Windows Analysis Report
http://t1.global.clubavolta.com/r/?id=h53ebcb4b,29506a5f,2988b9db&e=cDE9UkVEX0dMX0xveWFsdHlMYXVuY2hTb2x1cy1OT0NPTS1BTEwtMDExMDIwMjQtMV9YWCZwMj1kNzEwNWE1Zi00NjE3LWVmMTEtOWY4OS0wMDBkM2EyMmNlYTE&s=3la6k8joHnYuuxUmpC7F3uvS_OKadIyytIXkC1qpgwU

Overview

General Information

Sample URL: http://t1.global.clubavolta.com/r/?id=h53ebcb4b,29506a5f,2988b9db&e=cDE9UkVEX0dMX0xveWFsdHlMYXVuY2hTb2x1cy1OT0NPTS1BTEwtMDExMDIwMjQtMV9YWCZwMj1kNzEwNWE1Zi00NjE3LWVmMTEtOWY4OS0wMDBkM2EyMmNlYTE&s=3la6k8
Analysis ID: 1523728
Tags: urlscan
Infos:

Detection

Score: 2
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Found iframes
HTML body contains password input but no form action
HTML title does not match URL
Javascript checks online IP of machine
Stores files to the Windows start menu directory

Classification

Found iframes
Source: https://sso.clubavolta.com/register?source=ctOnline-scAvolta_website&lang=en HTTP Parser: Iframe src: https://app.usercentrics.eu/browser-sdk/4.38.4/cross-domain-bridge.html
Source: https://sso.clubavolta.com/register?source=ctOnline-scAvolta_website&lang=en HTTP Parser: Iframe src: https://app.usercentrics.eu/browser-sdk/4.38.4/cross-domain-bridge.html
HTML body contains password input but no form action
Source: https://sso.clubavolta.com/register?source=ctOnline-scAvolta_website&lang=en HTTP Parser: <input type="password" .../> found but no <form action="...
HTML title does not match URL
Source: https://sso.clubavolta.com/register?source=ctOnline-scAvolta_website&lang=en HTTP Parser: Title: Register does not match URL
Javascript checks online IP of machine
Source: https://sso.clubavolta.com/register?source=ctOnline-scAvolta_website&lang=en HTTP Parser: function getcountryforgoogletagmanager() { $.get("https://pro.ip-api.com/json/?key=j9lnwtgdja0uifu").done(function (data) { /*<![cdata[*/ if (data.country != 'china') (function (w, d, s, l, i) { w[l] = w[l] || []; w[l].push({ 'gtm.start': new date().gettime(), event: 'gtm.js' }); var f = d.getelementsbytagname(s)[0], j = d.createelement(s), dl = l != 'datalayer' ? '&l=' + l : ''; j.async = true; j.src = 'https://www.googletagmanager.com/gtm.js?id=' + i + dl; f.parentnode.insertbefore(j, f); })(window, document, 'script', 'datalayer', 'gtm-5fjw8gd'); /*]]>*/ }); } getcountryforgoogletagmanager();
Source: https://sso.clubavolta.com/register?source=ctOnline-scAvolta_website&lang=en HTTP Parser: <input type="password" .../> found
Source: https://play.google.com/store/apps/details?id=com.red.by.dufry&referrer=utm_source%3Dqr_code%26utm_term%3Dqr_club_avolta HTTP Parser: No favicon
Source: https://apps.apple.com/us/app/club-avolta/id1108485056 HTTP Parser: No favicon
Source: https://apps.apple.com/us/app/club-avolta/id1108485056 HTTP Parser: No favicon
Source: https://apps.apple.com/us/app/club-avolta/id1108485056 HTTP Parser: No favicon
Source: https://sso.clubavolta.com/register?source=ctOnline-scAvolta_website&lang=en HTTP Parser: No <meta name="author".. found
Source: https://sso.clubavolta.com/register?source=ctOnline-scAvolta_website&lang=en HTTP Parser: No <meta name="author".. found
Source: https://sso.clubavolta.com/register?source=ctOnline-scAvolta_website&lang=en HTTP Parser: No <meta name="author".. found
Source: https://sso.clubavolta.com/register?source=ctOnline-scAvolta_website&lang=en HTTP Parser: No <meta name="copyright".. found
Source: https://sso.clubavolta.com/register?source=ctOnline-scAvolta_website&lang=en HTTP Parser: No <meta name="copyright".. found
Source: https://sso.clubavolta.com/register?source=ctOnline-scAvolta_website&lang=en HTTP Parser: No <meta name="copyright".. found
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49725 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49734 version: TLS 1.2
Source: unknown HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.5:49798 version: TLS 1.2
Source: unknown HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.5:50077 version: TLS 1.2
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: global traffic HTTP traffic detected: GET /jquery-2.2.4.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.clubavolta.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /id?d_visid_ver=5.0.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=B72759175BC87D800A495D6D%40AdobeOrg&d_nsid=0&d_mid=66557572993001717753310145726117314559&ts=1727821838623 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: */*Origin: https://www.clubavolta.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic HTTP traffic detected: GET /jquery-2.2.4.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /id?d_visid_ver=5.0.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=B72759175BC87D800A495D6D%40AdobeOrg&d_nsid=0&d_mid=66557572993001717753310145726117314559&ts=1727821838623 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=66748580816055011753248181715129975031
Source: global traffic HTTP traffic detected: GET /dest5.html?d_nsid=0 HTTP/1.1Host: dufry.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=66748580816055011753248181715129975031
Source: global traffic HTTP traffic detected: GET /browser-ui/latest/loader.js HTTP/1.1Host: app.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /en_US/fbevents.js HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /c/hotjar-5148378.js?sv=7 HTTP/1.1Host: static.hotjar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ibs:dpid=411&dpuuid=Zvx4EwAAAKhc5AO- HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=66748580816055011753248181715129975031
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/index.module.js HTTP/1.1Host: app.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.clubavolta.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/latest/loader.js HTTP/1.1Host: app.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /modules.0721e7cf944cf9d78a0b.js HTTP/1.1Host: script.hotjar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /en_US/fbevents.js HTTP/1.1Host: connect.facebook.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /c/hotjar-5148378.js?sv=7 HTTP/1.1Host: static.hotjar.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/index.module.js HTTP/1.1Host: app.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ibs:dpid=411&dpuuid=Zvx4EwAAAKhc5AO- HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=66748580816055011753248181715129975031; dpm=66748580816055011753248181715129975031
Source: global traffic HTTP traffic detected: GET /signals/config/1083686203427969?v=2.9.170&r=stable&domain=www.clubavolta.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112 HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /settings/HzbbJ_HfNrjwq0/latest/languages.json HTTP/1.1Host: api.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36content-type: application/jsonAccept: */*Origin: https://www.clubavolta.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /tr/?id=1083686203427969&ev=PageView&dl=https%3A%2F%2Fwww.clubavolta.com%2Fhome%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DRED_GL_LoyaltyLaunchSolus-NOCOM-ALL-01102024-1_XX%26utm_term%3Dd7105a5f-4617-ef11-9f89-000d3a22cea1&rl=&if=false&ts=1727821845731&sw=1280&sh=1024&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1727821845729.370948143350466137&ler=empty&cdl=API_unavailable&it=1727821843201&coo=false&eid=1727821836972.1&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=1083686203427969&ev=PageView&dl=https%3A%2F%2Fwww.clubavolta.com%2Fhome%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DRED_GL_LoyaltyLaunchSolus-NOCOM-ALL-01102024-1_XX%26utm_term%3Dd7105a5f-4617-ef11-9f89-000d3a22cea1&rl=&if=false&ts=1727821845731&sw=1280&sh=1024&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1727821845729.370948143350466137&ler=empty&cdl=API_unavailable&it=1727821843201&coo=false&eid=1727821836972.1&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: trigger;navigation-source, event-sourceReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /signals/config/1083686203427969?v=2.9.170&r=stable&domain=www.clubavolta.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112 HTTP/1.1Host: connect.facebook.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /sessions/5148378?s=0.25&r=0.04937675594369639 HTTP/1.1Host: vc.hotjar.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.clubavolta.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /modules.0721e7cf944cf9d78a0b.js HTTP/1.1Host: script.hotjar.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /settings/HzbbJ_HfNrjwq0/latest/languages.json HTTP/1.1Host: api.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /settings/HzbbJ_HfNrjwq0/latest/en.json HTTP/1.1Host: api.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36content-type: application/jsonAccept: */*Origin: https://www.clubavolta.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /tr/?id=1083686203427969&ev=PageView&dl=https%3A%2F%2Fwww.clubavolta.com%2Fhome%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DRED_GL_LoyaltyLaunchSolus-NOCOM-ALL-01102024-1_XX%26utm_term%3Dd7105a5f-4617-ef11-9f89-000d3a22cea1&rl=&if=false&ts=1727821845731&sw=1280&sh=1024&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1727821845729.370948143350466137&ler=empty&cdl=API_unavailable&it=1727821843201&coo=false&eid=1727821836972.1&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=1083686203427969&ev=PageView&dl=https%3A%2F%2Fwww.clubavolta.com%2Fhome%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DRED_GL_LoyaltyLaunchSolus-NOCOM-ALL-01102024-1_XX%26utm_term%3Dd7105a5f-4617-ef11-9f89-000d3a22cea1&rl=&if=false&ts=1727821845731&sw=1280&sh=1024&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1727821845729.370948143350466137&ler=empty&cdl=API_unavailable&it=1727821843201&coo=false&eid=1727821836972.1&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-sdk/4.38.4/cross-domain-bridge.html HTTP/1.1Host: app.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=4uosE+fmbce74o2&MD=KdTa2rXG HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /settings/HzbbJ_HfNrjwq0/latest/en.json HTTP/1.1Host: api.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /session/1px.png?settingsId=HzbbJ_HfNrjwq0 HTTP/1.1Host: app.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/DefaultData-fa10cf7f-3d7db9aa.js HTTP/1.1Host: app.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.clubavolta.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.usercentrics.eu/browser-ui/3.55.0/index.module.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rest/v1/delivery?client=dufryinternationalag&sessionId=e1a79bc7aed84d718af2d0d2f725ca04&version=2.3.2 HTTP/1.1Host: dufryinternationalag.tt.omtrdc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /translations/translations-en.json HTTP/1.1Host: api.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36content-type: application/jsonAccept: */*Origin: https://www.clubavolta.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/DefaultData-fa10cf7f-3d7db9aa.js HTTP/1.1Host: app.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /session/1px.png?settingsId=HzbbJ_HfNrjwq0 HTTP/1.1Host: app.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /aggregate/en?templates=87JYasXPF@1.3.12,BJ59EidsWQ@25.7.28,H1Vl5NidjWX@40.17.45,uQiyefbRi@16.2.9 HTTP/1.1Host: aggregator.service.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36content-type: application/jsonAccept: */*Origin: https://www.clubavolta.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /translations/translations-en.json HTTP/1.1Host: api.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /aggregate/en?templates=87JYasXPF@1.3.12,BJ59EidsWQ@25.7.28,H1Vl5NidjWX@40.17.45,uQiyefbRi@16.2.9 HTTP/1.1Host: aggregator.service.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/DefaultUI-efcc91c9-fa5e06dd.js HTTP/1.1Host: app.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.clubavolta.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.usercentrics.eu/browser-ui/3.55.0/index.module.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/FirstLayerCustomization-de8ec6f3-0ed66d66.js HTTP/1.1Host: app.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.clubavolta.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.usercentrics.eu/browser-ui/3.55.0/DefaultUI-efcc91c9-fa5e06dd.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/DefaultUI-efcc91c9-fa5e06dd.js HTTP/1.1Host: app.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/ButtonsCustomization-5698ac85-5d43b15f.js HTTP/1.1Host: app.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.clubavolta.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.usercentrics.eu/browser-ui/3.55.0/DefaultUI-efcc91c9-fa5e06dd.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/SecondLayerUI-2d936468-4fd84b50.js HTTP/1.1Host: app.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.clubavolta.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.usercentrics.eu/browser-ui/3.55.0/DefaultUI-efcc91c9-fa5e06dd.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/Taglogger-ece90602-40fbde48.js HTTP/1.1Host: app.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.clubavolta.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.usercentrics.eu/browser-ui/3.55.0/index.module.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/SecondLayerUI-2d936468-4fd84b50.js HTTP/1.1Host: app.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/ButtonsCustomization-5698ac85-5d43b15f.js HTTP/1.1Host: app.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/FirstLayerCustomization-de8ec6f3-0ed66d66.js HTTP/1.1Host: app.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/PrivacyButton-62ab6c78.js HTTP/1.1Host: app.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.clubavolta.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.usercentrics.eu/browser-ui/3.55.0/index.module.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/index-3ff76a26.js HTTP/1.1Host: app.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.clubavolta.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.usercentrics.eu/browser-ui/3.55.0/index.module.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/Taglogger-ece90602-40fbde48.js HTTP/1.1Host: app.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/PrivacyButton-62ab6c78.js HTTP/1.1Host: app.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/index-3ff76a26.js HTTP/1.1Host: app.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/index-4d0d6d10.js HTTP/1.1Host: app.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.clubavolta.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.usercentrics.eu/browser-ui/3.55.0/index.module.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /uct?v=1&sid=HzbbJ_HfNrjwq0&t=1&abv=&r=https%3A%2F%2Fwww.clubavolta.com%2Fhome&cb=1727821858139 HTTP/1.1Host: uct.service.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/SaveButton-c74cbe89.js HTTP/1.1Host: app.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.clubavolta.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.usercentrics.eu/browser-ui/3.55.0/index-4d0d6d10.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/VirtualServiceItem-d95151cb.js HTTP/1.1Host: app.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.clubavolta.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.usercentrics.eu/browser-ui/3.55.0/index-4d0d6d10.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/index-4d0d6d10.js HTTP/1.1Host: app.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/DefaultTabs-99ec4522.js HTTP/1.1Host: app.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.clubavolta.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.usercentrics.eu/browser-ui/3.55.0/index-4d0d6d10.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /uct?v=1&sid=HzbbJ_HfNrjwq0&t=1&abv=&r=https%3A%2F%2Fwww.clubavolta.com%2Fhome&cb=1727821858139 HTTP/1.1Host: uct.service.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /json/?key=J9LNWtGDJa0UIfU HTTP/1.1Host: pro.ip-api.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: */*sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://sso.clubavolta.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://sso.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/SaveButton-c74cbe89.js HTTP/1.1Host: app.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/DefaultTabs-99ec4522.js HTTP/1.1Host: app.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-ui/3.55.0/VirtualServiceItem-d95151cb.js HTTP/1.1Host: app.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /json/?key=J9LNWtGDJa0UIfU HTTP/1.1Host: pro.ip-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /w20/us.png HTTP/1.1Host: flagcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sso.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /signals/config/1083686203427969?v=2.9.170&r=stable&domain=sso.clubavolta.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112 HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sso.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /tr/?id=1083686203427969&ev=PageView&dl=https%3A%2F%2Fsso.clubavolta.com%2Fregister%3Fsource%3DctOnline-scAvolta_website%26lang%3Den&rl=&if=false&ts=1727821864606&sw=1280&sh=1024&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1727821845729.370948143350466137&ler=empty&cdl=API_unavailable&it=1727821862525&coo=false&eid=1727821860232.1&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sso.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=1083686203427969&ev=PageView&dl=https%3A%2F%2Fsso.clubavolta.com%2Fregister%3Fsource%3DctOnline-scAvolta_website%26lang%3Den&rl=&if=false&ts=1727821864606&sw=1280&sh=1024&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1727821845729.370948143350466137&ler=empty&cdl=API_unavailable&it=1727821862525&coo=false&eid=1727821860232.1&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: event-source, trigger, not-navigation-sourceReferer: https://sso.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /signals/config/1083686203427969?v=2.9.170&r=stable&domain=sso.clubavolta.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112 HTTP/1.1Host: connect.facebook.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /w20/us.png HTTP/1.1Host: flagcdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /tr/?id=1083686203427969&ev=PageView&dl=https%3A%2F%2Fsso.clubavolta.com%2Fregister%3Fsource%3DctOnline-scAvolta_website%26lang%3Den&rl=&if=false&ts=1727821864606&sw=1280&sh=1024&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1727821845729.370948143350466137&ler=empty&cdl=API_unavailable&it=1727821862525&coo=false&eid=1727821860232.1&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=1083686203427969&ev=PageView&dl=https%3A%2F%2Fsso.clubavolta.com%2Fregister%3Fsource%3DctOnline-scAvolta_website%26lang%3Den&rl=&if=false&ts=1727821864606&sw=1280&sh=1024&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1727821845729.370948143350466137&ler=empty&cdl=API_unavailable&it=1727821862525&coo=false&eid=1727821860232.1&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /uct?v=1&sid=HzbbJ_HfNrjwq0&t=1&abv=&r=https%3A%2F%2Fsso.clubavolta.com%2Fregister&cb=1727821868283 HTTP/1.1Host: uct.service.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sso.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /uct?v=1&sid=HzbbJ_HfNrjwq0&t=1&abv=&r=https%3A%2F%2Fsso.clubavolta.com%2Fregister&cb=1727821868283 HTTP/1.1Host: uct.service.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rest/v1/delivery?client=dufryinternationalag&sessionId=e1a79bc7aed84d718af2d0d2f725ca04&version=2.3.2 HTTP/1.1Host: dufryinternationalag.tt.omtrdc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /uct?v=1&sid=HzbbJ_HfNrjwq0&t=1&abv=&r=https%3A%2F%2Fwww.clubavolta.com%2F&cb=1727821872032 HTTP/1.1Host: uct.service.usercentrics.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /tr/?id=1083686203427969&ev=PageView&dl=https%3A%2F%2Fwww.clubavolta.com%2F&rl=&if=false&ts=1727821871880&sw=1280&sh=1024&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1727821845729.370948143350466137&ler=empty&cdl=API_unavailable&it=1727821871678&coo=false&eid=1727821870461.1&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=1083686203427969&ev=PageView&dl=https%3A%2F%2Fwww.clubavolta.com%2F&rl=&if=false&ts=1727821871880&sw=1280&sh=1024&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1727821845729.370948143350466137&ler=empty&cdl=API_unavailable&it=1727821871678&coo=false&eid=1727821870461.1&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: event-source, trigger, not-navigation-sourceReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-perf.8417c6bba72228fa2e29.js HTTP/1.1Host: script.hotjar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /uct?v=1&sid=HzbbJ_HfNrjwq0&t=1&abv=&r=https%3A%2F%2Fwww.clubavolta.com%2F&cb=1727821872032 HTTP/1.1Host: uct.service.usercentrics.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /tr/?id=1083686203427969&ev=PageView&dl=https%3A%2F%2Fwww.clubavolta.com%2F&rl=&if=false&ts=1727821871880&sw=1280&sh=1024&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1727821845729.370948143350466137&ler=empty&cdl=API_unavailable&it=1727821871678&coo=false&eid=1727821870461.1&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=1083686203427969&ev=PageView&dl=https%3A%2F%2Fwww.clubavolta.com%2F&rl=&if=false&ts=1727821871880&sw=1280&sh=1024&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1727821845729.370948143350466137&ler=empty&cdl=API_unavailable&it=1727821871678&coo=false&eid=1727821870461.1&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /browser-perf.8417c6bba72228fa2e29.js HTTP/1.1Host: script.hotjar.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /store/apps/details?id=com.red.by.dufry&referrer=utm_source%3Dqr_code%26utm_term%3Dqr_club_avolta HTTP/1.1Host: play.google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /tLVHSC4PFS8AZkpJWbM46DCiYc0I-_OioAWjqV5SWQG6V6_LPjD6DOkzltPoMYThDQ=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /lxDbqqH766bE3aPIwwUr-DFhsNKGIJA1Rx0OB_r9LLVJMZxD-3AEiGoxuTp-SidXVPw=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /omBtrZ77xDmXqqXdXeWZdX-ps--25N1g1vpDytsQr_4QPM4HPyq8esp3u8vsYewjKw=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /o-j0jyhbPrcSJxaJmNN5boNrzKtZlnH80lSdIqLA9Cnf9W7J8jpCatIcoD5pzLXpipw=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /sE-PHdtHVnf4m2KCIYhrBAEHAK8h4Je42fALuNnnn1PM2u-jvglAjF6Ym5EPOjIthIWZ=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /jOLY-gMJzVbU704YeE4dF47hZjPUb9PpmaB_m4lZ8xxg__4ALjZFbMrwYxf3a-ja00sq=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /Cr6AVuSC6oGZpp8dqD37GBO_GcjUa966qT-xxxr9h5kgigWJshvtTNmx_6ubT465dw=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /RMZU_SO-M0emCMqSCl5gSZIY80HOg8AZ5q0PDAySJnRhnnsiK9QrHdwsA86Itm8tXccE=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /hI1s7qTJM-EJ3oYSvhsOYK9RJ1TvDbOU14pYNTEAuGSg-B9wmOxteYX7tq6H0KOCqeY=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /EC60lY-UdGmviBltXjBIubEF8M_lR64q0w9BJTsJNyf4--Mj0iliRNF7E4u_4jLOT8_1=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /6i185PgJNAU-ZUePvd1LIg_CLQ9WHEsh9_e4a9PLJ_oEP_bJTuaS7HRaJqKryTBUnfc=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ykZ3St_aWBhf6qrpsaiHaUd5MEo-LhKQvhcKX_Gp3BdjOZASnnkSRtrNXDBQYdwMKQ=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /lxDbqqH766bE3aPIwwUr-DFhsNKGIJA1Rx0OB_r9LLVJMZxD-3AEiGoxuTp-SidXVPw=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /tLVHSC4PFS8AZkpJWbM46DCiYc0I-_OioAWjqV5SWQG6V6_LPjD6DOkzltPoMYThDQ=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /omBtrZ77xDmXqqXdXeWZdX-ps--25N1g1vpDytsQr_4QPM4HPyq8esp3u8vsYewjKw=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /sE-PHdtHVnf4m2KCIYhrBAEHAK8h4Je42fALuNnnn1PM2u-jvglAjF6Ym5EPOjIthIWZ=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /jOLY-gMJzVbU704YeE4dF47hZjPUb9PpmaB_m4lZ8xxg__4ALjZFbMrwYxf3a-ja00sq=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /o-j0jyhbPrcSJxaJmNN5boNrzKtZlnH80lSdIqLA9Cnf9W7J8jpCatIcoD5pzLXpipw=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ckwBhiyhlf5UO65vRrusC8P4eSB1_Fxg_ytngyslwdR3_cIcQQYfXJvCLl_YgTOq74E=w240-h480-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /IciOnDFecb5Xt50Q2jlcNC0LPI7LEGxNojroo-s3AozcyS-vDCwtq4fn7u3wZmRna8OewG9PBrWC-i7i=w48-h16-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /16jyLuo17qCHNouFuSS7_8z3xs01rvTGug4vD8LWoYh7gexLAghFR-eAYESN9xaO8Q=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /NpfL8T_0YHFHMIkHDKOIMCjrlyDTdWPl6CguTo6I9YIcw7xelXcif3dVtuxuM8QK6Pg=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /Cr6AVuSC6oGZpp8dqD37GBO_GcjUa966qT-xxxr9h5kgigWJshvtTNmx_6ubT465dw=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /RMZU_SO-M0emCMqSCl5gSZIY80HOg8AZ5q0PDAySJnRhnnsiK9QrHdwsA86Itm8tXccE=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /hI1s7qTJM-EJ3oYSvhsOYK9RJ1TvDbOU14pYNTEAuGSg-B9wmOxteYX7tq6H0KOCqeY=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /EC60lY-UdGmviBltXjBIubEF8M_lR64q0w9BJTsJNyf4--Mj0iliRNF7E4u_4jLOT8_1=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /6i185PgJNAU-ZUePvd1LIg_CLQ9WHEsh9_e4a9PLJ_oEP_bJTuaS7HRaJqKryTBUnfc=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ykZ3St_aWBhf6qrpsaiHaUd5MEo-LhKQvhcKX_Gp3BdjOZASnnkSRtrNXDBQYdwMKQ=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /6r5RsvvGNrhD2WE-Qb4GQuOQ4tPCpiNOW0UAm-9j4nWQI4sXBeEbLpatYJlXJ9pQXQ=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /a-/ALV-UjUd-Iv_M0aNcrTkKe3wcUCKF8nNan8suZmdlcaDZABPWCa9x1o_=s32-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /IciOnDFecb5Xt50Q2jlcNC0LPI7LEGxNojroo-s3AozcyS-vDCwtq4fn7u3wZmRna8OewG9PBrWC-i7i=w48-h16-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ckwBhiyhlf5UO65vRrusC8P4eSB1_Fxg_ytngyslwdR3_cIcQQYfXJvCLl_YgTOq74E=w240-h480-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /NpfL8T_0YHFHMIkHDKOIMCjrlyDTdWPl6CguTo6I9YIcw7xelXcif3dVtuxuM8QK6Pg=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /16jyLuo17qCHNouFuSS7_8z3xs01rvTGug4vD8LWoYh7gexLAghFR-eAYESN9xaO8Q=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /EGemoI2NTXmTsBVtJqk8jxF9rh8ApRWfsIMQSt2uE4OcpQqbFu7f7NbTK05lx80nuSijCz7sc3a277R67g=s32-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /a-/ALV-UjUUpuY8V-xDIZRz9E4NjtQjINdQHEuLsSc7_aI5ENXVgc9gD_37=s32-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /6r5RsvvGNrhD2WE-Qb4GQuOQ4tPCpiNOW0UAm-9j4nWQI4sXBeEbLpatYJlXJ9pQXQ=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /a-/ALV-UjUd-Iv_M0aNcrTkKe3wcUCKF8nNan8suZmdlcaDZABPWCa9x1o_=s32-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /EGemoI2NTXmTsBVtJqk8jxF9rh8ApRWfsIMQSt2uE4OcpQqbFu7f7NbTK05lx80nuSijCz7sc3a277R67g=s32-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /a-/ALV-UjUUpuY8V-xDIZRz9E4NjtQjINdQHEuLsSc7_aI5ENXVgc9gD_37=s32-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rest/v1/delivery?client=dufryinternationalag&sessionId=e1a79bc7aed84d718af2d0d2f725ca04&version=2.3.2 HTTP/1.1Host: dufryinternationalag.tt.omtrdc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /recaptcha/api.js?trustedtypes=true&render=6LcA2tEZAAAAAJj7FTYTF9cZ4NL3ShgBCBfkWov0 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=518=Ii0zwBql871ZqM5BGhIAoQlndE6zWS0tA9NTc565ATOntwpO2_BmvYxFOS3AOK30xrIzkpQnpAbXOt2vQzc7GV9lmVwavnWS4u6FUB5b1pNViRqbok13Xa18lZxhJf1hUoiyX1H9VMFDrEHzjkqTPwvVsRibB-c97GKeWPkyiIS7qeL2cw
Source: global traffic HTTP traffic detected: GET /recaptcha/api.js?trustedtypes=true&render=6LcA2tEZAAAAAJj7FTYTF9cZ4NL3ShgBCBfkWov0 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=518=Ii0zwBql871ZqM5BGhIAoQlndE6zWS0tA9NTc565ATOntwpO2_BmvYxFOS3AOK30xrIzkpQnpAbXOt2vQzc7GV9lmVwavnWS4u6FUB5b1pNViRqbok13Xa18lZxhJf1hUoiyX1H9VMFDrEHzjkqTPwvVsRibB-c97GKeWPkyiIS7qeL2cw
Source: global traffic HTTP traffic detected: GET /tools/feedback/chat_load.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=518=Ii0zwBql871ZqM5BGhIAoQlndE6zWS0tA9NTc565ATOntwpO2_BmvYxFOS3AOK30xrIzkpQnpAbXOt2vQzc7GV9lmVwavnWS4u6FUB5b1pNViRqbok13Xa18lZxhJf1hUoiyX1H9VMFDrEHzjkqTPwvVsRibB-c97GKeWPkyiIS7qeL2cw
Source: global traffic HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6LcA2tEZAAAAAJj7FTYTF9cZ4NL3ShgBCBfkWov0&co=aHR0cHM6Ly9wbGF5Lmdvb2dsZS5jb206NDQz&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=g4t3o2qgwq68 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-wow64: ?0sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=518=Ii0zwBql871ZqM5BGhIAoQlndE6zWS0tA9NTc565ATOntwpO2_BmvYxFOS3AOK30xrIzkpQnpAbXOt2vQzc7GV9lmVwavnWS4u6FUB5b1pNViRqbok13Xa18lZxhJf1hUoiyX1H9VMFDrEHzjkqTPwvVsRibB-c97GKeWPkyiIS7qeL2cw
Source: global traffic HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcA2tEZAAAAAJj7FTYTF9cZ4NL3ShgBCBfkWov0&co=aHR0cHM6Ly9wbGF5Lmdvb2dsZS5jb206NDQz&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=g4t3o2qgwq68Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=518=Ii0zwBql871ZqM5BGhIAoQlndE6zWS0tA9NTc565ATOntwpO2_BmvYxFOS3AOK30xrIzkpQnpAbXOt2vQzc7GV9lmVwavnWS4u6FUB5b1pNViRqbok13Xa18lZxhJf1hUoiyX1H9VMFDrEHzjkqTPwvVsRibB-c97GKeWPkyiIS7qeL2cw
Source: global traffic HTTP traffic detected: GET /_/PlayStoreUi/browserinfo?f.sid=7843107308673158171&bl=boq_playuiserver_20240929.16_p0&hl=en-US&authuser&soc-app=121&soc-platform=1&soc-device=1&_reqid=66688&rt=j HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=518=Ii0zwBql871ZqM5BGhIAoQlndE6zWS0tA9NTc565ATOntwpO2_BmvYxFOS3AOK30xrIzkpQnpAbXOt2vQzc7GV9lmVwavnWS4u6FUB5b1pNViRqbok13Xa18lZxhJf1hUoiyX1H9VMFDrEHzjkqTPwvVsRibB-c97GKeWPkyiIS7qeL2cw; _gid=GA1.3.1551784442.1727821886; _gat_UA199959031=1; _gcl_au=1.1.2072350079.1727821886; _ga_6VGGZHMLM2=GS1.1.1727821888.1.0.1727821888.0.0.0; _ga=GA1.1.1991354124.1727821886
Source: global traffic HTTP traffic detected: GET /js/bg/R24GNtugK3fmE_BLCwud5nV-o42wj8GquUoA8eJ_MhU.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcA2tEZAAAAAJj7FTYTF9cZ4NL3ShgBCBfkWov0&co=aHR0cHM6Ly9wbGF5Lmdvb2dsZS5jb206NDQz&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=g4t3o2qgwq68Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=518=Ii0zwBql871ZqM5BGhIAoQlndE6zWS0tA9NTc565ATOntwpO2_BmvYxFOS3AOK30xrIzkpQnpAbXOt2vQzc7GV9lmVwavnWS4u6FUB5b1pNViRqbok13Xa18lZxhJf1hUoiyX1H9VMFDrEHzjkqTPwvVsRibB-c97GKeWPkyiIS7qeL2cw
Source: global traffic HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=518=Ii0zwBql871ZqM5BGhIAoQlndE6zWS0tA9NTc565ATOntwpO2_BmvYxFOS3AOK30xrIzkpQnpAbXOt2vQzc7GV9lmVwavnWS4u6FUB5b1pNViRqbok13Xa18lZxhJf1hUoiyX1H9VMFDrEHzjkqTPwvVsRibB-c97GKeWPkyiIS7qeL2cw
Source: global traffic HTTP traffic detected: GET /js/bg/R24GNtugK3fmE_BLCwud5nV-o42wj8GquUoA8eJ_MhU.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=518=Ii0zwBql871ZqM5BGhIAoQlndE6zWS0tA9NTc565ATOntwpO2_BmvYxFOS3AOK30xrIzkpQnpAbXOt2vQzc7GV9lmVwavnWS4u6FUB5b1pNViRqbok13Xa18lZxhJf1hUoiyX1H9VMFDrEHzjkqTPwvVsRibB-c97GKeWPkyiIS7qeL2cw
Source: global traffic HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=4uosE+fmbce74o2&MD=KdTa2rXG HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /recaptcha/api2/reload?k=6LcA2tEZAAAAAJj7FTYTF9cZ4NL3ShgBCBfkWov0 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AGteOypetraMKznvtio4TIO0ci0zdWOAgMfT2W7QMAD26bCVulo5LGv624HW3OFMB90Dm-iFmoPeDnKl0Scupns; NID=518=Ii0zwBql871ZqM5BGhIAoQlndE6zWS0tA9NTc565ATOntwpO2_BmvYxFOS3AOK30xrIzkpQnpAbXOt2vQzc7GV9lmVwavnWS4u6FUB5b1pNViRqbok13Xa18lZxhJf1hUoiyX1H9VMFDrEHzjkqTPwvVsRibB-c97GKeWPkyiIS7qeL2cw
Source: global traffic HTTP traffic detected: GET /recaptcha/api2/clr?k=6LcA2tEZAAAAAJj7FTYTF9cZ4NL3ShgBCBfkWov0 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIkqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AGteOypetraMKznvtio4TIO0ci0zdWOAgMfT2W7QMAD26bCVulo5LGv624HW3OFMB90Dm-iFmoPeDnKl0Scupns; NID=518=Ii0zwBql871ZqM5BGhIAoQlndE6zWS0tA9NTc565ATOntwpO2_BmvYxFOS3AOK30xrIzkpQnpAbXOt2vQzc7GV9lmVwavnWS4u6FUB5b1pNViRqbok13Xa18lZxhJf1hUoiyX1H9VMFDrEHzjkqTPwvVsRibB-c97GKeWPkyiIS7qeL2cw
Source: global traffic HTTP traffic detected: GET /r/?id=h53ebcb4b,29506a5f,2988b9db&e=cDE9UkVEX0dMX0xveWFsdHlMYXVuY2hTb2x1cy1OT0NPTS1BTEwtMDExMDIwMjQtMV9YWCZwMj1kNzEwNWE1Zi00NjE3LWVmMTEtOWY4OS0wMDBkM2EyMmNlYTE&s=3la6k8joHnYuuxUmpC7F3uvS_OKadIyytIXkC1qpgwU HTTP/1.1Host: t1.global.clubavolta.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: chromecache_359.2.dr String found in binary or memory: website visitors. Whilst personal data, ie name, address are not stored. You can deactivate the use of cookies by Adserver systems by means of a cookie opt out by clicking on the link below.</p>\n<p>You can use the following link to deactivate Adserver system cookies:<a href=\"/%20http:/site.adform.com/privacy-policy/en/\"> http://site.adform.com/privacy-policy/en/</a></p>\n<ul>\n<li>Social media log in and plug ins</li>\n</ul>\n<p>On some of our websites, applications and\\or mobile solutions, we use social plugins of the social network <a href=\"http://www.facebook.com/\">www.facebook.com</a> ( equals www.facebook.com (Facebook)
Source: chromecache_359.2.dr String found in binary or memory: <a href=\"http://www.facebook.com/\">www.facebook.com</a> equals www.facebook.com (Facebook)
Source: chromecache_492.2.dr String found in binary or memory: L.getElementsByTagName("iframe"),la=P.length,na=0;na<la;na++)if(!v&&c(P[na],H.Ie)){nJ("https://www.youtube.com/iframe_api");v=!0;break}})}}else F(u.vtp_gtmOnSuccess)}var q=["www.youtube.com","www.youtube-nocookie.com"],r={UNSTARTED:-1,ENDED:0,PLAYING:1,PAUSED:2,BUFFERING:3,CUED:5},t,v=!1;Z.__ytl=n;Z.__ytl.o="ytl";Z.__ytl.isVendorTemplate=!0;Z.__ytl.priorityOverride=0;Z.__ytl.isInfrastructure=!1; equals www.youtube.com (Youtube)
Source: chromecache_252.2.dr, chromecache_492.2.dr, chromecache_527.2.dr String found in binary or memory: Math.round(q);u["gtm.videoElapsedTime"]=Math.round(f);u["gtm.videoPercent"]=r;u["gtm.videoVisible"]=t;return u},dk:function(){e=zb()},od:function(){d()}}};var gc=ja(["data-gtm-yt-inspected-"]),KC=["www.youtube.com","www.youtube-nocookie.com"],LC,MC=!1; equals www.youtube.com (Youtube)
Source: chromecache_493.2.dr String found in binary or memory: Mf=w(["https://sandbox.google.com/tools/feedback/"]),Nf=w(["https://www.google.cn/tools/feedback/"]),Of=w(["https://help.youtube.com/tools/feedback/"]),Pf=w(["https://asx-frontend-staging.corp.google.com/inapp/"]),Qf=w(["https://asx-frontend-staging.corp.google.com/tools/feedback/"]),Rf=w(["https://localhost.corp.google.com/inapp/"]),Sf=w(["https://localhost.proxy.googlers.com/inapp/"]),Tf=V(vf),Uf=[V(wf),V(xf)],Vf=[V(yf),V(zf),V(Af),V(Bf),V(Cf),V(Df),V(Ef),V(Ff),V(Gf),V(Hf)],Wf=[V(If),V(Jf)],Xf= equals www.youtube.com (Youtube)
Source: chromecache_359.2.dr String found in binary or memory: On some of our websites, applications and\\or mobile solutions, we use social plugins of the social network youtube.com or other networks found at www.google.com ( equals www.youtube.com (Youtube)
Source: chromecache_527.2.dr String found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var k=qA(a,c,e);Q(121);if(k["gtm.elementUrl"]==="https://www.facebook.com/tr/")return Q(122),!0;if(d&&f){for(var m=Kb(b,g.length),n=0;n<g.length;++n)g[n](k,m);return m.done}for(var p=0;p<g.length;++p)g[p](k,function(){});return!0},tA=function(){var a=[],b=function(c){return ob(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
Source: chromecache_527.2.dr String found in binary or memory: if(!(e||f||g||k.length||m.length))return;var p={ih:e,gh:f,hh:g,Sh:k,Th:m,Ie:n,Bb:b},q=C.YT;if(q)return q.ready&&q.ready(d),b;var r=C.onYouTubeIframeAPIReady;C.onYouTubeIframeAPIReady=function(){r&&r();d()};F(function(){for(var t=E.getElementsByTagName("script"),v=t.length,u=0;u<v;u++){var w=t[u].getAttribute("src");if(VC(w,"iframe_api")||VC(w,"player_api"))return b}for(var x=E.getElementsByTagName("iframe"),y=x.length,A=0;A<y;A++)if(!MC&&TC(x[A],p.Ie))return wc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: return a=n===l.CARD_DISPLAY_STYLES.appOfTheDay?_:n===l.CARD_DISPLAY_STYLES.gameOfTheDay?P:n===l.CARD_DISPLAY_STYLES.inAppPurchase?k:this.getTitleKey(e),this.i18n.t(a,{appName:r,storyTitle:i,_disableSafeString:!0})}getOGType(){return i.default.meta.og.type.story}getTwitterSite(){return this.appViewState.isMacAppStoreView?this.i18n.t("WEA.EditorialItemProductPages.Twitter.site.macOs",{_disableSafeString:!0}):super.getTwitterSite(...arguments)}getTwitterTitle(){return this.getOGTitle(...arguments)}getSchemaTags(e){const{product:t}=e.viewModel,r=E(t),[i]=r,n=(0,l.hasShelfDisplay)(i,"collectionLockup"),{lastPublishedDate:a}=t,o={"@type":"Organization",name:"Apple Inc",url:"http://www.apple.com",logo:{"@type":"ImageObject",url:"https://www.apple.com/ac/structured-data/images/knowledge_graph_logo.png"}},s=this.getOGImageTags(e).find((e=>"og:image"===e.name))||{},p={"@context":"http://schema.org",name:this.getSeoTitle(e)??this.getTitle(e),description:this.getSeoDescription(e)??this.getDescription(e),image:s.content,author:o,publisher:o,headline:this.getOGTitle(e),dateModified:a,datePublished:a} equals www.twitter.com (Twitter)
Source: chromecache_366.2.dr, chromecache_311.2.dr, chromecache_262.2.dr, chromecache_606.2.dr, chromecache_483.2.dr String found in binary or memory: return b}IC.F="internal.enableAutoEventOnTimer";var gc=ja(["data-gtm-yt-inspected-"]),KC=["www.youtube.com","www.youtube-nocookie.com"],LC,MC=!1; equals www.youtube.com (Youtube)
Source: chromecache_588.2.dr String found in binary or memory: return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var b=f.getFbeventsModules("signalsFBEventsGetTier"),c=d();function d(){try{if(a.trustedTypes&&a.trustedTypes.createPolicy){var b=a.trustedTypes;return b.createPolicy("facebook.com/signals/iwl",{createScriptURL:function(a){var b=new URL(a);b=b.hostname.endsWith(".facebook.com")&&b.pathname=="/signals/iwl.js";if(!b)throw new Error("Disallowed script URL");return a}})}}catch(a){}return null}e.exports=function(a,d){d=b(d);d=d==null?"www.facebook.com":"www."+d+".facebook.com";d="https://"+d+"/signals/iwl.js?pixel_id="+a;if(c!=null)return c.createScriptURL(d);else return d}})();return e.exports}(a,b,c,d)}); equals www.facebook.com (Facebook)
Source: chromecache_588.2.dr String found in binary or memory: return function(f,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=/^https:\/\/www\.([A-Za-z0-9\.]+)\.facebook\.com\/tr\/?$/,b=["https://www.facebook.com/tr","https://www.facebook.com/tr/"];e.exports=function(c){if(b.indexOf(c)!==-1)return null;var d=a.exec(c);if(d==null)throw new Error("Malformed tier: "+c);return d[1]}})();return e.exports}(a,b,c,d)}); equals www.facebook.com (Facebook)
Source: chromecache_588.2.dr String found in binary or memory: return function(f,g,h,i){var j={exports:{}};j.exports;(function(){"use strict";var a={ENDPOINT:"https://www.facebook.com/tr/",INSTAGRAM_TRIGGER_ATTRIBUTION:"https://www.instagram.com/tr/",AEM_ENDPOINT:"https://www.facebook.com/.well-known/aggregated-event-measurement/",GPS_ENDPOINT:"https://www.facebook.com/privacy_sandbox/pixel/register/trigger/",TOPICS_API_ENDPOINT:"https://www.facebook.com/privacy_sandbox/topics/registration/"};j.exports=a})();return j.exports}(a,b,c,d)}); equals www.facebook.com (Facebook)
Source: chromecache_262.2.dr, chromecache_527.2.dr String found in binary or memory: var XB=function(a,b,c,d,e){var f=Oz("fsl",c?"nv.mwt":"mwt",0),g;g=c?Oz("fsl","nv.ids",[]):Oz("fsl","ids",[]);if(!g.length)return!0;var k=Tz(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);Q(121);if(m==="https://www.facebook.com/tr/")return Q(122),!0;k["gtm.elementUrl"]=m;k["gtm.formCanceled"]=c;a.getAttribute("name")!=null&&(k["gtm.interactedFormName"]=a.getAttribute("name"));e&&(k["gtm.formSubmitElement"]=e,k["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!By(k,Dy(b, equals www.facebook.com (Facebook)
Source: chromecache_359.2.dr String found in binary or memory: we use social plugins of the social network www.Linkedin.com ( equals www.linkedin.com (Linkedin)
Source: global traffic DNS traffic detected: DNS query: t1.global.clubavolta.com
Source: global traffic DNS traffic detected: DNS query: clubavolta.com
Source: global traffic DNS traffic detected: DNS query: www.clubavolta.com
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: global traffic DNS traffic detected: DNS query: assets.adobedtm.com
Source: global traffic DNS traffic detected: DNS query: s.go-mpulse.net
Source: global traffic DNS traffic detected: DNS query: code.jquery.com
Source: global traffic DNS traffic detected: DNS query: dpm.demdex.net
Source: global traffic DNS traffic detected: DNS query: c.go-mpulse.net
Source: global traffic DNS traffic detected: DNS query: dufry.demdex.net
Source: global traffic DNS traffic detected: DNS query: app.usercentrics.eu
Source: global traffic DNS traffic detected: DNS query: static.hotjar.com
Source: global traffic DNS traffic detected: DNS query: connect.facebook.net
Source: global traffic DNS traffic detected: DNS query: cm.everesttech.net
Source: global traffic DNS traffic detected: DNS query: script.hotjar.com
Source: global traffic DNS traffic detected: DNS query: api.usercentrics.eu
Source: global traffic DNS traffic detected: DNS query: vc.hotjar.io
Source: global traffic DNS traffic detected: DNS query: www.facebook.com
Source: global traffic DNS traffic detected: DNS query: baxhwiiccjaayzx4pagq-f-d0c4e7c04-clientnsv4-s.akamaihd.net
Source: global traffic DNS traffic detected: DNS query: 02179918.akstat.io
Source: global traffic DNS traffic detected: DNS query: dufryinternationalag.tt.omtrdc.net
Source: global traffic DNS traffic detected: DNS query: aggregator.service.usercentrics.eu
Source: global traffic DNS traffic detected: DNS query: sso.clubavolta.com
Source: global traffic DNS traffic detected: DNS query: consent-api.service.consent.usercentrics.eu
Source: global traffic DNS traffic detected: DNS query: uct.service.usercentrics.eu
Source: global traffic DNS traffic detected: DNS query: pro.ip-api.com
Source: global traffic DNS traffic detected: DNS query: flagcdn.com
Source: global traffic DNS traffic detected: DNS query: baxhwiiccjaayzx4paqa-f-820db04ea-clientnsv4-s.akamaihd.net
Source: global traffic DNS traffic detected: DNS query: 684dd311.akstat.io
Source: global traffic DNS traffic detected: DNS query: baxhwiiccjaayzx4paxq-f-f2510733c-clientnsv4-s.akamaihd.net
Source: global traffic DNS traffic detected: DNS query: 02179915.akstat.io
Source: global traffic DNS traffic detected: DNS query: qr.clubavolta.com
Source: global traffic DNS traffic detected: DNS query: play.google.com
Source: global traffic DNS traffic detected: DNS query: play-lh.googleusercontent.com
Source: global traffic DNS traffic detected: DNS query: is1-ssl.mzstatic.com
Source: global traffic DNS traffic detected: DNS query: is2-ssl.mzstatic.com
Source: global traffic DNS traffic detected: DNS query: is5-ssl.mzstatic.com
Source: global traffic DNS traffic detected: DNS query: is4-ssl.mzstatic.com
Source: global traffic DNS traffic detected: DNS query: is3-ssl.mzstatic.com
Source: unknown HTTP traffic detected: POST /rest/v1/delivery?client=dufryinternationalag&sessionId=e1a79bc7aed84d718af2d0d2f725ca04&version=2.3.2 HTTP/1.1Host: dufryinternationalag.tt.omtrdc.netConnection: keep-aliveContent-Length: 1513sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: text/plainAccept: */*Origin: https://www.clubavolta.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.clubavolta.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: chromecache_448.2.dr String found in binary or memory: http://127.0.0.1:$
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: http://bugs.jquery.com/ticket/12359
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: http://bugs.jquery.com/ticket/13378
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: http://dev.w3.org/csswg/cssom/#resolved-values
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript
Source: chromecache_387.2.dr, chromecache_398.2.dr String found in binary or memory: http://git.io/yBU2rg
Source: chromecache_278.2.dr String found in binary or memory: http://jedwatson.github.io/classnames
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: http://jquery.com/
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: http://jquery.org/license
Source: chromecache_443.2.dr, chromecache_287.2.dr, chromecache_560.2.dr String found in binary or memory: http://jqueryui.com
Source: chromecache_443.2.dr String found in binary or memory: http://jqueryui.com/themeroller/?bgShadowXPos=&bgOverlayXPos=&bgErrorXPos=&bgHighlightXPos=&bgConten
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: http://jsperf.com/getall-vs-sizzle/2
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: http://jsperf.com/thor-indexof-vs-for/5
Source: chromecache_493.2.dr String found in binary or memory: http://localhost.corp.google.com/inapp/
Source: chromecache_493.2.dr String found in binary or memory: http://localhost.proxy.googlers.com/inapp/
Source: chromecache_495.2.dr String found in binary or memory: http://manos.malihu.gr/jquery-custom-content-scroller
Source: chromecache_347.2.dr, chromecache_267.2.dr String found in binary or memory: http://materializecss.com)
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: http://reportaproblem.apple.com
Source: chromecache_430.2.dr String found in binary or memory: http://schema.org
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: http://schema.org/ItemListOrderAscending
Source: chromecache_359.2.dr String found in binary or memory: http://site.adform.com/privacy-policy/en/
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: http://sizzlejs.com/
Source: chromecache_459.2.dr, chromecache_314.2.dr String found in binary or memory: http://support.google.com/googleplay?p=report_review_computer
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: http://web.archive.org/web/20100324014747/http://blindsignals.com/index.php/2009/07/jquery-delay/
Source: chromecache_359.2.dr String found in binary or memory: http://www.allaboutcookies.org
Source: chromecache_359.2.dr String found in binary or memory: http://www.allaboutcookies.org/
Source: chromecache_436.2.dr, chromecache_459.2.dr, chromecache_452.2.dr, chromecache_314.2.dr String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: http://www.apple.com
Source: chromecache_436.2.dr String found in binary or memory: http://www.ecma-international.org/ecma-262/5.1/#sec-C
Source: chromecache_359.2.dr String found in binary or memory: http://www.google.com/intl/en_uk/analytics/tos.html
Source: chromecache_359.2.dr String found in binary or memory: http://www.redbydufry.com
Source: chromecache_492.2.dr String found in binary or memory: https://ad.doubleclick.net
Source: chromecache_366.2.dr, chromecache_252.2.dr, chromecache_492.2.dr String found in binary or memory: https://ade.googlesyndication.com
Source: chromecache_483.2.dr String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_284.2.dr String found in binary or memory: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: https://amp-api-search-edge.apps.apple.com/v1/catalog/$
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: https://amp-api.books.apple.com/
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: https://amp.apple.com
Source: chromecache_417.2.dr String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: https://api.books.apple.com/
Source: chromecache_326.2.dr, chromecache_307.2.dr String found in binary or memory: https://apis.google.com/js/api.js
Source: chromecache_493.2.dr String found in binary or memory: https://apis.google.com/js/client.js
Source: chromecache_262.2.dr, chromecache_606.2.dr String found in binary or memory: https://app.usercentrics.eu/browser-ui/latest/loader.js
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: https://apps.apple.com
Source: chromecache_430.2.dr String found in binary or memory: https://apps.apple.com/
Source: chromecache_430.2.dr String found in binary or memory: https://apps.apple.com/$
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: https://apps.apple.com/story/id1538632801
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: https://apps.apple.com/story/id1539235847
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: https://apps.apple.com/story/id1604959672
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: https://apps.apple.com/us/app/apple-podcasts/id525463029
Source: chromecache_284.2.dr String found in binary or memory: https://assets.adobedtm.com/31339f9326f3/e6bbf611b75f/launch-ENaf3fff48ad204db9aade144b2c043fee.min.
Source: chromecache_381.2.dr, chromecache_321.2.dr String found in binary or memory: https://assets.adobedtm.com/launch-ENaf3fff48ad204db9aade144b2c043fee.js
Source: chromecache_493.2.dr String found in binary or memory: https://asx-frontend-autopush.corp.google.co.uk/inapp/
Source: chromecache_493.2.dr String found in binary or memory: https://asx-frontend-autopush.corp.google.co.uk/tools/feedback/
Source: chromecache_493.2.dr String found in binary or memory: https://asx-frontend-autopush.corp.google.com/inapp/
Source: chromecache_493.2.dr String found in binary or memory: https://asx-frontend-autopush.corp.google.com/tools/feedback/
Source: chromecache_493.2.dr String found in binary or memory: https://asx-frontend-autopush.corp.google.de/inapp/
Source: chromecache_493.2.dr String found in binary or memory: https://asx-frontend-autopush.corp.google.de/tools/feedback/
Source: chromecache_493.2.dr String found in binary or memory: https://asx-frontend-autopush.corp.youtube.com/inapp/
Source: chromecache_493.2.dr String found in binary or memory: https://asx-frontend-autopush.corp.youtube.com/tools/feedback/
Source: chromecache_493.2.dr String found in binary or memory: https://asx-frontend-staging.corp.google.com/inapp/
Source: chromecache_493.2.dr String found in binary or memory: https://asx-frontend-staging.corp.google.com/tools/feedback/
Source: chromecache_493.2.dr String found in binary or memory: https://asx-help-frontend-autopush.corp.youtube.com/inapp/
Source: chromecache_493.2.dr String found in binary or memory: https://asx-help-frontend-autopush.corp.youtube.com/tools/feedback/
Source: chromecache_284.2.dr String found in binary or memory: https://avolta-go.euwest01.umbraco.io/de/home
Source: chromecache_284.2.dr String found in binary or memory: https://avolta-go.euwest01.umbraco.io/es/inicio
Source: chromecache_284.2.dr String found in binary or memory: https://avolta-go.euwest01.umbraco.io/es_ar/home
Source: chromecache_284.2.dr String found in binary or memory: https://avolta-go.euwest01.umbraco.io/fi/home
Source: chromecache_284.2.dr String found in binary or memory: https://avolta-go.euwest01.umbraco.io/fr/home
Source: chromecache_284.2.dr String found in binary or memory: https://avolta-go.euwest01.umbraco.io/gr/home
Source: chromecache_284.2.dr String found in binary or memory: https://avolta-go.euwest01.umbraco.io/home
Source: chromecache_284.2.dr String found in binary or memory: https://avolta-go.euwest01.umbraco.io/it/home
Source: chromecache_284.2.dr String found in binary or memory: https://avolta-go.euwest01.umbraco.io/ko/home
Source: chromecache_284.2.dr String found in binary or memory: https://avolta-go.euwest01.umbraco.io/pt/home
Source: chromecache_284.2.dr String found in binary or memory: https://avolta-go.euwest01.umbraco.io/ru/home
Source: chromecache_284.2.dr String found in binary or memory: https://avolta-go.euwest01.umbraco.io/sv/home
Source: chromecache_284.2.dr String found in binary or memory: https://avolta-go.euwest01.umbraco.io/zh/home
Source: chromecache_284.2.dr String found in binary or memory: https://avolta-go.euwest01.umbraco.io/zh_tw/home
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=136851
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=29084
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=491668
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=649285
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=687787
Source: chromecache_386.2.dr String found in binary or memory: https://buy.music.apple.com/account/v1/affiliation/association
Source: chromecache_386.2.dr String found in binary or memory: https://buy.tv.apple.com/account/v1/affiliation/association
Source: chromecache_366.2.dr, chromecache_311.2.dr, chromecache_252.2.dr, chromecache_262.2.dr, chromecache_606.2.dr, chromecache_492.2.dr, chromecache_527.2.dr, chromecache_483.2.dr String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_297.2.dr, chromecache_294.2.dr String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_297.2.dr, chromecache_294.2.dr String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=229280
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=378607
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=449857
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=470258
Source: chromecache_284.2.dr String found in binary or memory: https://code.jquery.com/jquery-2.2.4.js
Source: chromecache_588.2.dr String found in binary or memory: https://connect.facebook.net/
Source: chromecache_588.2.dr String found in binary or memory: https://connect.facebook.net/log/fbevents_telemetry/
Source: chromecache_387.2.dr, chromecache_398.2.dr String found in binary or memory: https://deprecations.emberjs.com/v1.x/#toc_binding-style-attributes.
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: https://developer.mozilla.org/en-US/docs/CSS/display
Source: chromecache_297.2.dr, chromecache_294.2.dr String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_297.2.dr, chromecache_294.2.dr String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_297.2.dr, chromecache_294.2.dr String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_359.2.dr String found in binary or memory: https://ec.europa.eu/info/strategy/justice-and-fundamental-rights/data-protection/data-transfers-out
Source: chromecache_493.2.dr String found in binary or memory: https://feedback-pa.clients6.google.com
Source: chromecache_493.2.dr String found in binary or memory: https://feedback.googleusercontent.com/resources/annotator.css
Source: chromecache_493.2.dr String found in binary or memory: https://feedback.googleusercontent.com/resources/render_frame2.html
Source: chromecache_493.2.dr String found in binary or memory: https://feedback2-test.corp.google.com/inapp/%
Source: chromecache_493.2.dr String found in binary or memory: https://feedback2-test.corp.google.com/tools/feedback/%
Source: chromecache_493.2.dr String found in binary or memory: https://feedback2-test.corp.googleusercontent.com/inapp/%
Source: chromecache_493.2.dr String found in binary or memory: https://feedback2-test.corp.googleusercontent.com/tools/feedback/%
Source: chromecache_470.2.dr String found in binary or memory: https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2)
Source: chromecache_470.2.dr String found in binary or memory: https://fonts.gstatic.com/s/materialiconsoutlined/v109/gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff
Source: chromecache_386.2.dr String found in binary or memory: https://git.io/fjule
Source: chromecache_386.2.dr String found in binary or memory: https://git.io/fxCyr
Source: chromecache_436.2.dr String found in binary or memory: https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
Source: chromecache_522.2.dr String found in binary or memory: https://github.com/jackocnr/intl-tel-input.git
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: https://github.com/jquery/jquery/pull/557)
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: https://github.com/jquery/jquery/pull/764
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: https://github.com/jquery/sizzle/pull/225
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
Source: chromecache_492.2.dr String found in binary or memory: https://google.com
Source: chromecache_492.2.dr String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_493.2.dr String found in binary or memory: https://gstatic.com/uservoice/surveys/resources/
Source: chromecache_493.2.dr String found in binary or memory: https://help.youtube.com/tools/feedback/
Source: chromecache_463.2.dr, chromecache_571.2.dr String found in binary or memory: https://html.spec.whatwg.org/#strip-and-collapse-whitespace
Source: chromecache_284.2.dr String found in binary or memory: https://images.clubavolta.com/media/hlei1tzc/home-header-banner-desktop.png?width=1200&amp;height=62
Source: chromecache_284.2.dr String found in binary or memory: https://images.clubavolta.com/media/hlei1tzc/home-header-banner-desktop.png?width=1200&amp;height=63
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: https://itunes.apple.com$
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: https://itunes.apple.com/WebObjects/MZStore.woa/wa/viewFeature?id=1476734846&mt=11
Source: chromecache_430.2.dr String found in binary or memory: https://itunes.apple.com/WebObjects/MZStore.woa/wa/viewTop?cc=
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: https://itunes.apple.com/WebObjects/MZStore.woa/wa/viewTop?genreId=38&mt=11
Source: chromecache_386.2.dr String found in binary or memory: https://itunes.apple.com/WebObjects/MZStoreServices.woa/wa/processRedirectUrl
Source: chromecache_586.2.dr, chromecache_575.2.dr, chromecache_322.2.dr, chromecache_302.2.dr, chromecache_556.2.dr, chromecache_407.2.dr String found in binary or memory: https://js-cdn.music.apple.com/musickit/v1/acknowledgements.txt
Source: chromecache_386.2.dr String found in binary or memory: https://js-cdn.music.apple.com/musickit/v2/media-api
Source: chromecache_493.2.dr String found in binary or memory: https://localhost.corp.google.com/inapp/
Source: chromecache_493.2.dr String found in binary or memory: https://localhost.proxy.googlers.com/inapp/
Source: chromecache_476.2.dr, chromecache_459.2.dr, chromecache_314.2.dr String found in binary or memory: https://maps.google.com/?q=
Source: chromecache_351.2.dr, chromecache_547.2.dr String found in binary or memory: https://myaccount.google.com/termsofservice
Source: chromecache_483.2.dr String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_366.2.dr, chromecache_311.2.dr, chromecache_252.2.dr, chromecache_262.2.dr, chromecache_606.2.dr, chromecache_492.2.dr, chromecache_527.2.dr, chromecache_483.2.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_448.2.dr String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js?rk=1
Source: chromecache_448.2.dr String found in binary or memory: https://payments.sandbox.google.com/payments/v4/js/integrator.js?rk=1
Source: chromecache_459.2.dr, chromecache_314.2.dr String found in binary or memory: https://play.google.com
Source: chromecache_448.2.dr String found in binary or memory: https://play.google.com/
Source: chromecache_314.2.dr String found in binary or memory: https://play.google.com/about/comment-posting-policy/
Source: chromecache_476.2.dr, chromecache_459.2.dr, chromecache_314.2.dr String found in binary or memory: https://play.google.com/about/comment-posting-policy?hl=
Source: chromecache_459.2.dr, chromecache_314.2.dr String found in binary or memory: https://play.google.com/about/play-terms/index.html
Source: chromecache_476.2.dr String found in binary or memory: https://play.google.com/about/play-terms/index.html;target;_blank;class;cOP9Jc
Source: chromecache_476.2.dr, chromecache_459.2.dr, chromecache_314.2.dr String found in binary or memory: https://play.google.com/googleplaygames
Source: chromecache_476.2.dr String found in binary or memory: https://play.google.com/googleplaygames;target;_blank;class;cOP9Jc
Source: chromecache_476.2.dr, chromecache_459.2.dr, chromecache_314.2.dr String found in binary or memory: https://play.google.com/intl/all_
Source: chromecache_314.2.dr String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: https://play.google.com/store/apps/details?id=com.apple.android.music&referrer=utm_source=$
Source: chromecache_476.2.dr, chromecache_351.2.dr, chromecache_459.2.dr, chromecache_547.2.dr, chromecache_314.2.dr String found in binary or memory: https://policies.google.com/privacy
Source: chromecache_459.2.dr, chromecache_314.2.dr String found in binary or memory: https://policies.google.com/terms
Source: chromecache_476.2.dr String found in binary or memory: https://policies.google.com/terms;target;_blank;class;cOP9Jc
Source: chromecache_278.2.dr String found in binary or memory: https://preactjs.com
Source: chromecache_284.2.dr String found in binary or memory: https://qr.clubavolta.com/downloadandroid
Source: chromecache_284.2.dr String found in binary or memory: https://qr.clubavolta.com/downloadapple
Source: chromecache_387.2.dr, chromecache_398.2.dr String found in binary or memory: https://raw.github.com/emberjs/ember.js/master/LICENSE
Source: chromecache_347.2.dr, chromecache_267.2.dr String found in binary or memory: https://raw.githubusercontent.com/Dogfalo/materialize/master/LICENSE)
Source: chromecache_294.2.dr String found in binary or memory: https://recaptcha.net
Source: chromecache_359.2.dr String found in binary or memory: https://redbydufry.com/umbraco/%20http:/site.adform.com/privacy-policy/en/
Source: chromecache_284.2.dr String found in binary or memory: https://s.go-mpulse.net/boomerang/
Source: chromecache_284.2.dr String found in binary or memory: https://s2.go-mpulse.net/boomerang/
Source: chromecache_493.2.dr String found in binary or memory: https://sandbox.google.com/inapp/
Source: chromecache_493.2.dr String found in binary or memory: https://sandbox.google.com/inapp/%
Source: chromecache_493.2.dr String found in binary or memory: https://sandbox.google.com/tools/feedback/
Source: chromecache_493.2.dr String found in binary or memory: https://sandbox.google.com/tools/feedback/%
Source: chromecache_476.2.dr String found in binary or memory: https://schema.org
Source: chromecache_476.2.dr String found in binary or memory: https://schema.org/InStock
Source: chromecache_476.2.dr, chromecache_459.2.dr, chromecache_314.2.dr String found in binary or memory: https://schema.org/Offer
Source: chromecache_476.2.dr String found in binary or memory: https://schema.org/PreOrder
Source: chromecache_493.2.dr String found in binary or memory: https://scone-pa.clients6.google.com
Source: chromecache_259.2.dr, chromecache_275.2.dr String found in binary or memory: https://ssl.gstatic.com/support/realtime/operator/
Source: chromecache_284.2.dr String found in binary or memory: https://sso.clubavolta.com/register?source=ctOnline-scAvolta_website&lang=en
Source: chromecache_359.2.dr String found in binary or memory: https://sso.dufry.com/detailedTerms?country=68281cb0-6ef7-e611-8100-5065f38bf4f1&amp;language=en&amp
Source: chromecache_284.2.dr String found in binary or memory: https://sso.dufry.com/register?source=ctOnline-scAvolta_website-coGBR-arLGW#
Source: chromecache_493.2.dr String found in binary or memory: https://stagingqual-feedback-pa-googleapis.sandbox.google.com
Source: chromecache_606.2.dr String found in binary or memory: https://static.hotjar.com/c/hotjar-
Source: chromecache_311.2.dr, chromecache_527.2.dr, chromecache_483.2.dr String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_417.2.dr String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_430.2.dr String found in binary or memory: https://support.apple.com/
Source: chromecache_459.2.dr, chromecache_314.2.dr String found in binary or memory: https://support.google.com
Source: chromecache_493.2.dr, chromecache_259.2.dr, chromecache_275.2.dr String found in binary or memory: https://support.google.com/
Source: chromecache_448.2.dr String found in binary or memory: https://support.google.com/googleplay/?p=remote_install_error
Source: chromecache_476.2.dr String found in binary or memory: https://support.google.com/googleplay/?p=report_content
Source: chromecache_476.2.dr, chromecache_459.2.dr, chromecache_314.2.dr String found in binary or memory: https://support.google.com/googleplay/answer/10066529
Source: chromecache_448.2.dr String found in binary or memory: https://support.google.com/googleplay/answer/6014972
Source: chromecache_476.2.dr String found in binary or memory: https://support.google.com/googleplay?p=eligibility_requirements
Source: chromecache_493.2.dr String found in binary or memory: https://support.google.com/inapp/
Source: chromecache_493.2.dr String found in binary or memory: https://support.google.com/inapp/%
Source: chromecache_294.2.dr String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_297.2.dr, chromecache_294.2.dr String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_297.2.dr, chromecache_294.2.dr String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_297.2.dr, chromecache_294.2.dr String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_469.2.dr, chromecache_538.2.dr String found in binary or memory: https://swiperjs.com
Source: chromecache_417.2.dr String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_366.2.dr, chromecache_311.2.dr, chromecache_252.2.dr, chromecache_262.2.dr, chromecache_606.2.dr, chromecache_492.2.dr, chromecache_527.2.dr, chromecache_483.2.dr String found in binary or memory: https://td.doubleclick.net
Source: chromecache_493.2.dr String found in binary or memory: https://test-scone-pa-googleapis.sandbox.google.com
Source: chromecache_448.2.dr String found in binary or memory: https://tokenized.play.google.com
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: https://tv.apple.com/search?q=
Source: chromecache_326.2.dr, chromecache_307.2.dr String found in binary or memory: https://uberproxy-pen-redirect.corp.google.com/uberproxy/pen?url=
Source: chromecache_452.2.dr String found in binary or memory: https://use.typekit.net
Source: chromecache_262.2.dr, chromecache_606.2.dr String found in binary or memory: https://web.cmp.usercentrics.eu/tcf/stub.js
Source: chromecache_262.2.dr, chromecache_606.2.dr String found in binary or memory: https://web.cmp.usercentrics.eu/ui/loader.js
Source: chromecache_413.2.dr String found in binary or memory: https://www.akamai.com/us/en/multimedia/documents/akamai/akamai-privacy-statement.pdf
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: https://www.apple.com
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: https://www.apple.com/
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: https://www.apple.com/ac/structured-data/images/knowledge_graph_logo.png
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: https://www.apple.com/apple-books/
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: https://www.apple.com/apple-vision-pro/
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: https://www.apple.com/ios/app-store/
Source: chromecache_445.2.dr, chromecache_430.2.dr String found in binary or memory: https://www.apple.com/osx/apps/app-store/
Source: chromecache_262.2.dr, chromecache_459.2.dr, chromecache_314.2.dr String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_417.2.dr String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_417.2.dr String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_417.2.dr String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_493.2.dr String found in binary or memory: https://www.google.cn/tools/feedback/
Source: chromecache_493.2.dr String found in binary or memory: https://www.google.cn/tools/feedback/%
Source: chromecache_483.2.dr String found in binary or memory: https://www.google.com
Source: chromecache_417.2.dr String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_326.2.dr, chromecache_307.2.dr String found in binary or memory: https://www.google.com/log?format=json&hasfast=true
Source: chromecache_459.2.dr, chromecache_314.2.dr String found in binary or memory: https://www.google.com/recaptcha/api.js?trustedtypes=true&render=$
Source: chromecache_297.2.dr, chromecache_424.2.dr, chromecache_604.2.dr, chromecache_294.2.dr String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_493.2.dr, chromecache_259.2.dr, chromecache_275.2.dr String found in binary or memory: https://www.google.com/tools/feedback
Source: chromecache_493.2.dr String found in binary or memory: https://www.google.com/tools/feedback/
Source: chromecache_493.2.dr String found in binary or memory: https://www.google.com/tools/feedback/%
Source: chromecache_493.2.dr String found in binary or memory: https://www.google.com/tools/feedback/help_panel_binary.js
Source: chromecache_492.2.dr, chromecache_527.2.dr, chromecache_483.2.dr String found in binary or memory: https://www.googleadservices.com
Source: chromecache_483.2.dr String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_252.2.dr, chromecache_492.2.dr String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_366.2.dr, chromecache_252.2.dr, chromecache_492.2.dr String found in binary or memory: https://www.googletagmanager.com/dclk/ns/v1.js
Source: chromecache_417.2.dr String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_284.2.dr String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: chromecache_459.2.dr, chromecache_314.2.dr String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=$
Source: chromecache_284.2.dr String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-WCCFZQZV
Source: chromecache_252.2.dr, chromecache_492.2.dr String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: chromecache_297.2.dr, chromecache_294.2.dr String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__.
Source: chromecache_448.2.dr String found in binary or memory: https://www.gstatic.com/android/market_images/web/reviews_not_found.png
Source: chromecache_459.2.dr, chromecache_314.2.dr String found in binary or memory: https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Source: chromecache_524.2.dr, chromecache_330.2.dr, chromecache_424.2.dr, chromecache_604.2.dr String found in binary or memory: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js
Source: chromecache_275.2.dr String found in binary or memory: https://www.gstatic.com/uservoice/feedback/client/web/
Source: chromecache_493.2.dr String found in binary or memory: https://www.gstatic.com/uservoice/surveys/resources/
Source: chromecache_311.2.dr, chromecache_527.2.dr, chromecache_483.2.dr String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_252.2.dr, chromecache_492.2.dr, chromecache_527.2.dr String found in binary or memory: https://www.youtube.com/iframe_api
Source: chromecache_410.2.dr, chromecache_397.2.dr String found in binary or memory: https://xp-qa.apple.com
Source: chromecache_410.2.dr, chromecache_397.2.dr String found in binary or memory: https://xp.apple.com
Source: chromecache_432.2.dr String found in binary or memory: https://xp.apple.com/config/1/report
Source: chromecache_386.2.dr String found in binary or memory: https://xp.apple.com/register
Source: chromecache_444.2.dr, chromecache_412.2.dr, chromecache_432.2.dr, chromecache_422.2.dr String found in binary or memory: https://xp.apple.com/report
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50058
Source: unknown Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50022 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50068 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50045 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown Network traffic detected: HTTP traffic on port 50085 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown Network traffic detected: HTTP traffic on port 49996 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49967 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50064
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50069
Source: unknown Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50068
Source: unknown Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50070
Source: unknown Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50073
Source: unknown Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50015 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50076
Source: unknown Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50078
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50199
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50077
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50081
Source: unknown Network traffic detected: HTTP traffic on port 50073 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50080
Source: unknown Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50085
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50017 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50016
Source: unknown Network traffic detected: HTTP traffic on port 50078 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50015
Source: unknown Network traffic detected: HTTP traffic on port 50049 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50026 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49980 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50025
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50026
Source: unknown Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50000 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49957 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50021 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown Network traffic detected: HTTP traffic on port 49995 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50033
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50035
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50037
Source: unknown Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49940 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50005 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50041
Source: unknown Network traffic detected: HTTP traffic on port 49979 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49993
Source: unknown Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown Network traffic detected: HTTP traffic on port 50033 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50043
Source: unknown Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50045
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50049
Source: unknown Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50027 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49962 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50199 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown Network traffic detected: HTTP traffic on port 49970 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50007 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50018 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50077 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50025 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50076 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50112
Source: unknown Network traffic detected: HTTP traffic on port 50001 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49992 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50043 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50007
Source: unknown Network traffic detected: HTTP traffic on port 50037 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50006
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50008
Source: unknown Network traffic detected: HTTP traffic on port 49969 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49994 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50001
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50000
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50003
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50005
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50004
Source: unknown Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49997 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49940
Source: unknown Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50112 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50003 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49965 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown Network traffic detected: HTTP traffic on port 50081 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50064 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50035 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50008 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49971 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50070 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49936 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50019 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49982 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49937 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50041 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50058 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49959 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown Network traffic detected: HTTP traffic on port 49993 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50069 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49888 -> 443
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49725 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49734 version: TLS 1.2
Source: unknown HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.5:49798 version: TLS 1.2
Source: unknown HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.5:50077 version: TLS 1.2
Source: classification engine Classification label: clean2.win@27/583@126/33
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps Jump to behavior
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 --field-trial-handle=2228,i,17088524281545059899,5827349335017680097,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://t1.global.clubavolta.com/r/?id=h53ebcb4b,29506a5f,2988b9db&e=cDE9UkVEX0dMX0xveWFsdHlMYXVuY2hTb2x1cy1OT0NPTS1BTEwtMDExMDIwMjQtMV9YWCZwMj1kNzEwNWE1Zi00NjE3LWVmMTEtOWY4OS0wMDBkM2EyMmNlYTE&s=3la6k8joHnYuuxUmpC7F3uvS_OKadIyytIXkC1qpgwU"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 --field-trial-handle=2228,i,17088524281545059899,5827349335017680097,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Google Drive.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window Recorder Window detected: More than 3 window changes detected
Stores files to the Windows start menu directory
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk Jump to behavior
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1523728 URL: http://t1.global.clubavolta... Startdate: 02/10/2024 Architecture: WINDOWS Score: 2 5 chrome.exe 9 2->5         started        8 chrome.exe 2->8         started        dnsIp3 13 192.168.2.5, 443, 49186, 49431 unknown unknown 5->13 15 192.168.2.6 unknown unknown 5->15 17 239.255.255.250 unknown Reserved 5->17 10 chrome.exe 5->10         started        process4 dnsIp5 19 pro.ip-api.com 51.195.5.58, 443, 49875 OVHFR France 10->19 21 51.77.64.70, 443, 49888 OVHFR France 10->21 23 60 other IPs or domains 10->23
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
18.66.102.53
 unknown United States
3 MIT-GATEWAYSUS false
52.19.26.215
 unknown United States
16509 AMAZON-02US false
13.32.27.54
 unknown United States
7018 ATT-INTERNET4US false
18.66.112.15
 vc-live-cf.hotjar.io United States
3 MIT-GATEWAYSUS false
104.21.31.228
 flagcdn.com United States
13335 CLOUDFLARENETUS false
142.250.185.182
 play-lh.googleusercontent.com United States
15169 GOOGLEUS false
66.235.152.221
 unknown United States
15224 OMNITUREUS false
51.77.64.70
 unknown France
16276 OVHFR false
34.120.28.121
 aggregator.service.usercentrics.eu United States
15169 GOOGLEUS false
142.250.184.196
 www.google.com United States
15169 GOOGLEUS false
157.240.0.35
 unknown United States
32934 FACEBOOKUS false
34.95.108.180
 uct.service.usercentrics.eu United States
15169 GOOGLEUS false
216.58.206.86
 unknown United States
15169 GOOGLEUS false
35.190.14.188
 app.usercentrics.eu United States
15169 GOOGLEUS false
239.255.255.250
 unknown Reserved
unknown unknown false
66.235.152.156
 adobetarget.data.adobedc.net United States
15224 OMNITUREUS false
172.217.23.100
 unknown United States
15169 GOOGLEUS false
35.201.111.240
 consent-api.service.consent.usercentrics.eu United States
15169 GOOGLEUS false
18.66.102.51
 static-cdn.hotjar.com United States
3 MIT-GATEWAYSUS false
142.250.181.238
 play.google.com United States
15169 GOOGLEUS false
35.241.3.184
 api.usercentrics.eu United States
15169 GOOGLEUS false
151.101.194.137
 code.jquery.com United States
54113 FASTLYUS false
13.32.27.21
 script.hotjar.com United States
7018 ATT-INTERNET4US false
34.251.58.245
 dufry-mkt-prod1-yruh3-1226087420.eu-west-1.elb.amazonaws.com United States
16509 AMAZON-02US false
51.195.5.58
 pro.ip-api.com France
16276 OVHFR false
151.101.2.137
 unknown United States
54113 FASTLYUS false
18.202.109.49
 dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com United States
16509 AMAZON-02US false
142.250.185.174
 unknown United States
15169 GOOGLEUS false
34.248.147.230
 unknown United States
16509 AMAZON-02US false
157.240.253.1
 scontent.xx.fbcdn.net United States
32934 FACEBOOKUS false
157.240.251.35
 star-mini.c10r.facebook.com United States
32934 FACEBOOKUS false

Private

IP
192.168.2.6
192.168.2.5

Contacted Domains

Name IP Active
api.usercentrics.eu 35.241.3.184 true
star-mini.c10r.facebook.com 157.240.251.35 true
flagcdn.com 104.21.31.228 true
clubavolta.com 2.18.64.27 true
app.usercentrics.eu 35.190.14.188 true
vc-live-cf.hotjar.io 18.66.112.15 true
adobetarget.data.adobedc.net 66.235.152.156 true
scontent.xx.fbcdn.net 157.240.253.1 true
aggregator.service.usercentrics.eu 34.120.28.121 true
code.jquery.com 151.101.194.137 true
script.hotjar.com 13.32.27.21 true
play.google.com 142.250.181.238 true
uct.service.usercentrics.eu 34.95.108.180 true
consent-api.service.consent.usercentrics.eu 35.201.111.240 true
pro.ip-api.com 51.195.5.58 true
play-lh.googleusercontent.com 142.250.185.182 true
dufry-mkt-prod1-yruh3-1226087420.eu-west-1.elb.amazonaws.com 34.251.58.245 true
www.google.com 142.250.184.196 true
dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com 18.202.109.49 true
static-cdn.hotjar.com 18.66.102.51 true
02179918.akstat.io unknown unknown
is2-ssl.mzstatic.com unknown unknown
dufryinternationalag.tt.omtrdc.net unknown unknown
s.go-mpulse.net unknown unknown
sso.clubavolta.com unknown unknown
cm.everesttech.net unknown unknown
vc.hotjar.io unknown unknown
baxhwiiccjaayzx4pagq-f-d0c4e7c04-clientnsv4-s.akamaihd.net unknown unknown
qr.clubavolta.com unknown unknown
is3-ssl.mzstatic.com unknown unknown
static.hotjar.com unknown unknown
dpm.demdex.net unknown unknown
t1.global.clubavolta.com unknown unknown
www.facebook.com unknown unknown
assets.adobedtm.com unknown unknown
is4-ssl.mzstatic.com unknown unknown
connect.facebook.net unknown unknown
baxhwiiccjaayzx4paqa-f-820db04ea-clientnsv4-s.akamaihd.net unknown unknown
www.clubavolta.com unknown unknown
is1-ssl.mzstatic.com unknown unknown
baxhwiiccjaayzx4paxq-f-f2510733c-clientnsv4-s.akamaihd.net unknown unknown
is5-ssl.mzstatic.com unknown unknown
684dd311.akstat.io unknown unknown
c.go-mpulse.net unknown unknown
02179915.akstat.io unknown unknown
dufry.demdex.net unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1083686203427969&ev=PageView&dl=https%3A%2F%2Fwww.clubavolta.com%2Fhome%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DRED_GL_LoyaltyLaunchSolus-NOCOM-ALL-01102024-1_XX%26utm_term%3Dd7105a5f-4617-ef11-9f89-000d3a22cea1&rl=&if=false&ts=1727821845731&sw=1280&sh=1024&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1727821845729.370948143350466137&ler=empty&cdl=API_unavailable&it=1727821843201&coo=false&eid=1727821836972.1&rqm=FGET false
    		unknown
    https://dufryinternationalag.tt.omtrdc.net/rest/v1/delivery?client=dufryinternationalag&sessionId=e1a79bc7aed84d718af2d0d2f725ca04&version=2.3.2 false
      		unknown
      https://consent-api.service.consent.usercentrics.eu/consent/uw/3 false
        		unknown
        https://app.usercentrics.eu/browser-ui/3.55.0/VirtualServiceItem-d95151cb.js false
          		unknown
          https://flagcdn.com/w20/us.png false
            		unknown
            https://app.usercentrics.eu/session/1px.png?settingsId=HzbbJ_HfNrjwq0 false
              		unknown
              https://app.usercentrics.eu/browser-ui/3.55.0/FirstLayerCustomization-de8ec6f3-0ed66d66.js false
                		unknown
                https://play.google.com/store/apps/details?id=com.red.by.dufry&referrer=utm_source%3Dqr_code%26utm_term%3Dqr_club_avolta false
                  		unknown
                  https://play-lh.googleusercontent.com/jOLY-gMJzVbU704YeE4dF47hZjPUb9PpmaB_m4lZ8xxg__4ALjZFbMrwYxf3a-ja00sq=w526-h296-rw false
                    		unknown
                    https://app.usercentrics.eu/browser-ui/3.55.0/index-4d0d6d10.js false
                      		unknown
                      https://play-lh.googleusercontent.com/NpfL8T_0YHFHMIkHDKOIMCjrlyDTdWPl6CguTo6I9YIcw7xelXcif3dVtuxuM8QK6Pg=w526-h296-rw false
                        		unknown
                        https://dufry.demdex.net/dest5.html?d_nsid=0 false
                          		unknown
                          https://play-lh.googleusercontent.com/6i185PgJNAU-ZUePvd1LIg_CLQ9WHEsh9_e4a9PLJ_oEP_bJTuaS7HRaJqKryTBUnfc=w526-h296-rw false
                            		unknown
                            https://play-lh.googleusercontent.com/12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw false
                              		unknown
                              https://uct.service.usercentrics.eu/uct?v=1&sid=HzbbJ_HfNrjwq0&t=1&abv=&r=https%3A%2F%2Fwww.clubavolta.com%2F&cb=1727821872032 false
                                		unknown
                                https://vc.hotjar.io/sessions/5148378?s=0.25&r=0.04937675594369639 false
                                  		unknown
                                  https://app.usercentrics.eu/browser-ui/3.55.0/ButtonsCustomization-5698ac85-5d43b15f.js false
                                    		unknown
                                    https://app.usercentrics.eu/browser-ui/latest/loader.js false
                                      		unknown
                                      https://play-lh.googleusercontent.com/lxDbqqH766bE3aPIwwUr-DFhsNKGIJA1Rx0OB_r9LLVJMZxD-3AEiGoxuTp-SidXVPw=w526-h296-rw false
                                        		unknown
                                        https://app.usercentrics.eu/browser-ui/3.55.0/DefaultData-fa10cf7f-3d7db9aa.js false
                                          		unknown
                                          https://play-lh.googleusercontent.com/a-/ALV-UjUd-Iv_M0aNcrTkKe3wcUCKF8nNan8suZmdlcaDZABPWCa9x1o_=s32-rw false
                                            		unknown
                                            https://www.facebook.com/tr/?id=1083686203427969&ev=PageView&dl=https%3A%2F%2Fsso.clubavolta.com%2Fregister%3Fsource%3DctOnline-scAvolta_website%26lang%3Den&rl=&if=false&ts=1727821864606&sw=1280&sh=1024&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1727821845729.370948143350466137&ler=empty&cdl=API_unavailable&it=1727821862525&coo=false&eid=1727821860232.1&rqm=GET false
                                              		unknown
                                              https://play-lh.googleusercontent.com/Cr6AVuSC6oGZpp8dqD37GBO_GcjUa966qT-xxxr9h5kgigWJshvtTNmx_6ubT465dw=w526-h296-rw false
                                                		unknown
                                                https://app.usercentrics.eu/browser-ui/3.55.0/index-3ff76a26.js false
                                                  		unknown
                                                  https://api.usercentrics.eu/settings/HzbbJ_HfNrjwq0/latest/en.json false
                                                    		unknown
                                                    https://play.google.com/_/PlayStoreUi/cspreport/fine-allowlist false
                                                      		unknown
                                                      https://www.google.com/tools/feedback/chat_load.js false
                                                        		unknown
                                                        https://www.google.com/js/bg/R24GNtugK3fmE_BLCwud5nV-o42wj8GquUoA8eJ_MhU.js false
                                                          		unknown
                                                          https://app.usercentrics.eu/browser-ui/3.55.0/PrivacyButton-62ab6c78.js false
                                                            		unknown
                                                            https://play-lh.googleusercontent.com/ckwBhiyhlf5UO65vRrusC8P4eSB1_Fxg_ytngyslwdR3_cIcQQYfXJvCLl_YgTOq74E=w240-h480-rw false
                                                              		unknown
                                                              https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1083686203427969&ev=PageView&dl=https%3A%2F%2Fsso.clubavolta.com%2Fregister%3Fsource%3DctOnline-scAvolta_website%26lang%3Den&rl=&if=false&ts=1727821864606&sw=1280&sh=1024&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1727821845729.370948143350466137&ler=empty&cdl=API_unavailable&it=1727821862525&coo=false&eid=1727821860232.1&rqm=FGET false
                                                                		unknown
                                                                https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js false
                                                                  		unknown