48/35

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://go2.israelandafrica.com/f/a/y5H0bDO4woHaMQouJjYlOfq~~/OMbOowf~/aHR0cDovL0N1cmF0ZWJpby5VU0VSaEJNWUkubXNibG9nZ2VyLmNvbS5hdS9qYXNvbi53YWxzaEBjdXJhdGViaW8uY29t
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1824,i,3608302658647549143,7935353812338714585,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1824,i,3608302658647549143,7935353812338714585,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1288:304:WilStaging_02
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1288:120:WilError_02

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\GoogleUpdater

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\GoogleUpdater

Jump to behavior

Source: C:\Windows\System32\conhost.exe

Process information set: NOOPENFILEERRORBOX

Jump to behavior

Sample execution stops while process was sleeping (likely an evasion)

Source: C:\Windows\System32\conhost.exe

Last function: Thread delayed

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
18.66.97.37	static-cdn.hotjar.com	United States	3	MIT-GATEWAYSUS	false
54.161.222.185	d.monetate-prod.zone	United States	14618	AMAZON-AESUS	false
207.148.248.143	c2.elitesoldiers.com	United States	29873	BIZLAND-SDUS	false
66.102.1.154	stats.g.doubleclick.net	United States	15169	GOOGLEUS	false
216.172.172.189	pretoeadvogadosassociados.adv.br	United States	46606	UNIFIEDLAYER-AS-1US	false
3.33.220.150	insight.adsrvr.org	United States	8987	AMAZONEXPANSIONGB	false
64.225.112.96	luvtimwrtytrinity.com	United States	14061	DIGITALOCEAN-ASNUS	false
192.185.192.12	curatebio.userhbmyi.msblogger.com.au	United States	46606	UNIFIEDLAYER-AS-1US	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
194.87.151.158	c2.elitesoldiers.org	Russian Federation	208544	PAUTINA05RU	false
13.107.237.45	part-0017.t-0009.fdv2-t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
172.217.18.102	dart.l.doubleclick.net	United States	15169	GOOGLEUS	false
18.157.190.196	visitor-services.bold360.com	United States	16509	AMAZON-02US	false
172.217.18.100	unknown	United States	15169	GOOGLEUS	false
18.66.147.47	script.hotjar.com	United States	3	MIT-GATEWAYSUS	false
52.41.47.191	rpc-dc19.bold360.com	United States	16509	AMAZON-02US	false
54.200.68.184	unknown	United States	16509	AMAZON-02US	false
142.0.173.27	p01g.t.eloqua.com	United States	7160	NETDYNAMICSUS	false
142.250.181.237	unknown	United States	15169	GOOGLEUS	false
207.148.248.128	api.buydomains.com	United States	29873	BIZLAND-SDUS	false
52.204.155.250	nginx-alb-routed-321992225.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
104.17.24.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
13.32.99.51	d1pux066p3zvi3.cloudfront.net	United States	16509	AMAZON-02US	false
207.148.248.132	www.buydomains.com	United States	29873	BIZLAND-SDUS	false
142.250.181.226	adservice.google.com	United States	15169	GOOGLEUS	false
104.18.43.158	privacyportal.onetrust.com	United States	13335	CLOUDFLARENETUS	false
172.64.144.98	geolocation.onetrust.com	United States	13335	CLOUDFLARENETUS	false
142.250.185.174	clients.l.google.com	United States	15169	GOOGLEUS	false
35.186.249.72	d.impactradius-event.com	United States	15169	GOOGLEUS	false
142.250.181.228	unknown	United States	15169	GOOGLEUS	false
157.240.253.1	scontent.xx.fbcdn.net	United States	32934	FACEBOOKUS	false
104.19.188.97	cdn.cookielaw.org	United States	13335	CLOUDFLARENETUS	false
216.58.212.141	accounts.google.com	United States	15169	GOOGLEUS	false
44.239.25.130	analytics.audioeye.com	United States	16509	AMAZON-02US	false

Private

IP
127.0.0.1

Contacted Domains

Name	IP	Active
www.buydomains.com	207.148.248.132	true
dart.l.doubleclick.net	172.217.18.102	true
visitor-services.bold360.com	18.157.190.196	true
rpc-dc19.bold360.com	52.41.47.191	true
pretoeadvogadosassociados.adv.br	216.172.172.189	true
adservice.google.com	142.250.181.226	true
p01g.t.eloqua.com	142.0.173.27	true
nginx-alb-routed-321992225.us-east-1.elb.amazonaws.com	52.204.155.250	true
stats.g.doubleclick.net	66.102.1.154	true
insight.adsrvr.org	3.33.220.150	true
scontent.xx.fbcdn.net	157.240.253.1	true
privacyportal.onetrust.com	104.18.43.158	true
script.hotjar.com	18.66.147.47	true
cdnjs.cloudflare.com	104.17.24.14	true
curatebio.userhbmyi.msblogger.com.au	192.185.192.12	true
c2.elitesoldiers.org	194.87.151.158	true
d.monetate-prod.zone	54.161.222.185	true
analytics.audioeye.com	44.239.25.130	true
www.google.com	172.217.16.196	true
luvtimwrtytrinity.com	64.225.112.96	true
d.impactradius-event.com	35.186.249.72	true
api.buydomains.com	207.148.248.128	true
static-cdn.hotjar.com	18.66.97.37	true
accounts.google.com	216.58.212.141	true
plus.l.google.com	142.250.185.110	true
d1pux066p3zvi3.cloudfront.net	13.32.99.51	true
googleads.g.doubleclick.net	142.250.181.226	true
part-0017.t-0009.fdv2-t-msedge.net	13.107.237.45	true
clients.l.google.com	142.250.185.174	true
c2.elitesoldiers.com	207.148.248.143	true
www.google.ch	142.250.185.195	true
cdn.cookielaw.org	104.19.188.97	true
geolocation.onetrust.com	172.64.144.98	true
vmss.boldchat.com	unknown	unknown
6928088.fls.doubleclick.net	unknown	unknown
vms.boldchat.com	unknown	unknown
clients2.google.com	unknown	unknown
code.jquery.com	unknown	unknown
static.buydomains.com	unknown	unknown
wsmcdn.audioeye.com	unknown	unknown
go2.israelandafrica.com	unknown	unknown
static.hotjar.com	unknown	unknown
se.monetate.net	unknown	unknown
d.monetate.net	unknown	unknown
wsv3cdn.audioeye.com	unknown	unknown
sb.monetate.net	unknown	unknown
visitor-services.boldchat.com	unknown	unknown
connect.facebook.net	unknown	unknown
apps.mypurecloud.com	unknown	unknown
apis.google.com	unknown	unknown
s1731649222.t.eloqua.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://apps.mypurecloud.com/webfonts/fonts/roboto-v29-latin-700.woff	false		high
https://static.buydomains.com//eloqua.js?version=2023-02-09-1	false		high
https://vmss.boldchat.com/aid/2882483596352441248/bc.vms4/vms.js	false		high
http://c2.elitesoldiers.com/	false	Avira URL Cloud: safe	unknown
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-47761645-6&cid=95733560.1677695849&jid=262765478&gjid=280525562&_gid=213938997.1677695849&_u=YGDAAEABAAAAAGgCI~&z=459877897	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers.com&oit=3&cp=20&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elites&oit=1&cp=9&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers&oit=1&cp=16&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://cdn.cookielaw.org/scripttemplates/202301.2.0/assets/otFloatingRoundedCorner.json	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesold&oit=1&cp=12&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg	false		high
https://6928088.fls.doubleclick.net/activityi;dc_pre=CPyky4iwu_0CFSoFewodco0BhQ;src=6928088;type=remar0;cat=bd-al0;ord=5403398804933;u=elitesoldiers.com;gtm=45He32r0;auiddc=1118355647.1677695847;u2=elitesoldiers.com;u1=unknown%20value;~oref=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect?	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.e&oit=1&cp=4&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://apps.mypurecloud.com/webfonts/fonts/roboto-v29-latin-regular.woff	false		high
https://apps.mypurecloud.com/widgets/9.0/cxbus.min.js	false		high
https://c2.elitesoldiers.org/favicon.ico	false	Avira URL Cloud: safe	unknown
https://apps.mypurecloud.com/webfonts/roboto.css	false		high
https://static.buydomains.com//browser/img/favicon.ico?version=2023-02-09-1	false		high
https://connect.facebook.net/en_US/sdk.js?hash=bc91546a6be007a51eb44b9f223eb53e	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2&oit=1&cp=2&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://connect.facebook.net/en_US/sdk.js	false		high
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47761645-6&cid=95733560.1677695849&jid=460476489&_u=YGBAgEABAAAAAEgAI~&z=108882502	false		high
https://d.monetate.net/trk/4/s/a-685a7abb/d/www.qa.buydomains.com/479339224-0?mr=t1545228048&mi=%272.106500537.1677695849599%27&mt=!n&cs=!f&e=!(viewPage,gt)&pt=unknown&r=%27%27&sw=1280&sh=1024&sc=24&j=!f&u=%27https://www.buydomains.com/lander/elitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect%27&fl=!f&hvc=!t&eoq=!t	false		high
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg	false		high
https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0	false		high
https://www.buydomains.com/browser/js/worker/workerJS.min.js	false		high
https://static.buydomains.com//browser/img/tdfs/logo-custom.svg?version=2023-02-09-1	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elit&oit=1&cp=7&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://static.buydomains.com//trackingParams.js?version=2023-02-09-1	false		high
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css	false		high
https://static.buydomains.com//browser/js/vendor/elqCfg.min.js?version=2023-02-09-1	false		high
https://s1731649222.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1731649222&ref2=elqNone&tzo=-60&ms=235&optin=disabled	false		high
https://www.buydomains.com/get-user-fields	false		high
https://vms.boldchat.com/aid/2882483596352441248/bc.pv?script=true&securevm=true&&blur=false&vm=true&poll=65000&swidth=1280&sheight=1024&sdpi=96&url=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect&wdid=2943214817915460751&idid=815288250086333991&1677695850978&tabIdentifier=6110055183325786431&clientScheme=https&visitorTrackingAllowed=true&visitorToken=7036766419288412160&_bcvm_vrid_=true&_bcvm_vid_combined=1677695850980Sundefined&_bcvm_vrid_combined=1677695850980Sundefined&&hasbutton=false	false		high
https://adservice.google.com/ddm/fls/z/dc_pre=CPyky4iwu_0CFSoFewodco0BhQ;src=6928088;type=remar0;cat=bd-al0;ord=5403398804933;u=elitesoldiers.com;gtm=45He32r0;auiddc=*;u2=elitesoldiers.com;u1=unknown%20value;~oref=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect	false		high
http://curatebio.userhbmyi.msblogger.com.au/jason.walsh@curatebio.com	false	Avira URL Cloud: safe	unknown
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesolde&oit=1&cp=13&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://www.buydomains.com/get-user-country-info/	false		high
https://cdn.cookielaw.org/scripttemplates/202301.2.0/assets/v2/otPcCenter.json	false		high
https://www.google.com/recaptcha/api2/bframe?hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C	false		high
https://static.buydomains.com/browser/img/icons/selectArrowGrey.svg	false		high
https://script.hotjar.com/modules.3bdf981e73ecd1bf9fca.js	false		high
https://static.buydomains.com/browser/img/icons/checkmark-blue.svg	false		high
https://www.google.com/pagead/1p-user-list/1067119116/?random=1677695847339&cv=11&fst=1677693600000&bg=ffffff&guid=ON&async=1&gtm=45He32r0&u_w=1280&u_h=1024&label=9jrJCIX4tW0QjOTr_AM&frm=0&url=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect&tiba=Buy%20Domains%20-%20elitesoldiers.com%20is%20for%20sale!&fmt=3&is_vtc=1&cid=CAQSKQDUE5ymrYICgWv1O0klvpjD4kJNJMwZyD1GXm_vEaFB9wJ2QNMEPVhc&random=1690235126&rmt_tld=0&ipr=y	false		high
https://www.buydomains.com/version.html	false		high
https://cdn.cookielaw.org/consent/91181fd5-0816-4a3d-8427-63a8d53f717e/91181fd5-0816-4a3d-8427-63a8d53f717e.json	false		high
https://www.buydomains.com/browser/js/vendor/genesys-chat-widgets.min.css	false		high
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.el&oit=1&cp=5&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://static.buydomains.com//browser/css/lander/g/lander-v7.css?version=2023-02-09-1	false		high
https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldier&oit=1&cp=15&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://cdn.cookielaw.org/scripttemplates/202301.2.0/assets/otCommonStyles.css	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers.c&oit=1&cp=18&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldie&oit=1&cp=14&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://static.buydomains.com/browser/img/icons/public-24px.svg	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.&oit=1&cp=3&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://analytics.audioeye.com/air/v0/send	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesolder&oit=1&cp=14&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://static.hotjar.com/c/hotjar-541823.js?sv=7	false		high
https://d.impactradius-event.com/A136666-2811-40ba-bff2-3df3af8bc2ae1.js	false	Avira URL Cloud: safe	unknown
https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=67f89c3	false		unknown
https://cdn.cookielaw.org/consent/91181fd5-0816-4a3d-8427-63a8d53f717e/6cb1a7b0-5ed5-4585-b708-bbbfbee82576/en.json	false		high
https://pretoeadvogadosassociados.adv.br/gert/gert.html	false	Avira URL Cloud: safe	unknown
https://accounts.google.com/o/oauth2/iframe	false		high
https://www.buydomains.com/locate?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	false		high
https://apps.mypurecloud.com/widgets/9.0/plugins/widgets-core.min.js	false		high
https://6928088.fls.doubleclick.net/activityi;src=6928088;type=remar0;cat=bd-al0;ord=5403398804933;u=elitesoldiers.com;gtm=45He32r0;auiddc=1118355647.1677695847;u2=elitesoldiers.com;u1=unknown%20value;~oref=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect?	false		high
https://apps.mypurecloud.com/webfonts/fonts/roboto-v29-latin-regular.woff2	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c&oit=1&cp=1&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location	false		high
https://pretoeadvogadosassociados.adv.br/gert/gert.html#amFzb24ud2Fsc2hAY3VyYXRlYmlvLmNvbQ==	true	SlashNext: Credential Stealing type: Phishing & Social Engineering	unknown
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C&co=aHR0cHM6Ly93d3cuYnV5ZG9tYWlucy5jb206NDQz&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=y189nut6t10x	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldi&oit=1&cp=13&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://static.buydomains.com/browser/img/icons/person-24px.svg	false		high
https://s1731649222.t.eloqua.com/visitor/v200/svrGP?pps=70&siteid=1731649222&ref=&ms=235	false		high
https://apps.mypurecloud.com/webfonts/fonts/roboto-v29-latin-700.woff2	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.eliteso&oit=1&cp=10&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://www.google.com/recaptcha/api2/bframe?hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C	false		high
https://www.google.com/recaptcha/api.js	false		high
https://www.google.com/recaptcha/api2/reload?k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C	false		high
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C&co=aHR0cHM6Ly93d3cuYnV5ZG9tYWlucy5jb206NDQz&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=y189nut6t10x	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers.co&oit=3&cp=19&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://static.buydomains.com//google_oauth.js?version=2023-02-09-1	false		high
https://www.buydomains.com/browser/js/vendor/genesys-chat-widgets.min.js	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers.o&oit=1&cp=18&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesol&oit=1&cp=11&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://cdn.cookielaw.org/logos/03213524-9e9e-4852-a3ab-334c10e24fe4/a4e57db3-75be-4450-843d-640b760b40c3/c63e0daa-fd7e-4ff3-8fa1-3bc8b00d8047/BlankImg.png	false		high
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.buydomains.com&client_id=26200011094-f6n31v26gh6o5hsjh2960tei8tdeiq28.apps.googleusercontent.com	false		high
https://static.buydomains.com/browser/img/icons/email-24px.svg	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.eli&oit=1&cp=6&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers.org&oit=3&cp=20&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elite&oit=1&cp=8&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers.&oit=1&cp=17&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://cdn.cookielaw.org/scripttemplates/202301.2.0/otBannerSdk.js	false		high
https://www.google.com/async/newtab_promos	false		high
https://6928088.fls.doubleclick.net/activityi;dc_pre=CPyky4iwu_0CFSoFewodco0BhQ;src=6928088;type=remar0;cat=bd-al0;ord=5403398804933;u=elitesoldiers.com;gtm=45He32r0;auiddc=1118355647.1677695847;u2=elitesoldiers.com;u1=unknown%20value;~oref=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect?	false		high
https://c2.elitesoldiers.org/	false		unknown

Name	Type	MD5	SHA1	SHA256
\Device\ConDrv	CSV text	E7D25F8043229E1AE38783D560C02637	9C065D75E774A6F7D70326A799A8EFDD4C2940CB	1D7BD86FB4FB392C6AB73133809154955230F9DFD74A84886AA5FFE304151E70

AV Detection

Antivirus detection for URL or domain

Source: https://pretoeadvogadosassociados.adv.br/gert/gert.html#amFzb24ud2Fsc2hAY3VyYXRlYmlvLmNvbQ==

SlashNext: Label: Credential Stealing type: Phishing & Social Engineering

Found iframes

Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-NL5LTF
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C&co=aHR0cHM6Ly93d3cuYnV5ZG9tYWlucy5jb206NDQz&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=y189nut6t10x
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://accounts.google.com/o/oauth2/iframe#origin=https%3A%2F%2Fwww.buydomains.com&rpcToken=248487890.4473936&clearCache=1
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://6928088.fls.doubleclick.net/activityi;src=6928088;type=remar0;cat=bd-al0;ord=5403398804933;u=elitesoldiers.com;gtm=45He32r0;auiddc=1118355647.1677695847;u2=elitesoldiers.com;u1=unknown%20value;~oref=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect?
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-NL5LTF
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C&co=aHR0cHM6Ly93d3cuYnV5ZG9tYWlucy5jb206NDQz&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=y189nut6t10x
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://accounts.google.com/o/oauth2/iframe#origin=https%3A%2F%2Fwww.buydomains.com&rpcToken=248487890.4473936&clearCache=1
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://6928088.fls.doubleclick.net/activityi;src=6928088;type=remar0;cat=bd-al0;ord=5403398804933;u=elitesoldiers.com;gtm=45He32r0;auiddc=1118355647.1677695847;u2=elitesoldiers.com;u1=unknown%20value;~oref=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect?
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-NL5LTF
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C&co=aHR0cHM6Ly93d3cuYnV5ZG9tYWlucy5jb206NDQz&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=y189nut6t10x
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://accounts.google.com/o/oauth2/iframe#origin=https%3A%2F%2Fwww.buydomains.com&rpcToken=248487890.4473936&clearCache=1
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://6928088.fls.doubleclick.net/activityi;src=6928088;type=remar0;cat=bd-al0;ord=5403398804933;u=elitesoldiers.com;gtm=45He32r0;auiddc=1118355647.1677695847;u2=elitesoldiers.com;u1=unknown%20value;~oref=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect?
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C

No HTML title found

Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: HTML title missing
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: HTML title missing
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: HTML title missing

Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: No <meta name="author".. found
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: No <meta name="author".. found
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: No <meta name="author".. found

Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: No <meta name="copyright".. found
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: No <meta name="copyright".. found
Source: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\GoogleUpdater

Jump to behavior

Source: unknown

DNS traffic detected: queries for: clients2.google.com

Source: global traffic

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50054
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50056
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50057
Source: unknown	Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 50039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 50010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 50034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50040 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown	Network traffic detected: HTTP traffic on port 50049 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50030
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50039
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 50038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 50011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50031
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50038
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50050 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50040
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50043
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50042
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50049
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50048
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50050
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 50020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown	Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50019 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 49937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 50030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.102&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmiedaX-Goog-Update-Updater: chromecrx-104.0.5112.102Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /f/a/y5H0bDO4woHaMQouJjYlOfq~~/OMbOowf~/aHR0cDovL0N1cmF0ZWJpby5VU0VSaEJNWUkubXNibG9nZ2VyLmNvbS5hdS9qYXNvbi53YWxzaEBjdXJhdGViaW8uY29t HTTP/1.1Host: go2.israelandafrica.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /gert/gert.html HTTP/1.1Host: pretoeadvogadosassociados.adv.brConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: http://curatebio.userhbmyi.msblogger.com.au/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: pretoeadvogadosassociados.adv.brConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pretoeadvogadosassociados.adv.br/gert/gert.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://pretoeadvogadosassociados.adv.brsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://pretoeadvogadosassociados.adv.br/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_sms_27a6d18b56f46818420e60a773c36d4e.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pretoeadvogadosassociados.adv.br/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_call_fe87496cc7a44412f7893a72099c120a.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pretoeadvogadosassociados.adv.br/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_fluent_authenticator_b59c16ca9bf156438a8a96d45e33db64.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pretoeadvogadosassociados.adv.br/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /async/ddljson?async=ntp:2 HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c&oit=1&cp=1&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2&oit=1&cp=2&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.&oit=1&cp=3&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.e&oit=1&cp=4&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.el&oit=1&cp=5&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.eli&oit=1&cp=6&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elit&oit=1&cp=7&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elite&oit=1&cp=8&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elites&oit=1&cp=9&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.eliteso&oit=1&cp=10&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesol&oit=1&cp=11&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesold&oit=1&cp=12&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesolde&oit=1&cp=13&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesolder&oit=1&cp=14&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesolde&oit=1&cp=13&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesold&oit=1&cp=12&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldi&oit=1&cp=13&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldie&oit=1&cp=14&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldier&oit=1&cp=15&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers&oit=1&cp=16&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers.&oit=1&cp=17&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers.c&oit=1&cp=18&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers.co&oit=3&cp=19&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers.com&oit=3&cp=20&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirect HTTP/1.1Host: www.buydomains.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /browser/js/worker/workerJS.min.js HTTP/1.1Host: www.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirectAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=m1jigcpdmqaorcrvdh2m0l8s15; USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new
Source: global traffic	HTTP traffic detected: GET //browser/css/lander/g/lander-v7.css?version=2023-02-09-1 HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new
Source: global traffic	HTTP traffic detected: GET //eloqua.js?version=2023-02-09-1 HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new
Source: global traffic	HTTP traffic detected: GET //trackingParams.js?version=2023-02-09-1 HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new
Source: global traffic	HTTP traffic detected: GET //google_oauth.js?version=2023-02-09-1 HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new
Source: global traffic	HTTP traffic detected: GET /browser/js/vendor/genesys-chat-widgets.min.css HTTP/1.1Host: www.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirectAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=m1jigcpdmqaorcrvdh2m0l8s15; USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new
Source: global traffic	HTTP traffic detected: GET /browser/js/vendor/genesys-chat-widgets.min.js HTTP/1.1Host: www.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirectAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=m1jigcpdmqaorcrvdh2m0l8s15; USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET //browser/img/tdfs/logo-custom.svg?version=2023-02-09-1 HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new
Source: global traffic	HTTP traffic detected: GET /widgets/9.0/cxbus.min.js HTTP/1.1Host: apps.mypurecloud.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET //browser/js/vendor/elqCfg.min.js?version=2023-02-09-1 HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true
Source: global traffic	HTTP traffic detected: GET /browser/img/icons/person-24px.svg HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://static.buydomains.com//browser/css/lander/g/lander-v7.css?version=2023-02-09-1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true
Source: global traffic	HTTP traffic detected: GET /browser/img/icons/email-24px.svg HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://static.buydomains.com//browser/css/lander/g/lander-v7.css?version=2023-02-09-1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true
Source: global traffic	HTTP traffic detected: GET /browser/img/icons/local-phone-24px.svg HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://static.buydomains.com//browser/css/lander/g/lander-v7.css?version=2023-02-09-1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true
Source: global traffic	HTTP traffic detected: GET /browser/html/offendingChars.html HTTP/1.1Host: www.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirectAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=m1jigcpdmqaorcrvdh2m0l8s15; USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true
Source: global traffic	HTTP traffic detected: GET /browser/img/icons/public-24px.svg HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://static.buydomains.com//browser/css/lander/g/lander-v7.css?version=2023-02-09-1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true
Source: global traffic	HTTP traffic detected: GET /get-user-country-info/ HTTP/1.1Host: www.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirectAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=m1jigcpdmqaorcrvdh2m0l8s15; USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true
Source: global traffic	HTTP traffic detected: GET /get-user-fields HTTP/1.1Host: www.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/lander/elitesoldiers.com?domain=elitesoldiers.com&utm_source=elitesoldiers.com&utm_medium=click&utm_campaign=tdfs-AprTest&traffic_id=AprTest&traffic_type=tdfs&redirect=ono-redirectAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=m1jigcpdmqaorcrvdh2m0l8s15; USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true
Source: global traffic	HTTP traffic detected: GET /browser/img/icons/selectArrowGrey.svg HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://static.buydomains.com//browser/css/lander/g/lander-v7.css?version=2023-02-09-1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true
Source: global traffic	HTTP traffic detected: GET /browser/img/icons/checkmark-blue.svg HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://static.buydomains.com//browser/css/lander/g/lander-v7.css?version=2023-02-09-1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; utm_medium=%22direct-visit%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true
Source: global traffic	HTTP traffic detected: GET /scripttemplates/otSDKStub.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /locale/detect?timestamp=1677695845259 HTTP/1.1Host: api.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://www.buydomains.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /o/oauth2/iframe HTTP/1.1Host: accounts.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9X-Chrome-ID-Consistency-Request: version=1,client_id=77185425430.apps.googleusercontent.com,device_id=5ed65fba-9b05-4097-a6cd-ff5b0cbc5f02,signin_mode=all_accounts,signout_mode=show_confirmationX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C&co=aHR0cHM6Ly93d3cuYnV5ZG9tYWlucy5jb206NDQz&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=y189nut6t10x HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /widgets/9.0/plugins/widgets-core.min.js HTTP/1.1Host: apps.mypurecloud.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/91181fd5-0816-4a3d-8427-63a8d53f717e/91181fd5-0816-4a3d-8427-63a8d53f717e.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.buydomains.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"accept: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://www.buydomains.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /visitor/v200/svrGP?pps=70&siteid=1731649222&ref=&ms=235 HTTP/1.1Host: s1731649222.t.eloqua.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /visitor/v200/svrGP?pps=3&siteid=1731649222&ref2=elqNone&tzo=-60&ms=235&optin=disabled HTTP/1.1Host: s1731649222.t.eloqua.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202301.2.0/otBannerSdk.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/91181fd5-0816-4a3d-8427-63a8d53f717e/6cb1a7b0-5ed5-4585-b708-bbbfbee82576/en.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.buydomains.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /visitor/v200/svrGP.aspx?pps=70&siteid=1731649222&ref=&ms=235&elqCookie=1 HTTP/1.1Host: s1731649222.t.eloqua.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ELOQUA=GUID=6A806887AE3B4ECD9B6A7B9D26F28171; ELQSTATUS=OK
Source: global traffic	HTTP traffic detected: GET /o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.buydomains.com&client_id=26200011094-f6n31v26gh6o5hsjh2960tei8tdeiq28.apps.googleusercontent.com HTTP/1.1Host: accounts.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"X-Requested-With: XmlHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Chrome-ID-Consistency-Request: version=1,client_id=77185425430.apps.googleusercontent.com,device_id=5ed65fba-9b05-4097-a6cd-ff5b0cbc5f02,signin_mode=all_accounts,signout_mode=show_confirmationX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://accounts.google.com/o/oauth2/iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /webfonts/roboto.css HTTP/1.1Host: apps.mypurecloud.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c/hotjar-541823.js?sv=7 HTTP/1.1Host: static.hotjar.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202301.2.0/assets/otFloatingRoundedCorner.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.buydomains.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202301.2.0/assets/v2/otPcCenter.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.buydomains.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /webfonts/fonts/roboto-v29-latin-700.woff2 HTTP/1.1Host: apps.mypurecloud.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://www.buydomains.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://apps.mypurecloud.com/webfonts/roboto.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /en_US/sdk.js HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202301.2.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.buydomains.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /activityi;src=6928088;type=remar0;cat=bd-al0;ord=5403398804933;u=elitesoldiers.com;gtm=45He32r0;auiddc=1118355647.1677695847;u2=elitesoldiers.com;u1=unknown%20value;~oref=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect? HTTP/1.1Host: 6928088.fls.doubleclick.netConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlM32rdqga-RSO5Voy8fUNR1tvsqN2FvOOy20WgI0Ay2Wi2lSPaBZvDvgI6sjE
Source: global traffic	HTTP traffic detected: GET /modules.3bdf981e73ecd1bf9fca.js HTTP/1.1Host: script.hotjar.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/1067119116/?random=1677695847339&cv=11&fst=1677695847339&bg=ffffff&guid=ON&async=1&gtm=45He32r0&u_w=1280&u_h=1024&label=9jrJCIX4tW0QjOTr_AM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect&tiba=Buy%20Domains%20-%20elitesoldiers.com%20is%20for%20sale!&auid=1118355647.1677695847&uaa=x86&uab=64&uafvl=Chromium%3B104.0.5112.102%7C%2520Not%2520A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B104.0.5112.102&uamb=0&uap=Windows&uapv=8.0.0&uaw=0&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlM32rdqga-RSO5Voy8fUNR1tvsqN2FvOOy20WgI0Ay2Wi2lSPaBZvDvgI6sjE
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C&co=aHR0cHM6Ly93d3cuYnV5ZG9tYWlucy5jb206NDQz&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=y189nut6t10xAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /A136666-2811-40ba-bff2-3df3af8bc2ae1.js HTTP/1.1Host: d.impactradius-event.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /en_US/sdk.js?hash=bc91546a6be007a51eb44b9f223eb53e HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://www.buydomains.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/bframe?hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LcqAIkUAAAAAHjOK9ZepI7IU55yYRmOEigfrp6C HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /activityi;dc_pre=CPyky4iwu_0CFSoFewodco0BhQ;src=6928088;type=remar0;cat=bd-al0;ord=5403398804933;u=elitesoldiers.com;gtm=45He32r0;auiddc=1118355647.1677695847;u2=elitesoldiers.com;u1=unknown%20value;~oref=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect? HTTP/1.1Host: 6928088.fls.doubleclick.netConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlM32rdqga-RSO5Voy8fUNR1tvsqN2FvOOy20WgI0Ay2Wi2lSPaBZvDvgI6sjE
Source: global traffic	HTTP traffic detected: GET /webfonts/fonts/roboto-v29-latin-regular.woff2 HTTP/1.1Host: apps.mypurecloud.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://www.buydomains.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://apps.mypurecloud.com/webfonts/roboto.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /webfonts/fonts/roboto-v29-latin-700.woff HTTP/1.1Host: apps.mypurecloud.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://www.buydomains.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://apps.mypurecloud.com/webfonts/roboto.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/ot_close.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ddm/fls/z/dc_pre=CPyky4iwu_0CFSoFewodco0BhQ;src=6928088;type=remar0;cat=bd-al0;ord=5403398804933;u=elitesoldiers.com;gtm=45He32r0;auiddc=;u2=elitesoldiers.com;u1=unknown%20value;~oref=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect HTTP/1.1Host: adservice.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://6928088.fls.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /logos/static/ot_guard_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.buydomains.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/evnt/?adv=b7xg2v6&ct=0:92joh6v&fmt=3 HTTP/1.1Host: insight.adsrvr.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://6928088.fls.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/03213524-9e9e-4852-a3ab-334c10e24fe4/a4e57db3-75be-4450-843d-640b760b40c3/c63e0daa-fd7e-4ff3-8fa1-3bc8b00d8047/BlankImg.png HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/powered_by_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET //browser/img/favicon.ico?version=2023-02-09-1 HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://www.buydomains.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/1067119116/?random=1677695847339&cv=11&fst=1677693600000&bg=ffffff&guid=ON&async=1&gtm=45He32r0&u_w=1280&u_h=1024&label=9jrJCIX4tW0QjOTr_AM&frm=0&url=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect&tiba=Buy%20Domains%20-%20elitesoldiers.com%20is%20for%20sale!&fmt=3&is_vtc=1&cid=CAQSKQDUE5ymrYICgWv1O0klvpjD4kJNJMwZyD1GXm_vEaFB9wJ2QNMEPVhc&random=1690235126&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47761645-6&cid=95733560.1677695849&jid=460476489&_u=YGBAgEABAAAAAEgAI~&z=108882502 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /webfonts/fonts/roboto-v29-latin-regular.woff HTTP/1.1Host: apps.mypurecloud.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://www.buydomains.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://apps.mypurecloud.com/webfonts/roboto.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47761645-6&cid=95733560.1677695849&jid=262765478&_u=YGDAAEABAAAAAGgCI~&z=355222334 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET //browser/img/favicon.ico?version=2023-02-09-1 HTTP/1.1Host: static.buydomains.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true; utm_medium=%22direct-visit%22; _gcl_au=1.1.1118355647.1677695847; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Mar+01+2023+19%3A37%3A28+GMT%2B0100+(Central+European+Standard+Time)&version=202301.2.0&isIABGlobal=false&hosts=&consentId=2145276b-5dce-4803-b23a-2a2cdf229021&interactionCount=0&landingPath=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1; _hjSessionUser_541823=eyJpZCI6IjNiYzMzN2U4LTE5MjYtNWQxNC05YWFiLTFlZWUyNjkzMGYwMCIsImNyZWF0ZWQiOjE2Nzc2OTU4NDg0OTEsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample_541823=1; _hjSession_541823=eyJpZCI6IjY4MDY1NmExLWRhZjYtNDNiZi1hZDA4LTMyY2YxMzhmZTExYyIsImNyZWF0ZWQiOjE2Nzc2OTU4NDg1MDYsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0; _ga=GA1.2.95733560.1677695849; _gid=GA1.2.213938997.1677695849; _dc_gtm_UA-47761645-6=1; _gat_UA-69116836-15=1; _gat_UA-47761645-6=1
Source: global traffic	HTTP traffic detected: GET /version.html HTTP/1.1Host: www.buydomains.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Content-type: application/x-www-form-urlencodedAccept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/browser/js/worker/workerJS.min.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=m1jigcpdmqaorcrvdh2m0l8s15; USER_COUNTRY=%22Switzerland%22; USER_COUNTRY_CODE_DEFAULT=%22CH%22; TOLLFREE_PHONE=%22%28855%29+687-0658%22; WW_PHONE=%22%28781%29+373-6820%22; utm_source=%22elitesoldiers.com%22; utm_campaign=%22tdfs-AprTest%22; traffic_id=%22AprTest%22; traffic_type=%22tdfs%22; trackingParams=%7B%22utm_source%22%3A%22elitesoldiers.com%22%2C%22utm_medium%22%3A%22direct-visit%22%2C%22utm_campaign%22%3A%22tdfs-AprTest%22%2C%22utm_content%22%3Anull%2C%22traffic_id%22%3A%22AprTest%22%2C%22traffic_type%22%3A%22tdfs%22%2C%22referrer_id%22%3Anull%7D; visitor=63ff9b62d54ba; visitorType=new; tracking_params_allowed=true; G_ENABLED_IDPS=google; utm_medium=%22direct-visit%22; _gcl_au=1.1.1118355647.1677695847; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Mar+01+2023+19%3A37%3A28+GMT%2B0100+(Central+European+Standard+Time)&version=202301.2.0&isIABGlobal=false&hosts=&consentId=2145276b-5dce-4803-b23a-2a2cdf229021&interactionCount=0&landingPath=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1; _hjSessionUser_541823=eyJpZCI6IjNiYzMzN2U4LTE5MjYtNWQxNC05YWFiLTFlZWUyNjkzMGYwMCIsImNyZWF0ZWQiOjE2Nzc2OTU4NDg0OTEsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample_541823=1; _hjSession_541823=eyJpZCI6IjY4MDY1NmExLWRhZjYtNDNiZi1hZDA4LTMyY2YxMzhmZTExYyIsImNyZWF0ZWQiOjE2Nzc2OTU4NDg1MDYsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0; _ga=GA1.2.95733560.1677695849; _gid=GA1.2.213938997.1677695849; _dc_gtm_UA-47761645-6=1; _gat_UA-69116836-15=1; _gat_UA-47761645-6=1
Source: global traffic	HTTP traffic detected: GET /ddm/fls/z/dc_pre=CPyky4iwu_0CFSoFewodco0BhQ;src=6928088;type=remar0;cat=bd-al0;ord=5403398804933;u=elitesoldiers.com;gtm=45He32r0;auiddc=;u2=elitesoldiers.com;u1=unknown%20value;~oref=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect HTTP/1.1Host: adservice.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://6928088.fls.doubleclick.netsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://6928088.fls.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/evnt/?adv=b7xg2v6&ct=0:92joh6v&fmt=3 HTTP/1.1Host: insight.adsrvr.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://6928088.fls.doubleclick.netsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://6928088.fls.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /aid/2882483596352441248/bc.vms4/vms.js HTTP/1.1Host: vmss.boldchat.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trk/4/s/a-685a7abb/d/www.qa.buydomains.com/479339224-0?mr=t1545228048&mi=%272.106500537.1677695849599%27&mt=!n&cs=!f&e=!(viewPage,gt)&pt=unknown&r=%27%27&sw=1280&sh=1024&sc=24&j=!f&u=%27https://www.buydomains.com/lander/elitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect%27&fl=!f&hvc=!t&eoq=!t HTTP/1.1Host: d.monetate.netConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /visitor-token-service/visitor-token HTTP/1.1Host: visitor-services.boldchat.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.buydomains.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /aid/2882483596352441248/api/v1/extendedvisitorinfo/setup HTTP/1.1Host: vms.boldchat.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.buydomains.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /aid/2882483596352441248/bc.pv?script=true&securevm=true&&blur=false&vm=true&poll=65000&swidth=1280&sheight=1024&sdpi=96&url=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect&wdid=2943214817915460751&idid=815288250086333991&1677695850978&tabIdentifier=6110055183325786431&clientScheme=https&visitorTrackingAllowed=true&visitorToken=7036766419288412160&_bcvm_vrid_=true&_bcvm_vid_combined=1677695850980Sundefined&_bcvm_vrid_combined=1677695850980Sundefined&&hasbutton=false HTTP/1.1Host: vms.boldchat.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.buydomains.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bc.visitor_token=7036766419288412160
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c&oit=1&cp=1&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2&oit=1&cp=2&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.&oit=1&cp=3&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.e&oit=1&cp=4&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /ddm/fls/z/dc_pre=CPyky4iwu_0CFSoFewodco0BhQ;src=6928088;type=remar0;cat=bd-al0;ord=5403398804933;u=elitesoldiers.com;gtm=45He32r0;auiddc=;u2=elitesoldiers.com;u1=unknown%20value;~oref=https%3A%2F%2Fwww.buydomains.com%2Flander%2Felitesoldiers.com%3Fdomain%3Delitesoldiers.com%26utm_source%3Delitesoldiers.com%26utm_medium%3Dclick%26utm_campaign%3Dtdfs-AprTest%26traffic_id%3DAprTest%26traffic_type%3Dtdfs%26redirect%3Dono-redirect HTTP/1.1Host: adservice.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://6928088.fls.doubleclick.netsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIlaHLAQiivMwBCJq9zAEI8tDMAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://6928088.fls.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/evnt/?adv=b7xg2v6&ct=0:92joh6v&fmt=3 HTTP/1.1Host: insight.adsrvr.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://6928088.fls.doubleclick.netsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://6928088.fls.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.el&oit=1&cp=5&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.eli&oit=1&cp=6&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elit&oit=1&cp=7&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elite&oit=1&cp=8&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elites&oit=1&cp=9&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.eliteso&oit=1&cp=10&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesol&oit=1&cp=11&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesold&oit=1&cp=12&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldi&oit=1&cp=13&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldie&oit=1&cp=14&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldier&oit=1&cp=15&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers&oit=1&cp=16&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers.&oit=1&cp=17&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers.o&oit=1&cp=18&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=c2.elitesoldiers.org&oit=3&cp=20&gs_rn=42&psi=HfOUX1-31JW5RcEd&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJe2yQEIpLbJAQjEtskBCKmdygEIv+LKAQiVocsBCJi3zAEIorzMAQiavcwBCIe/zAEIgMHMAQiCyMwBCJzJzAEI4svMAQjy0MwBCIvSzAE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210525-0-RC1.de+FX+704
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: c2.elitesoldiers.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: c2.elitesoldiers.orgConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://c2.elitesoldiers.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jason.walsh@curatebio.com HTTP/1.1Host: curatebio.userhbmyi.msblogger.com.auConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: c2.elitesoldiers.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=utf-8Date: Wed, 01 Mar 2023 18:37:52 GMTContent-Length: 9Connection: close

Source: unknown

Yara signature match

Source: 93690.0.pages.csv, type: HTML

Source: classification engine

Classification label: mal48.win@43/2@48/35

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://go2.israelandafrica.com/f/a/y5H0bDO4woHaMQouJjYlOfq~~/OMbOowf~/aHR0cDovL0N1cmF0ZWJpby5VU0VSaEJNWUkubXNibG9nZ2VyLmNvbS5hdS9qYXNvbi53YWxzaEBjdXJhdGViaW8uY29t
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1824,i,3608302658647549143,7935353812338714585,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1824,i,3608302658647549143,7935353812338714585,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1288:304:WilStaging_02
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1288:120:WilError_02

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\GoogleUpdater

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\GoogleUpdater

Jump to behavior

Source: C:\Windows\System32\conhost.exe

Process information set: NOOPENFILEERRORBOX

Jump to behavior

Sample execution stops while process was sleeping (likely an evasion)

Source: C:\Windows\System32\conhost.exe

Last function: Thread delayed

ID:	17568
Product:	CloudBasic
Start time:	19:35:24
Start date:	01.03.2023
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 64 bit version 1909 (MS Office 2019, IE 11, Chrome 104, Firefox 88, Adobe Reader DC 21, Java 8 u291, 7-Zip)
Architecture:	WINDOWS

Windows Analysis Report
https://go2.israelandafrica.com/f/a/y5H0bDO4woHaMQouJjYlOfq~~/OMbOowf~/aHR0cDovL0N1cmF0ZWJpby5VU0VSaEJNWUkubXNibG9nZ2VyLmNvbS5hdS9qYXNvbi53YWxzaEBjdXJhdGViaW8uY29t

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://go2.israelandafrica.com/f/a/y5H0bDO4woHaMQouJjYlOfq~~/OMbOowf~/aHR0cDovL0N1cmF0ZWJpby5VU0VSaEJNWUkubXNibG9nZ2VyLmNvbS5hdS9qYXNvbi53YWxzaEBjdXJhdGViaW8uY29t

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://go2.israelandafrica.com/f/a/y5H0bDO4woHaMQouJjYlOfq~~/OMbOowf~/aHR0cDovL0N1cmF0ZWJpby5VU0VSaEJNWUkubXNibG9nZ2VyLmNvbS5hdS9qYXNvbi53YWxzaEBjdXJhdGViaW8uY29t