Windows Analysis Report
FA-EDI-2409-0280.pdf

Overview

General Information

Sample name: FA-EDI-2409-0280.pdf
Analysis ID: 1525475
MD5: 8d65098e335bdc5e3b5ab43f42e0c69b
SHA1: 03f1c56e1696a97edf59439dba262105c739554d
SHA256: 6a3208e585f53c1ada70aa5abaf89e6b6ebef375caa61217c187c8f79ffb969b
Infos:

Detection

Score: 25
Range: 0 - 100
Whitelisted: false
Confidence: 60%

Signatures

HTML page contains obfuscated javascript
Connects to several IPs in different countries
Detected hidden input values containing email addresses (often used in phishing pages)
Detected suspicious crossdomain redirect
Found iframes
HTML body contains low number of good links
HTML page contains hidden javascript code
IP address seen in connection with other malware
Invalid T&C link found
JA3 SSL client fingerprint seen in connection with other malware
No HTML title found
PDF has an OpenAction (likely to launch a dropper script)

Classification

Phishing
barindex
HTML page contains obfuscated javascript
Source: https://www.paypal.com/auth/createchallenge/3a869b42ba0a1ff4/recaptchav3.js?_sessionID=iFqzQFFdcmLfwTx6rDoFtO0kv5hDi8ND HTTP Parser: function _0x361d(_0x157068,_0x15f901){var _0x21ef89=_0x273d();return _0x361d=function(_0x5c4028,_0x3
Detected hidden input values containing email addresses (often used in phishing pages)
Source: https://tcpdf.org/ HTTP Parser: paypal@tecnick.com
Found iframes
Source: https://tecnick.com/ HTTP Parser: Iframe src: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html#aHR0cHM6Ly9kY2xrLW1hdGNoLmRvdG9taS5jb20vbWF0Y2gvYm91bmNlL2N1cnJlbnQ_bmV0d29ya0lkPTE0MDAwJnZlcnNpb249MSZnb29nbGVfZ2lkPUNBRVNFSzU0ZVlONUxQS1RQSW9iT2g2LUgtQSZnb29nbGVfY3Zlcj0xJmdvb2dsZV9wdXNoPUFYY29PbVQ2d0Y5Zkx6aml2eHRENFExYW8tSWtvZFpxdXVCN0xFOUpqU29wa3dOTW1XbHRWNVBoX0RTRjdkRkJlQnRQbmg0aE1DNVJ4andjRmRtOFptZ0IxeGp6WjJMMmxPRkVjUmM=,aHR0cHM6Ly9hLnRyaWJhbGZ1c2lvbi5jb20vaS5tYXRjaD9wPWI2JnU9Q0FFU0VDTlIwclJiTVBPajRwbUpPZWJSX2swJmdvb2dsZV9jdmVyPTEmZ29vZ2xlX3B1c2g9QVhjb09tUTQ1RF9OdmU1b0hFdm1MN0pGQ1EzejhQbDFOZ1RuWUZVazJMT21wcjBYblV3alJFWVNHd1RLTVZIVjZ5X0hJY3ByXzRkM0RpUzQzbWFqYWtKNjE1VnR4Ry1tcjRxakROMCZyZWRpcmVjdD1odHRwcyUzQS8vY20uZy5kb3VibGVjbGljay5uZXQvcGl4ZWwlM0Znb29nbGVfbmlkJTNEZXhwJTI2Z29vZ2xlX3B1c2glM0RBWGNvT21RNDVEX052ZTVvSEV2bUw3SkZDUTN6OFBsMU5nVG5ZRlVrMkxPbXByMFhuVXdqUkVZU0d3VEtNVkhWNnlfSEljcHJfNGQzRGlTNDNtYWpha0o2MTVWdHhHLW1yNHFqRE4wJTI2Z29vZ2xlX3VsYSUzRDI3ODY5NTQlMjZnb29nbGVfaG0lM0QlMjRURl9VU0VSX0lEX0VOQyUyNA==,aHR0cHM6Ly9kaXMuY3JpdGVvLmNvbS9kaXMvdXNlcnN5bmMuYXNweD9yPTQmcD0xNCZjcD1nb29nbGUmY3U9MSZ1cmw9aHR0cHMlM0ElMkYlMkZjbS5nLmRvdWJsZWNsaWNrLm5ldCUyRnBpeGVsJTNGZ29vZ2xlX25pZCUzRGNqcCUyNmdvb2dsZV9obSUzRCU0MCU0MENSSVRFT19VU0VSSUQlNDAlNDAlMjZnb29nbGVfcHVzaCUzREFYY29PbVNoWmhmQzQtTjNLSWIydERlcVJsZnNjMk9CaEdnYThPTVpHdXZDRk5GMVBTMEpLY3Z0Y2F6eEpWMEdvOG0xcUk0RFY4VnlSc1lXYU5razN6VUNzS0I1TjJDa0VDUzNxUSZnb29nbGVfZ2lkPUNBRVNFS0tVZlpvakEyUFdUUHNyeE4zN2hycyZnb29nbGVfY3Zlcj0x,aHR0cHM6Ly9jMS5hZGZvcm0ubmV0L3NlcnZpbmcvY29va2llL21hdGNoLz9wYXJ0eT0xJmdvb2dsZV9naWQ9Q0FFU0VKU255REthc0YzM1FodU5SY2d1bXBrJmdvb2dsZV9jdmVyPTEmZ29vZ2xlX3B1c2g9QVhjb09tVDJOZG1ISVdXd1JvUnhXMVZ1dzdreHYtWF80ZUc3UEV2UTdOelRIMTd2ZzhtZkUyei1EazJsXzZSQVZ6SGh6SUpDVFgwbnZqNlJzWE5LU05WdDl0UndnNWh3d1RaUmZB,aHR0cHM6Ly9vbmV0YWctc3lzLmNvbS9tYXRjaC8_aW50X2lkPTE5JnJlZGlyPTEmZ29vZ2xlX2dpZD1DQUVTRUdLSUUyZzBSWHhXRC1xc3ZINFBfS1UmZ29vZ2xlX2N2ZXI9MSZnb29nbGVfcHVzaD1BWGNvT21SRXlER1pyRjU4c05ZSmc0dEVXWmtiYXI2YS1DSXM2S0d2aEhwQjBYT3FkWVZ4bVRkQloyR01RWmhwSlU4WDR6VkZvamk2LUhWaVAtVjEwa1QySWExZ2N2YWpfNDhxR1Bn,aHR0cHM6Ly9zeW5jLWRtcC5hdXJhLWRzcC5jb20vbWF0Y2gvZ29vZ2xlP2dvb2dsZV9naWQ9Q0FFU0VHM1gzZ0lQeDFhMVllSUVtVkhlSDdNJmdvb2dsZV9jdmVyPTEmZ29vZ2xlX3B1c2g9QVhjb09tUkR1TGRyWXR2dkd6QU5QXzVnLXlUM0xvU2xVSVNCV3Bib1VDUzFYbHhNTjZMVEVpNVhvbWRXLVF1WWZla2cySkFVX1JUZlhPS1AwM0Nua3YzN1A4V3JKYUJvWk91Rk9mdVo=,aHR0cHM6Ly9ndy1pYWQtYmlkLnltbW9iaS5jb20vYWR4L3VzZXIvY29va2llX3N5bj9wdWJpZD1aMjl2WjJ4bFlXUjQmZ29vZ2xlX2dpZD1DQUVTRUdDRnY0LWJhTklwY0pzMzdpWHg1bTAmZ29vZ2xlX2N2ZXI9MSZnb29nbGVfcHVzaD1BWGNvT21RNzhwN3RPQUZvdmU3Z3FKZ21QZXh4LUV4dXZUY0dRbm9wOUVqNVV3Nk1ZR2hkdnJ2Vl9sd1NjbG9udDZ5bGZRZDlHU214cHVGLXlWRXo1cGRZdXhHQW5oYThLUW9Falh0SA==,aHR0cHM6Ly9jbS5nLmRvdWJsZWNsaWNrLm5ldC9waXhlbC9hdHRyP2Q9QUhORjEzTHRZUlBNVGc3NFVhN3dtdWx4cEhHX3gyRC04bEdlMkRSZlZkekoxdWtnVGZncHpwamlUWDNTNS1tOXBZaU43anVvWVFKRTZoNA==
Source: https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[Campaigns]GDN-Competitors-Customers-US&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-NJ3VGL8
Source: https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[Campaigns]GDN-Competitors-Customers-US&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE HTTP Parser: Iframe src: https://checkmk.com/cf-bc-handler.html
Source: https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[Campaigns]GDN-Competitors-Customers-US&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-NJ3VGL8
Source: https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[Campaigns]GDN-Competitors-Customers-US&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE HTTP Parser: Iframe src: https://checkmk.com/cf-bc-handler.html
Source: https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[Campaigns]GDN-Competitors-Customers-US&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-NJ3VGL8
Source: https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[Campaigns]GDN-Competitors-Customers-US&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE HTTP Parser: Iframe src: https://checkmk.com/cf-bc-handler.html
Source: https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[Campaigns]GDN-Competitors-Customers-US&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-NJ3VGL8
Source: https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[Campaigns]GDN-Competitors-Customers-US&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE HTTP Parser: Iframe src: https://checkmk.com/cf-bc-handler.html
Source: https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[Campaigns]GDN-Competitors-Customers-US&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-NJ3VGL8
Source: https://tecnick.com/#google_vignette HTTP Parser: Iframe src: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html#aHR0cHM6Ly9kY2xrLW1hdGNoLmRvdG9taS5jb20vbWF0Y2gvYm91bmNlL2N1cnJlbnQ_bmV0d29ya0lkPTE0MDAwJnZlcnNpb249MSZnb29nbGVfZ2lkPUNBRVNFSzU0ZVlONUxQS1RQSW9iT2g2LUgtQSZnb29nbGVfY3Zlcj0xJmdvb2dsZV9wdXNoPUFYY29PbVQ2d0Y5Zkx6aml2eHRENFExYW8tSWtvZFpxdXVCN0xFOUpqU29wa3dOTW1XbHRWNVBoX0RTRjdkRkJlQnRQbmg0aE1DNVJ4andjRmRtOFptZ0IxeGp6WjJMMmxPRkVjUmM=,aHR0cHM6Ly9hLnRyaWJhbGZ1c2lvbi5jb20vaS5tYXRjaD9wPWI2JnU9Q0FFU0VDTlIwclJiTVBPajRwbUpPZWJSX2swJmdvb2dsZV9jdmVyPTEmZ29vZ2xlX3B1c2g9QVhjb09tUTQ1RF9OdmU1b0hFdm1MN0pGQ1EzejhQbDFOZ1RuWUZVazJMT21wcjBYblV3alJFWVNHd1RLTVZIVjZ5X0hJY3ByXzRkM0RpUzQzbWFqYWtKNjE1VnR4Ry1tcjRxakROMCZyZWRpcmVjdD1odHRwcyUzQS8vY20uZy5kb3VibGVjbGljay5uZXQvcGl4ZWwlM0Znb29nbGVfbmlkJTNEZXhwJTI2Z29vZ2xlX3B1c2glM0RBWGNvT21RNDVEX052ZTVvSEV2bUw3SkZDUTN6OFBsMU5nVG5ZRlVrMkxPbXByMFhuVXdqUkVZU0d3VEtNVkhWNnlfSEljcHJfNGQzRGlTNDNtYWpha0o2MTVWdHhHLW1yNHFqRE4wJTI2Z29vZ2xlX3VsYSUzRDI3ODY5NTQlMjZnb29nbGVfaG0lM0QlMjRURl9VU0VSX0lEX0VOQyUyNA==,aHR0cHM6Ly9kaXMuY3JpdGVvLmNvbS9kaXMvdXNlcnN5bmMuYXNweD9yPTQmcD0xNCZjcD1nb29nbGUmY3U9MSZ1cmw9aHR0cHMlM0ElMkYlMkZjbS5nLmRvdWJsZWNsaWNrLm5ldCUyRnBpeGVsJTNGZ29vZ2xlX25pZCUzRGNqcCUyNmdvb2dsZV9obSUzRCU0MCU0MENSSVRFT19VU0VSSUQlNDAlNDAlMjZnb29nbGVfcHVzaCUzREFYY29PbVNoWmhmQzQtTjNLSWIydERlcVJsZnNjMk9CaEdnYThPTVpHdXZDRk5GMVBTMEpLY3Z0Y2F6eEpWMEdvOG0xcUk0RFY4VnlSc1lXYU5razN6VUNzS0I1TjJDa0VDUzNxUSZnb29nbGVfZ2lkPUNBRVNFS0tVZlpvakEyUFdUUHNyeE4zN2hycyZnb29nbGVfY3Zlcj0x,aHR0cHM6Ly9jMS5hZGZvcm0ubmV0L3NlcnZpbmcvY29va2llL21hdGNoLz9wYXJ0eT0xJmdvb2dsZV9naWQ9Q0FFU0VKU255REthc0YzM1FodU5SY2d1bXBrJmdvb2dsZV9jdmVyPTEmZ29vZ2xlX3B1c2g9QVhjb09tVDJOZG1ISVdXd1JvUnhXMVZ1dzdreHYtWF80ZUc3UEV2UTdOelRIMTd2ZzhtZkUyei1EazJsXzZSQVZ6SGh6SUpDVFgwbnZqNlJzWE5LU05WdDl0UndnNWh3d1RaUmZB,aHR0cHM6Ly9vbmV0YWctc3lzLmNvbS9tYXRjaC8_aW50X2lkPTE5JnJlZGlyPTEmZ29vZ2xlX2dpZD1DQUVTRUdLSUUyZzBSWHhXRC1xc3ZINFBfS1UmZ29vZ2xlX2N2ZXI9MSZnb29nbGVfcHVzaD1BWGNvT21SRXlER1pyRjU4c05ZSmc0dEVXWmtiYXI2YS1DSXM2S0d2aEhwQjBYT3FkWVZ4bVRkQloyR01RWmhwSlU4WDR6VkZvamk2LUhWaVAtVjEwa1QySWExZ2N2YWpfNDhxR1Bn,aHR0cHM6Ly9zeW5jLWRtcC5hdXJhLWRzcC5jb20vbWF0Y2gvZ29vZ2xlP2dvb2dsZV9naWQ9Q0FFU0VHM1gzZ0lQeDFhMVllSUVtVkhlSDdNJmdvb2dsZV9jdmVyPTEmZ29vZ2xlX3B1c2g9QVhjb09tUkR1TGRyWXR2dkd6QU5QXzVnLXlUM0xvU2xVSVNCV3Bib1VDUzFYbHhNTjZMVEVpNVhvbWRXLVF1WWZla2cySkFVX1JUZlhPS1AwM0Nua3YzN1A4V3JKYUJvWk91Rk9mdVo=,aHR0cHM6Ly9ndy1pYWQtYmlkLnltbW9iaS5jb20vYWR4L3VzZXIvY29va2llX3N5bj9wdWJpZD1aMjl2WjJ4bFlXUjQmZ29vZ2xlX2dpZD1DQUVTRUdDRnY0LWJhTklwY0pzMzdpWHg1bTAmZ29vZ2xlX2N2ZXI9MSZnb29nbGVfcHVzaD1BWGNvT21RNzhwN3RPQUZvdmU3Z3FKZ21QZXh4LUV4dXZUY0dRbm9wOUVqNVV3Nk1ZR2hkdnJ2Vl9sd1NjbG9udDZ5bGZRZDlHU214cHVGLXlWRXo1cGRZdXhHQW5oYThLUW9Falh0SA==,aHR0cHM6Ly9jbS5nLmRvdWJsZWNsaWNrLm5ldC9waXhlbC9hdHRyP2Q9QUhORjEzTHRZUlBNVGc3NFVhN3dtdWx4cEhHX3gyRC04bEdlMkRSZlZkekoxdWtnVGZncHpwamlUWDNTNS1tOXBZaU43anVvWVFKRTZoNA==
Source: https://tecnick.com/#google_vignette HTTP Parser: Iframe src: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html#aHR0cHM6Ly9kY2xrLW1hdGNoLmRvdG9taS5jb20vbWF0Y2gvYm91bmNlL2N1cnJlbnQ_bmV0d29ya0lkPTE0MDAwJnZlcnNpb249MSZnb29nbGVfZ2lkPUNBRVNFSzU0ZVlONUxQS1RQSW9iT2g2LUgtQSZnb29nbGVfY3Zlcj0xJmdvb2dsZV9wdXNoPUFYY29PbVQ2d0Y5Zkx6aml2eHRENFExYW8tSWtvZFpxdXVCN0xFOUpqU29wa3dOTW1XbHRWNVBoX0RTRjdkRkJlQnRQbmg0aE1DNVJ4andjRmRtOFptZ0IxeGp6WjJMMmxPRkVjUmM=,aHR0cHM6Ly9hLnRyaWJhbGZ1c2lvbi5jb20vaS5tYXRjaD9wPWI2JnU9Q0FFU0VDTlIwclJiTVBPajRwbUpPZWJSX2swJmdvb2dsZV9jdmVyPTEmZ29vZ2xlX3B1c2g9QVhjb09tUTQ1RF9OdmU1b0hFdm1MN0pGQ1EzejhQbDFOZ1RuWUZVazJMT21wcjBYblV3alJFWVNHd1RLTVZIVjZ5X0hJY3ByXzRkM0RpUzQzbWFqYWtKNjE1VnR4Ry1tcjRxakROMCZyZWRpcmVjdD1odHRwcyUzQS8vY20uZy5kb3VibGVjbGljay5uZXQvcGl4ZWwlM0Znb29nbGVfbmlkJTNEZXhwJTI2Z29vZ2xlX3B1c2glM0RBWGNvT21RNDVEX052ZTVvSEV2bUw3SkZDUTN6OFBsMU5nVG5ZRlVrMkxPbXByMFhuVXdqUkVZU0d3VEtNVkhWNnlfSEljcHJfNGQzRGlTNDNtYWpha0o2MTVWdHhHLW1yNHFqRE4wJTI2Z29vZ2xlX3VsYSUzRDI3ODY5NTQlMjZnb29nbGVfaG0lM0QlMjRURl9VU0VSX0lEX0VOQyUyNA==,aHR0cHM6Ly9kaXMuY3JpdGVvLmNvbS9kaXMvdXNlcnN5bmMuYXNweD9yPTQmcD0xNCZjcD1nb29nbGUmY3U9MSZ1cmw9aHR0cHMlM0ElMkYlMkZjbS5nLmRvdWJsZWNsaWNrLm5ldCUyRnBpeGVsJTNGZ29vZ2xlX25pZCUzRGNqcCUyNmdvb2dsZV9obSUzRCU0MCU0MENSSVRFT19VU0VSSUQlNDAlNDAlMjZnb29nbGVfcHVzaCUzREFYY29PbVNoWmhmQzQtTjNLSWIydERlcVJsZnNjMk9CaEdnYThPTVpHdXZDRk5GMVBTMEpLY3Z0Y2F6eEpWMEdvOG0xcUk0RFY4VnlSc1lXYU5razN6VUNzS0I1TjJDa0VDUzNxUSZnb29nbGVfZ2lkPUNBRVNFS0tVZlpvakEyUFdUUHNyeE4zN2hycyZnb29nbGVfY3Zlcj0x,aHR0cHM6Ly9jMS5hZGZvcm0ubmV0L3NlcnZpbmcvY29va2llL21hdGNoLz9wYXJ0eT0xJmdvb2dsZV9naWQ9Q0FFU0VKU255REthc0YzM1FodU5SY2d1bXBrJmdvb2dsZV9jdmVyPTEmZ29vZ2xlX3B1c2g9QVhjb09tVDJOZG1ISVdXd1JvUnhXMVZ1dzdreHYtWF80ZUc3UEV2UTdOelRIMTd2ZzhtZkUyei1EazJsXzZSQVZ6SGh6SUpDVFgwbnZqNlJzWE5LU05WdDl0UndnNWh3d1RaUmZB,aHR0cHM6Ly9vbmV0YWctc3lzLmNvbS9tYXRjaC8_aW50X2lkPTE5JnJlZGlyPTEmZ29vZ2xlX2dpZD1DQUVTRUdLSUUyZzBSWHhXRC1xc3ZINFBfS1UmZ29vZ2xlX2N2ZXI9MSZnb29nbGVfcHVzaD1BWGNvT21SRXlER1pyRjU4c05ZSmc0dEVXWmtiYXI2YS1DSXM2S0d2aEhwQjBYT3FkWVZ4bVRkQloyR01RWmhwSlU4WDR6VkZvamk2LUhWaVAtVjEwa1QySWExZ2N2YWpfNDhxR1Bn,aHR0cHM6Ly9zeW5jLWRtcC5hdXJhLWRzcC5jb20vbWF0Y2gvZ29vZ2xlP2dvb2dsZV9naWQ9Q0FFU0VHM1gzZ0lQeDFhMVllSUVtVkhlSDdNJmdvb2dsZV9jdmVyPTEmZ29vZ2xlX3B1c2g9QVhjb09tUkR1TGRyWXR2dkd6QU5QXzVnLXlUM0xvU2xVSVNCV3Bib1VDUzFYbHhNTjZMVEVpNVhvbWRXLVF1WWZla2cySkFVX1JUZlhPS1AwM0Nua3YzN1A4V3JKYUJvWk91Rk9mdVo=,aHR0cHM6Ly9ndy1pYWQtYmlkLnltbW9iaS5jb20vYWR4L3VzZXIvY29va2llX3N5bj9wdWJpZD1aMjl2WjJ4bFlXUjQmZ29vZ2xlX2dpZD1DQUVTRUdDRnY0LWJhTklwY0pzMzdpWHg1bTAmZ29vZ2xlX2N2ZXI9MSZnb29nbGVfcHVzaD1BWGNvT21RNzhwN3RPQUZvdmU3Z3FKZ21QZXh4LUV4dXZUY0dRbm9wOUVqNVV3Nk1ZR2hkdnJ2Vl9sd1NjbG9udDZ5bGZRZDlHU214cHVGLXlWRXo1cGRZdXhHQW5oYThLUW9Falh0SA==,aHR0cHM6Ly9jbS5nLmRvdWJsZWNsaWNrLm5ldC9waXhlbC9hdHRyP2Q9QUhORjEzTHRZUlBNVGc3NFVhN3dtdWx4cEhHX3gyRC04bEdlMkRSZlZkekoxdWtnVGZncHpwamlUWDNTNS1tOXBZaU43anVvWVFKRTZoNA==
HTML body contains low number of good links
Source: https://tecnick.com/ HTTP Parser: Number of links: 0
Source: https://tecnick.com/#google_vignette HTTP Parser: Number of links: 0
HTML page contains hidden javascript code
Source: https://tcpdf.org/ HTTP Parser: Base64 decoded: [null,null,null,3]
Invalid T&C link found
Source: https://tecnick.com/ HTTP Parser: Invalid link: privacy policy
Source: https://tecnick.com/ HTTP Parser: Invalid link: privacy policy
Source: https://tecnick.com/#google_vignette HTTP Parser: Invalid link: privacy policy
Source: https://tecnick.com/#google_vignette HTTP Parser: Invalid link: privacy policy
Source: https://tecnick.com/#google_vignette HTTP Parser: Invalid link: privacy policy
Source: https://tecnick.com/#google_vignette HTTP Parser: Invalid link: privacy policy
No HTML title found
Source: https://tecnick.com/ HTTP Parser: HTML title missing
Source: https://tecnick.com/#google_vignette HTTP Parser: HTML title missing
Source: https://tecnick.com/#google_vignette HTTP Parser: HTML title missing
Source: https://tcpdf.org/ HTTP Parser: No favicon
Source: https://tcpdf.org/ HTTP Parser: No favicon
Source: https://tcpdf.org/ HTTP Parser: No favicon
Source: https://tcpdf.org/ HTTP Parser: No favicon
Source: https://tcpdf.org/ HTTP Parser: No favicon
Source: https://tcpdf.org/examples/ HTTP Parser: No favicon
Source: https://tcpdf.org/examples/ HTTP Parser: No favicon
Source: https://tcpdf.org/examples/ HTTP Parser: No favicon
Source: https://tcpdf.org/examples/ HTTP Parser: No favicon
Source: https://tcpdf.org/examples/ HTTP Parser: No favicon
Source: https://tcpdf.org/examples/ HTTP Parser: No favicon
Source: https://tcpdf.org/#google_vignette HTTP Parser: No favicon
Source: https://tcpdf.org/#google_vignette HTTP Parser: No favicon
Source: https://www.paypal.com/donate/?cmd=_donations&currency_code=GBP&business=paypal@tecnick.com&item_name=donation%20for%20tc-lib-pdf%20project HTTP Parser: No favicon
Source: https://www.paypal.com/donate/?cmd=_donations&currency_code=GBP&business=paypal@tecnick.com&item_name=donation%20for%20tc-lib-pdf%20project HTTP Parser: No favicon
Source: https://www.paypal.com/donate/?cmd=_donations&currency_code=GBP&business=paypal@tecnick.com&item_name=donation%20for%20tc-lib-pdf%20project HTTP Parser: No favicon
Source: https://www.paypal.com/donate/?cmd=_donations&currency_code=GBP&business=paypal@tecnick.com&item_name=donation%20for%20tc-lib-pdf%20project HTTP Parser: No favicon
Source: https://tcpdf.org/about/ HTTP Parser: No favicon
Source: https://tcpdf.org/about/ HTTP Parser: No favicon
Source: https://tcpdf.org/about/ HTTP Parser: No favicon
Source: https://tcpdf.org/about/ HTTP Parser: No favicon
Source: https://tecnick.com/ HTTP Parser: No favicon
Source: https://tecnick.com/ HTTP Parser: No favicon
Source: https://tecnick.com/ HTTP Parser: No favicon
Source: https://tecnick.com/ HTTP Parser: No favicon
Source: https://tecnick.com/ HTTP Parser: No favicon
Source: https://tecnick.com/ HTTP Parser: No favicon
Source: https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[Campaigns]GDN-Competitors-Customers-US&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE HTTP Parser: No favicon
Source: https://tecnick.com/#google_vignette HTTP Parser: No favicon
Source: https://tecnick.com/#google_vignette HTTP Parser: No favicon
Source: https://tecnick.com/#google_vignette HTTP Parser: No favicon
Source: https://tecnick.com/ HTTP Parser: No <meta name="author".. found
Source: https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[Campaigns]GDN-Competitors-Customers-US&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE HTTP Parser: No <meta name="author".. found
Source: https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[Campaigns]GDN-Competitors-Customers-US&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE HTTP Parser: No <meta name="author".. found
Source: https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[Campaigns]GDN-Competitors-Customers-US&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE HTTP Parser: No <meta name="author".. found
Source: https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[Campaigns]GDN-Competitors-Customers-US&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE HTTP Parser: No <meta name="author".. found
Source: https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[Campaigns]GDN-Competitors-Customers-US&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE HTTP Parser: No <meta name="author".. found
Source: https://tecnick.com/#google_vignette HTTP Parser: No <meta name="author".. found
Source: https://tecnick.com/#google_vignette HTTP Parser: No <meta name="author".. found
Source: https://tecnick.com/ HTTP Parser: No <meta name="copyright".. found
Source: https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[Campaigns]GDN-Competitors-Customers-US&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE HTTP Parser: No <meta name="copyright".. found
Source: https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[Campaigns]GDN-Competitors-Customers-US&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE HTTP Parser: No <meta name="copyright".. found
Source: https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[Campaigns]GDN-Competitors-Customers-US&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE HTTP Parser: No <meta name="copyright".. found
Source: https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[Campaigns]GDN-Competitors-Customers-US&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE HTTP Parser: No <meta name="copyright".. found
Source: https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[Campaigns]GDN-Competitors-Customers-US&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE&gclid=EAIaIQobChMIi7v75J30iAMVCzlVCB35kgcFEAEYASAAEgKu2PD_BwE HTTP Parser: No <meta name="copyright".. found
Source: https://tecnick.com/#google_vignette HTTP Parser: No <meta name="copyright".. found
Source: https://tecnick.com/#google_vignette HTTP Parser: No <meta name="copyright".. found
Source: unknown HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:49710 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.6:49711 version: TLS 1.2
Source: unknown HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49743 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49765 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49774 version: TLS 1.2
Source: unknown HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.6:49788 version: TLS 1.2
Source: unknown HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49843 version: TLS 1.2
Source: chrome.exe Memory has grown: Private usage: 16MB later: 51MB
Connects to several IPs in different countries
Source: unknown Network traffic detected: IP country count 11
Detected suspicious crossdomain redirect
Source: C:\Program Files\Google\Chrome\Application\chrome.exe HTTP traffic: Redirect from: adclick.g.doubleclick.net to https://www.googleadservices.com/pagead/aclk?nis=4&sa=l&ai=cgaplnp3_zovifovy1pip-awekl2v2qn2_ynb5n4s29keeaegu4uakgdjbqab7brihapiaqmpavhhicydf7i-qambyaplbkoe0wfp0fmwuppyb5jvagmdhehuxo0rjqjipo1yiifk5juqzbymcaaofacdtvsqqodglygier5gw_kgip1qk9ahhuereuw2aohwwdzwqjldvoizbh8scyhjmnvz1v_c2tb5kwlkmlamc-hu1ghdg3srtukpmydjfnat38btqwcja2ona5ivk0clxb8iu90yxe6-mvvj0tfmq6inptveomw4pcwsv1ksbkyaw_d06ku5zi8z9paulve_kkvgdaunhdxdlechmzkq4zcp0xyu2gjcyiipvu4fwasfibqu5gsibehxjrbkoayugaf7xj17qafvyruob9m2sqkob6a-g6ghjs4bqaet2buob_dgg6gh7paxaqgh_p6xaqghr76xaqghmgaob_prg6ghltgbqaeqm7ecqaedrbecqafgvbecqaf_nrecqaffn7ecqafkqbecqafrpbecqafqsbecqaeztbecqae-t7ecqaf4wrecqaf7wrec2aca0ggmcibheaeyhzicigi6c4bagmcagicgqiacsl39wtpyp__65j30iaoactnodhrwczovl2nozwnrbwsuy29tl2wvys9zdgfydc1jagvja21rlwzyzwutdhjpywwtdxoxcxisimhf2noygaobigraawh0dhbzoi8vbw9uaxrvci5jbglja2nlyxnllmnvbs90cmfja2vylz9pzd1mznhhb05dmggwrtldsizhzhbvcz0mbg9jcghpc2ljyww9mjg0mczsb2npbnrlcmvzdd0mywrncna9mty0odyymjy0ndc5jmt3pszudz1kjnvybd17bhb1cmx9jmnwbj0xotk2nteynzy0oszkzxzpy2u9yyzjy3b0dxjspwnozwnrbwsuy29tjnbspxrjcgrmlm9yz5glacglaealayamadomeaokemcwgtir6zkkdxicaqoqdqjvu8gnabgt5apyew3qfqgyfgh4fggafwgyfwiyaboxajgbshgjeglhthguigea0bgb6bgb&ae=1&ase=2&gclid=eaiaiqobchmii7v75j30iamvczlvcb35kgcfeaeyasaaegku2pd_bwe&num=1&cid=caqstgdpaxnfr1vmjpo47aacbt_otohmkst3w1sjcw690o03vi9quq5eo2xhs-oglpu1fvy1iogfaf4dyfylqsp9atv43bxjzqt_r5bg2o2-chgb&client=ca-pub-2627887748647914&rf=1&nb=0&dblrd=1&sig=aod64_2wyz9rf58gbzkq3en9lvfdbrclaq&adurl=https://checkmk.com/l/a/start-checkmk-free-trial-us%3futm_source%3dgoogle%26utm_medium%3dcpc%26utm_campaign%3d%5bcampaigns%5dgdn-competitors-customers-us%26utm_adgroup%3dtopics-2024utm_content%3dfree-trial%26utm_term%3dtcpdf.org%26gad_source%3d5%26gclid%3deaiaiqobchmii7v75j30iamvczlvcb35kgcfeaeyasaaegku2pd_bwe
Source: C:\Program Files\Google\Chrome\Application\chrome.exe HTTP traffic: Redirect from: www.googleadservices.com to https://monitor.clickcease.com/tracker/?id=ffxaonc0h0e9cj&adpos=&locphisical=2840&locinterest=&adgrp=164862264479&kw=&nw=d&url=https://checkmk.com/l/a/start-checkmk-free-trial-us%3futm_source%3dgoogle%26utm_medium%3dcpc%26utm_campaign%3d%5bcampaigns%5dgdn-competitors-customers-us%26utm_adgroup%3dtopics-2024utm_content%3dfree-trial%26utm_term%3dtcpdf.org%26gad_source%3d5%26gclid%3deaiaiqobchmii7v75j30iamvczlvcb35kgcfeaeyasaaegku2pd_bwe&cpn=19965127649&device=c&ccpturl=checkmk.com&pl=tcpdf.org&gclid=eaiaiqobchmii7v75j30iamvczlvcb35kgcfeaeyasaaegku2pd_bwe
Source: C:\Program Files\Google\Chrome\Application\chrome.exe HTTP traffic: Redirect from: monitor.clickcease.com to https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[campaigns]gdn-competitors-customers-us&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=eaiaiqobchmii7v75j30iamvczlvcb35kgcfeaeyasaaegku2pd_bwe&gclid=eaiaiqobchmii7v75j30iamvczlvcb35kgcfeaeyasaaegku2pd_bwe
Source: C:\Program Files\Google\Chrome\Application\chrome.exe HTTP traffic: Redirect from: adclick.g.doubleclick.net to https://www.googleadservices.com/pagead/aclk?nis=4&sa=l&ai=cgaplnp3_zovifovy1pip-awekl2v2qn2_ynb5n4s29keeaegu4uakgdjbqab7brihapiaqmpavhhicydf7i-qambyaplbkoe0wfp0fmwuppyb5jvagmdhehuxo0rjqjipo1yiifk5juqzbymcaaofacdtvsqqodglygier5gw_kgip1qk9ahhuereuw2aohwwdzwqjldvoizbh8scyhjmnvz1v_c2tb5kwlkmlamc-hu1ghdg3srtukpmydjfnat38btqwcja2ona5ivk0clxb8iu90yxe6-mvvj0tfmq6inptveomw4pcwsv1ksbkyaw_d06ku5zi8z9paulve_kkvgdaunhdxdlechmzkq4zcp0xyu2gjcyiipvu4fwasfibqu5gsibehxjrbkoayugaf7xj17qafvyruob9m2sqkob6a-g6ghjs4bqaet2buob_dgg6gh7paxaqgh_p6xaqghr76xaqghmgaob_prg6ghltgbqaeqm7ecqaedrbecqafgvbecqaf_nrecqaffn7ecqafkqbecqafrpbecqafqsbecqaeztbecqae-t7ecqaf4wrecqaf7wrec2aca0ggmcibheaeyhzicigi6c4bagmcagicgqiacsl39wtpyp__65j30iaoactnodhrwczovl2nozwnrbwsuy29tl2wvys9zdgfydc1jagvja21rlwzyzwutdhjpywwtdxoxcxisimhf2noygaobigraawh0dhbzoi8vbw9uaxrvci5jbglja2nlyxnllmnvbs90cmfja2vylz9pzd1mznhhb05dmggwrtldsizhzhbvcz0mbg9jcghpc2ljyww9mjg0mczsb2npbnrlcmvzdd0mywrncna9mty0odyymjy0ndc5jmt3pszudz1kjnvybd17bhb1cmx9jmnwbj0xotk2nteynzy0oszkzxzpy2u9yyzjy3b0dxjspwnozwnrbwsuy29tjnbspxrjcgrmlm9yz5glacglaealayamadomeaokemcwgtir6zkkdxicaqoqdqjvu8gnabgt5apyew3qfqgyfgh4fggafwgyfwiyaboxajgbshgjeglhthguigea0bgb6bgb&ae=1&ase=2&gclid=eaiaiqobchmii7v75j30iamvczlvcb35kgcfeaeyasaaegku2pd_bwe&num=1&cid=caqstgdpaxnfr1vmjpo47aacbt_otohmkst3w1sjcw690o03vi9quq5eo2xhs-oglpu1fvy1iogfaf4dyfylqsp9atv43bxjzqt_r5bg2o2-chgb&client=ca-pub-2627887748647914&rf=1&nb=9&dblrd=1&sig=aod64_2wyz9rf58gbzkq3en9lvfdbrclaq&adurl=https://checkmk.com/l/a/start-checkmk-free-trial-us%3futm_source%3dgoogle%26utm_medium%3dcpc%26utm_campaign%3d%5bcampaigns%5dgdn-competitors-customers-us%26utm_adgroup%3dtopics-2024utm_content%3dfree-trial%26utm_term%3dtcpdf.org%26gad_source%3d5%26gclid%3deaiaiqobchmii7v75j30iamvczlvcb35kgcfeaeyasaaegku2pd_bwe
Source: C:\Program Files\Google\Chrome\Application\chrome.exe HTTP traffic: Redirect from: www.googleadservices.com to https://monitor.clickcease.com/tracker/?id=ffxaonc0h0e9cj&adpos=&locphisical=2840&locinterest=&adgrp=164862264479&kw=&nw=d&url=https://checkmk.com/l/a/start-checkmk-free-trial-us%3futm_source%3dgoogle%26utm_medium%3dcpc%26utm_campaign%3d%5bcampaigns%5dgdn-competitors-customers-us%26utm_adgroup%3dtopics-2024utm_content%3dfree-trial%26utm_term%3dtcpdf.org%26gad_source%3d5%26gclid%3deaiaiqobchmii7v75j30iamvczlvcb35kgcfeaeyasaaegku2pd_bwe&cpn=19965127649&device=c&ccpturl=checkmk.com&pl=tcpdf.org&gclid=eaiaiqobchmii7v75j30iamvczlvcb35kgcfeaeyasaaegku2pd_bwe
Source: C:\Program Files\Google\Chrome\Application\chrome.exe HTTP traffic: Redirect from: monitor.clickcease.com to https://checkmk.com/l/a/start-checkmk-free-trial-us?utm_source=google&utm_medium=cpc&utm_campaign=[campaigns]gdn-competitors-customers-us&utm_adgroup=topics-2024utm_content=free-trial&utm_term=tcpdf.org&gad_source=5&gclid=eaiaiqobchmii7v75j30iamvczlvcb35kgcfeaeyasaaegku2pd_bwe&gclid=eaiaiqobchmii7v75j30iamvczlvcb35kgcfeaeyasaaegku2pd_bwe
IP address seen in connection with other malware
Source: Joe Sandbox View IP Address: 91.228.74.166 91.228.74.166
Source: Joe Sandbox View IP Address: 169.150.247.39 169.150.247.39
Source: Joe Sandbox View IP Address: 51.89.9.252 51.89.9.252
Source: Joe Sandbox View IP Address: 169.150.247.37 169.150.247.37
Source: Joe Sandbox View IP Address: 169.150.247.37 169.150.247.37
JA3 SSL client fingerprint seen in connection with other malware
Source: Joe Sandbox View JA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
Source: Joe Sandbox View JA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
Source: unknown TCP traffic detected without corresponding DNS query: 40.113.103.199
Source: unknown TCP traffic detected without corresponding DNS query: 40.113.103.199
Source: unknown TCP traffic detected without corresponding DNS query: 40.113.103.199
Source: unknown TCP traffic detected without corresponding DNS query: 40.113.103.199
Source: unknown TCP traffic detected without corresponding DNS query: 40.113.103.199
Source: unknown TCP traffic detected without corresponding DNS query: 40.113.103.199
Source: unknown TCP traffic detected without corresponding DNS query: 40.113.103.199
Source: unknown TCP traffic detected without corresponding DNS query: 40.113.103.199
Source: unknown TCP traffic detected without corresponding DNS query: 40.113.103.199
Source: unknown TCP traffic detected without corresponding DNS query: 40.113.103.199
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: global traffic HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=3SuwwnH8NpAc1f+&MD=7lXP+XFW HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /onboarding/smskillreader.txt HTTP/1.1Host: armmf.adobe.comConnection: keep-aliveAccept-Language: en-US,en;q=0.9User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) ReaderServices/23.6.20320 Chrome/105.0.0.0 Safari/537.36Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brIf-None-Match: "78-5faa31cce96da"If-Modified-Since: Mon, 01 May 2023 15:02:33 GMT
Source: global traffic HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET / HTTP/1.1Host: www.tcpdf.orgConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET / HTTP/1.1Host: tcpdf.orgConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /en_US/i/btn/btn_donate_SM.gif HTTP/1.1Host: www.paypal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /it_IT/i/scr/pixel.gif HTTP/1.1Host: www.paypal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /css/combined.css HTTP/1.1Host: tcpdf.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /img/tcpdf_main_logo_150x30.png HTTP/1.1Host: tcpdf.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /js/combined.js HTTP/1.1Host: tcpdf.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /en_US/i/btn/btn_donate_SM.gif HTTP/1.1Host: www.paypalobjects.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /it_IT/i/scr/pixel.gif HTTP/1.1Host: www.paypalobjects.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /img/tcpdf_main_logo_150x30.png HTTP/1.1Host: tcpdf.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /fonts/fa-solid-900.woff2 HTTP/1.1Host: tcpdf.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://tcpdf.orgsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /js/combined.js HTTP/1.1Host: tcpdf.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /fonts/fa-brands-400.woff2 HTTP/1.1Host: tcpdf.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://tcpdf.orgsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cse.js?cx=partner-pub-2627887748647914:4304874910 HTTP/1.1Host: cse.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /downloads?name=1&target=OPTIMIZATION_TARGET_PAGE_TOPICS_V2 HTTP/1.1Host: optimizationguide-pa.googleapis.comConnection: keep-aliveX-Goog-Api-Key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgwSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule700851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /en_US/i/btn/btn_donate_SM.gif HTTP/1.1Host: www.paypalobjects.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /it_IT/i/scr/pixel.gif HTTP/1.1Host: www.paypalobjects.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /downloads?name=1673999601&target=OPTIMIZATION_TARGET_PAGE_VISIBILITY HTTP/1.1Host: optimizationguide-pa.googleapis.comConnection: keep-aliveX-Goog-Api-Key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgwSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cse/static/element/8fa85d58e016b414/default+en.css HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cse/static/style/look/v4/default.css HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cse/static/element/8fa85d58e016b414/cse_element__en.js?usqp=CAI%3D HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cse.js?cx=partner-pub-2627887748647914:4304874910 HTTP/1.1Host: cse.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule701851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703051v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703050v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /pagead/html/r20241001/r20190131/zrt_lookup_fy2021.html HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/ads?client=ca-pub-2627887748647914&output=html&h=280&adk=2380828106&adf=1003747024&w=1081&abgtt=1&fwrn=4&fwrnh=100&lmt=1724511682&rafmt=1&format=1081x280&url=https%3A%2F%2Ftcpdf.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1728027954899&bpp=4&bdt=1547&idt=1445&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=6467355029295&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=166&ady=211&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087423%2C95338242%2C95343329%2C95344188%2C95335245%2C95339678&oid=2&pvsid=2294018084671705&tmod=824621570&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1482 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Sec-Browsing-Topics: ();p=P0000000000000000000000000000000Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/ads?client=ca-pub-2627887748647914&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1724511682&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftcpdf.org%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiombap=1&aipecl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1728027954903&bpp=1&bdt=1551&idt=1494&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1081x280&nras=1&correlator=6467355029295&frm=20&pv=1&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087423%2C95338242%2C95343329%2C95344188%2C95335245%2C95339678&oid=2&pvsid=2294018084671705&tmod=824621570&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=1506 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Sec-Browsing-Topics: ();p=P0000000000000000000000000000000Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/ads?client=ca-pub-2627887748647914&output=html&h=524&slotname=8227594300&adk=1250016115&adf=30046807&pi=t.ma~as.8227594300&w=1049&abgtt=1&cr_col=4&cr_row=2&fwrn=2&lmt=1724511682&rafmt=9&format=1049x524&url=https%3A%2F%2Ftcpdf.org%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1728027954904&bpp=1&bdt=1552&idt=1511&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1081x280%2C0x0&nras=1&correlator=6467355029295&frm=20&pv=1&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=182&ady=1562&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087423%2C95338242%2C95343329%2C95344188%2C95335245%2C95339678&oid=2&pvsid=2294018084671705&tmod=824621570&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=1516 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Sec-Browsing-Topics: ();p=P0000000000000000000000000000000Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule702101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /cse/static/images/1x/en/branding.png HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://tcpdf.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cse/static/css/v2/clear.png HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/cse/static/element/8fa85d58e016b414/default+en.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /img/manifest.json HTTP/1.1Host: tcpdf.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzQSEAntHYB2lZxDShIFDWdns_4=?alt=proto HTTP/1.1Host: content-autofill.googleapis.comConnection: keep-aliveX-Goog-Encode-Response-If-Executable: base64X-Goog-Api-Key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgwX-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEI3L3NAQi5ys0BCOnSzQEI6NXNAQjL1s0BCKjYzQEI+cDUFRi60s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /generate_204 HTTP/1.1Host: clients1.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /adsense/search/async-ads.js HTTP/1.1Host: cse.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule703551v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703550v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /pagead/js/r20241001/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /mysidia/0d1139c2ce4e8347e19f371556571a72.js?tag=user/client_fast/client_fast_user HTTP/1.1Host: www.gstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /mysidia/98a8be02e2fcad097fe30bb563ece1ea.js?tag=addon/exit HTTP/1.1Host: www.gstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /css?family=Roboto%3A400%2C500 HTTP/1.1Host: fonts.googleapis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /simgad/205726466938071249/14763004658117789537?w=400&h=209&tw=1&q=75 HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/managed/js/activeview/current/ufs_web_display.js HTTP/1.1Host: pagead2.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule702701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /simgad/11697146798333333488?w=100&h=100&tw=1&q=75 HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/adview?ai=C6RkINp3_ZovIFovy1PIP-aWeKL2v2qN2_YnB5N4S29keEAEgu4uaKGDJBqAB7brihAPIAQmpAvhHicydf7I-qAMByAPLBKoE0AFP0FmwUpPyb5JVagMdhEHUXO0RJQJipO1YiIfK5jUqZbYMCAAOFACdtVSqQOdGlYgIER5Gw_KGip1qK9ahHUEreuw2AOhWwdZwQJldvOiZbh8scYHJmnvZ1v_c2TB5KWLkmlamc-HU1gHdG3SrtukpmydJfNat38BTqWcJA2ONA5iVk0cLxb8iU90YXE6-MvVj0TfmQ6INpTvE4s4JrsFm52f23mV19p4QReQwGS6TCew9n_q1uVMWrWoMlymMts65wvGfjdQATlY4wuSDYLZrwASfibqU5gSIBeHXjrBKkgUECAQYAZIFBAgFGASgBi6AB_vEnXuoB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcA8gcFEIflnCLSCCYIgGEQARgfMgKKAjoLgECAwICAgKCogAJIvf3BOlin__rknfSIA5oJ1wFodHRwczovL2NoZWNrbWsuY29tL2wvYS9zdGFydC1jaGVja21rLWZyZWUtdHJpYWwtdXM_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1jcGMmdXRtX2NhbXBhaWduPVtDYW1wYWlnbnNdR0ROLUNvbXBldGl0b3JzLUN1c3RvbWVycy1VUyZ1dG1fYWRncm91cD10b3BpY3MtMjAyNHV0bV9jb250ZW50PWZyZWUtdHJpYWwmdXRtX3Rlcm09dGNwZGYub3JnJmdhZF9zb3VyY2U9NYAKAcgLAdoMEAoKEMCWgtir6ZKkdxICAQO4E-QD2BMN0BUBmBYBgBcBshceChoIABIUcHViLTI2Mjc4ODc3NDg2NDc5MTQYABgBuhcCOAGyGAkSAsdOGC4iAQDQGAHoGAE&sigh=tBHxZLc_W_k&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgDpaXnfr1vmJpo47AAcBt_oTOHMkst3w1sJcW690O03vI9qUQ5EO2xhS-OGlpU1FvY1ioGFAf4dyfYLqsp9aTv43bXJZQT_r5bg2o2-ChgB&template_id=484&nis=6 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAttribution-Reporting-Eligible: trigger, event-sourceReferer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2627887748647914&output=html&h=280&adk=2380828106&adf=1003747024&w=1081&abgtt=1&fwrn=4&fwrnh=100&lmt=1724511682&rafmt=1&format=1081x280&url=https%3A%2F%2Ftcpdf.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1728027954899&bpp=4&bdt=1547&idt=1445&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=6467355029295&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=166&ady=211&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087423%2C95338242%2C95343329%2C95344188%2C95335245%2C95339678&oid=2&pvsid=2294018084671705&tmod=824621570&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1482Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic HTTP traffic detected: GET /pagead/js/r20241001/r20110914/client/load_preloaded_resource_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule700451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /pagead/js/r20241001/r20110914/abg_lite_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200 HTTP/1.1Host: fonts.googleapis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /css?family=Google%20Sans%20Text%3A400%2C500 HTTP/1.1Host: fonts.googleapis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /css2?family=Google+Symbols:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200 HTTP/1.1Host: fonts.googleapis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /css?family=Google+Sans+Text:400,500 HTTP/1.1Host: fonts.googleapis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule702700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /i/ca-pub-2627887748647914?href=https%3A%2F%2Ftcpdf.org&ers=2 HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /downloads?name=1695049402&target=OPTIMIZATION_TARGET_GEOLOCATION_PERMISSION_PREDICTIONS HTTP/1.1Host: optimizationguide-pa.googleapis.comConnection: keep-aliveX-Goog-Api-Key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgwSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cse/static/element/8fa85d58e016b414/cse_element__en.js?usqp=CAI%3D HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /downloads?name=1678906374&target=OPTIMIZATION_TARGET_OMNIBOX_ON_DEVICE_TAIL_SUGGEST HTTP/1.1Host: optimizationguide-pa.googleapis.comConnection: keep-aliveX-Goog-Api-Key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgwSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule700450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /cse/static/images/1x/en/branding.png HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /adsense/search/async-ads.js HTTP/1.1Host: cse.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cse/static/css/v2/clear.png HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule701900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704001v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1184c3e1cee1a2f80000000000000000%22,%222%22:%220xf096886877e5ac240000000000000000%22,%223%22:%220xe31b55a86ff1e4d40000000000000000%22,%224%22:%220x19b2d8ae706dd50f0000000000000000%22,%225%22:%220xbe8309a619f260dd0000000000000000%22},%22debug_key%22:%226808834872602520964%22,%22debug_reporting%22:true,%22destination%22:%22https://checkmk.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22815308141%22],%2222%22:[%22true%22],%224%22:[%2210-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211028125467266642001%22}&andc=true HTTP/1.1Host: www.googleadservices.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://googleads.g.doubleclick.netX-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAttribution-Reporting-Eligible: event-source, trigger, not-navigation-sourceReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/js/r20241001/r20110914/client/window_focus_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/adview?ai=CP8cDNp3_ZpyLGvyD_NUPoZKamAjk3eGyeum2urG5ErGQHxABILuLmihgyQagAbSmt5YDyAEGqAMByAMCqgTMAU_QL9FcHgarbe19Jn981h61vQtxxNhpuYbjSM39ApDdD99gcGjknLaYrt_ao0qLmrSo1f4im8l5uMcHEvddolb1EdJAHZso3HGHsor_qtiB2c3zjvjFDB1uFrLGimUe2PWL19SNhZGB0HwxoAiGZiBgOU-OoBp5kXJpgFmtvZaxgYQmJR_PnjFdH8UTU6aDfT94zPZQoT_H_a5u6ZQGN1VYeAX_wi9G-wmVNDWheslTQlF6Amrq2GeKLt35Z8A9C0DFGJ2R7eOl1D5txcAE4OqKq-sEiAWWsbbBBZIFBAgEGAGSBQQIBRgEoAY3gAf5k_0BqAfVyRuoB9m2sQKoB6a-G6gHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAfIHBBD0ygbSCCYIgGEQARgfMgKKAjoLgECAwICAgKCogAJIvf3BOliIu_7knfSIA5oJ0gJodHRwczovL3d3dy5lbWEtZWRhLmNvbS9wcm9kdWN0cy9jYWRlbmNlLW9yY2FkL29yY2FkLXgtZGVtb25zdHJhdGlvbi8_X2JrPSZfYnQ9NjkyMTgyNjE0Njg0Jl9ibT0mX2JuPWQmX2JnPTE2NjI1MTkwMjMwNCZ1dG1fdGVybT0mdXRtX2NhbXBhaWduPUJBTl9PckNBRCZ1dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWNwYyZoc2FfYWNjPTI5OTU3Njk0NTgmaHNhX2NhbT0xNDc5MzgzMTkwJmhzYV9ncnA9MTY2MjUxOTAyMzA0JmhzYV9hZD02OTIxODI2MTQ2ODQmaHNhX3NyYz1kJmhzYV90Z3Q9JmhzYV9rdz0maHNhX210PSZoc2FfbmV0PWFkd29yZHMmaHNhX3Zlcj0zJmdhZF9zb3VyY2U9NYAKAcgLAdoMEAoKELDBzvzk7aO_aBICAQPYEwKIFAHQFQGAFwGyFx4KGggAEhRwdWItMjYyNzg4Nzc0ODY0NzkxNBgAGAG6FwI4AbIYCRICvlAYNyIBANAYAQ&sigh=HP52VSSKpLw&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwDpaXnf7OQJLL9ITIJZ_2g82IouF7N1ejeuKzmpxUJgnpZcHkml8GEpFqeK1VvlKR-G5gj_qvVL8Un9LEeLro6Ei4SqVWDiWXFtaBPrVmUYAQ&template_id=492&vis=1&ebtr=1&nis=6 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAttribution-Reporting-Eligible: trigger, event-source;navigation-sourceReferer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2627887748647914&output=html&h=524&slotname=8227594300&adk=1250016115&adf=30046807&pi=t.ma~as.8227594300&w=1049&abgtt=1&cr_col=4&cr_row=2&fwrn=2&lmt=1724511682&rafmt=9&format=1049x524&url=https%3A%2F%2Ftcpdf.org%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1728027954904&bpp=1&bdt=1552&idt=1511&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1081x280%2C0x0&nras=1&correlator=6467355029295&frm=20&pv=1&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=182&ady=1562&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087423%2C95338242%2C95343329%2C95344188%2C95335245%2C95339678&oid=2&pvsid=2294018084671705&tmod=824621570&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CeEbr%7
Source: global traffic HTTP traffic detected: GET /rules/rule704000v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /mysidia/0273c00d693aa2d6f3f456e07fef12f7.js?tag=addon/mysidia_one_click_handler_one_afma HTTP/1.1Host: www.gstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /adsense/search/async-ads.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://googleads.g.doubleclick.netsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D HTTP/1.1Host: pagead2.googlesyndication.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /css?family=Poppins%3A400%2C600 HTTP/1.1Host: fonts.googleapis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /f/AGSKWxUq-qcVJ_opbo5Ibjgcdg7nNSLU0rJ-d35hcqAA5G_C_-Y62bl2tiu8asnWZ1Pt8T4J86m7E5tynBxOdia6T5Noyud5-c82divwDWErFVj0aEoWNI7DmmcvnGFZc3-SLkmVSQPTcA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4MDI3OTU5LDczMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90Y3BkZi5vcmcvIixudWxsLFtbOCwiZXNrV1hTRkhzUWciXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/js/r20241001/r20110914/elements/html/fullscreen_api_adapter_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/js/r20241001/r20110914/elements/html/interstitial_ad_frame_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule702401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /downloads?name=210230727&target=OPTIMIZATION_TARGET_CLIENT_SIDE_PHISHING HTTP/1.1Host: optimizationguide-pa.googleapis.comConnection: keep-aliveX-Goog-Api-Key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgwSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule701551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://googleads.g.doubleclick.netsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /btr/view?ai=CP8cDNp3_ZpyLGvyD_NUPoZKamAjk3eGyeum2urG5ErGQHxABILuLmihgyQagAbSmt5YDyAEGqAMByAMCqgTMAU_QL9FcHgarbe19Jn981h61vQtxxNhpuYbjSM39ApDdD99gcGjknLaYrt_ao0qLmrSo1f4im8l5uMcHEvddolb1EdJAHZso3HGHsor_qtiB2c3zjvjFDB1uFrLGimUe2PWL19SNhZGB0HwxoAiGZiBgOU-OoBp5kXJpgFmtvZaxgYQmJR_PnjFdH8UTU6aDfT94zPZQoT_H_a5u6ZQGN1VYeAX_wi9G-wmVNDWheslTQlF6Amrq2GeKLt35Z8A9C0DFGJ2R7eOl1D5txcAE4OqKq-sEiAWWsbbBBZIFBAgEGAGSBQQIBRgEoAY3gAf5k_0BqAfVyRuoB9m2sQKoB6a-G6gHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAfIHBBD0ygbSCCYIgGEQARgfMgKKAjoLgECAwICAgKCogAJIvf3BOliIu_7knfSIA5oJ0gJodHRwczovL3d3dy5lbWEtZWRhLmNvbS9wcm9kdWN0cy9jYWRlbmNlLW9yY2FkL29yY2FkLXgtZGVtb25zdHJhdGlvbi8_X2JrPSZfYnQ9NjkyMTgyNjE0Njg0Jl9ibT0mX2JuPWQmX2JnPTE2NjI1MTkwMjMwNCZ1dG1fdGVybT0mdXRtX2NhbXBhaWduPUJBTl9PckNBRCZ1dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWNwYyZoc2FfYWNjPTI5OTU3Njk0NTgmaHNhX2NhbT0xNDc5MzgzMTkwJmhzYV9ncnA9MTY2MjUxOTAyMzA0JmhzYV9hZD02OTIxODI2MTQ2ODQmaHNhX3NyYz1kJmhzYV90Z3Q9JmhzYV9rdz0maHNhX210PSZoc2FfbmV0PWFkd29yZHMmaHNhX3Zlcj0zJmdhZF9zb3VyY2U9NYAKAcgLAdoMEAoKELDBzvzk7aO_aBICAQPYEwKIFAHQFQGAFwGyFx4KGggAEhRwdWItMjYyNzg4Nzc0ODY0NzkxNBgAGAG6FwI4AbIYCRICvlAYNyIBANAYAQ&sigh=HP52VSSKpLw&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwDpaXnf7OQJLL9ITIJZ_2g82IouF7N1ejeuKzmpxUJgnpZcHkml8GEpFqeK1VvlKR-G5gj_qvVL8Un9LEeLro6Ei4SqVWDiWXFtaBPrVmUYAQ&template_id=492&vis=1&ibtr=1&nis=6 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAttribution-Reporting-Eligible: event-source, trigger, not-navigation-sourceReferer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2627887748647914&output=html&h=524&slotname=8227594300&adk=1250016115&adf=30046807&pi=t.ma~as.8227594300&w=1049&abgtt=1&cr_col=4&cr_row=2&fwrn=2&lmt=1724511682&rafmt=9&format=1049x524&url=https%3A%2F%2Ftcpdf.org%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1728027954904&bpp=1&bdt=1552&idt=1511&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1081x280%2C0x0&nras=1&correlator=6467355029295&frm=20&pv=1&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=182&ady=1562&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087423%2C95338242%2C95343329%2C95344188%2C95335245%2C95339678&oid=2&pvsid=2294018084671705&tmod=824621570&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CeEbr%7
Source: global traffic HTTP traffic detected: GET /pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6241c22c1292c43b0000000000000000%22,%222%22:%220x18f1f942c401d8a0000000000000000%22,%223%22:%220xe80881634f0aa2700000000000000000%22,%224%22:%220xce343aeddfbb21300000000000000000%22,%225%22:%220xd2dca9c7fd16582f0000000000000000%22},%22debug_key%22:%2262152536266617393%22,%22debug_reporting%22:true,%22destination%22:%22https://ema-eda.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22852349748%22],%2222%22:[%22true%22],%224%22:[%2210-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221056902760404109441%22}&andc=true HTTP/1.1Host: www.googleadservices.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://googleads.g.doubleclick.netX-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAttribution-Reporting-Eligible: not-navigation-source, trigger, event-sourceReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ar_debug=1
Source: global traffic HTTP traffic detected: GET /pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D HTTP/1.1Host: pagead2.googlesyndication.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule701550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /simgad/11697146798333333488?w=100&h=100&tw=1&q=75 HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /simgad/205726466938071249/14763004658117789537?w=400&h=209&tw=1&q=75 HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/js/r20241001/r20110914/client/load_preloaded_resource_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /mysidia/0d1139c2ce4e8347e19f371556571a72.js?tag=user/client_fast/client_fast_user HTTP/1.1Host: www.gstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/js/r20241001/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /mysidia/98a8be02e2fcad097fe30bb563ece1ea.js?tag=addon/exit HTTP/1.1Host: www.gstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/js/r20241001/r20110914/abg_lite_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /mysidia/0273c00d693aa2d6f3f456e07fef12f7.js?tag=addon/mysidia_one_click_handler_one_afma HTTP/1.1Host: www.gstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /adsense/search/async-ads.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /bg/WTGMIXitrueThExDFjyWWw_FFBI9UNtQbYwZCxBHg48.js HTTP/1.1Host: pagead2.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1184c3e1cee1a2f80000000000000000%22,%222%22:%220xf096886877e5ac240000000000000000%22,%223%22:%220xe31b55a86ff1e4d40000000000000000%22,%224%22:%220x19b2d8ae706dd50f0000000000000000%22,%225%22:%220xbe8309a619f260dd0000000000000000%22},%22debug_key%22:%226808834872602520964%22,%22debug_reporting%22:true,%22destination%22:%22https://checkmk.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22815308141%22],%2222%22:[%22true%22],%224%22:[%2210-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211028125467266642001%22}&andc=true HTTP/1.1Host: www.googleadservices.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ar_debug=1
Source: global traffic HTTP traffic detected: GET /i/ca-pub-2627887748647914?href=https%3A%2F%2Ftcpdf.org&ers=2 HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/js/r20241001/r20110914/client/window_focus_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /images/icons/material/system/2x/feedback_grey600_24dp.png HTTP/1.1Host: www.gstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /images/icons/material/system/2x/settings_grey600_24dp.png HTTP/1.1Host: www.gstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /f/AGSKWxUq-qcVJ_opbo5Ibjgcdg7nNSLU0rJ-d35hcqAA5G_C_-Y62bl2tiu8asnWZ1Pt8T4J86m7E5tynBxOdia6T5Noyud5-c82divwDWErFVj0aEoWNI7DmmcvnGFZc3-SLkmVSQPTcA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4MDI3OTU5LDczMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90Y3BkZi5vcmcvIixudWxsLFtbOCwiZXNrV1hTRkhzUWciXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6241c22c1292c43b0000000000000000%22,%222%22:%220x18f1f942c401d8a0000000000000000%22,%223%22:%220xe80881634f0aa2700000000000000000%22,%224%22:%220xce343aeddfbb21300000000000000000%22,%225%22:%220xd2dca9c7fd16582f0000000000000000%22},%22debug_key%22:%2262152536266617393%22,%22debug_reporting%22:true,%22destination%22:%22https://ema-eda.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22852349748%22],%2222%22:[%22true%22],%224%22:[%2210-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221056902760404109441%22}&andc=true HTTP/1.1Host: www.googleadservices.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ar_debug=1
Source: global traffic HTTP traffic detected: GET /f/AGSKWxXPuemx81GR2ZpH9THQGS2vMe09oM5cBoJUQiwGWdu424pW83lHsrvtmEJkE4yIf3a0ND-gswt9snVAWTZfvA12HvLoYb3ssIIQerszrLm8E00maMLERNq5RLvhwK6RN7Vo6GsmHDDGmH9mVictDdAG7dlvUFw-pPewZRu5nXvCopwns9I32RHEtpD2/_/imgad?/floater_ad./adfuncs./adpicture./swf/ad- HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule702600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D HTTP/1.1Host: pagead2.googlesyndication.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/js/r20241001/r20110914/elements/html/fullscreen_api_adapter_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/js/r20241001/r20110914/elements/html/interstitial_ad_frame_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /images/icons/material/system/2x/feedback_grey600_24dp.png HTTP/1.1Host: www.gstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /images/icons/material/system/2x/settings_grey600_24dp.png HTTP/1.1Host: www.gstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pcs/activeview?xai=AKAOjssD8iuI8afDr5kEqTZD3h8amAugVcA3Do0HGeFP4XdH8DygkmsFpO2s4Zs8vm8bCZK7zd-NSxAJwSNhdDxnHu4WGZAAVDoYpDt7gK6p1ah_MjXAitLbqxPjlYjgdtvfmLiUdnSA8alOhPXlGXHDDepa3cCjOkuwoUk3e4Cr3Mj6FC9Mv4izxTnf8ShYLcvO&sai=AMfl-YTC5gUJHhohV9MeoCUsGhT0B1bJYECIDlOqfO-82TtDLu92Bn6MA6b4BxBzMZXZ63SPuEVxobSsUDB3J8fDvXOk1aiYw7KL3nGkRBKSC1BeNtPmWzrTBcmKTCKQHCcZGTgev0JBwvlACGrRz0Kg&sig=Cg0ArKJSzI8TZVPfLN88EAE&cid=CAQSTgDpaXnfr1vmJpo47AAcBt_oTOHMkst3w1sJcW690O03vI9qUQ5EO2xhS-OGlpU1FvY1ioGFAf4dyfYLqsp9aTv43bXJZQT_r5bg2o2-ChgB&id=lidar2&mcvt=1001&p=0,0,280,1081&tm=2678.2999999999884&tu=1677.1000000000058&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240930&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2380828106&rs=2&la=1&cr=0&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0%3D&vs=4&r=v&co=2396075900&rst=1728027956385&rpt=4788&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 HTTP/1.1Host: pagead2.googlesyndication.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /f/AGSKWxXPuemx81GR2ZpH9THQGS2vMe09oM5cBoJUQiwGWdu424pW83lHsrvtmEJkE4yIf3a0ND-gswt9snVAWTZfvA12HvLoYb3ssIIQerszrLm8E00maMLERNq5RLvhwK6RN7Vo6GsmHDDGmH9mVictDdAG7dlvUFw-pPewZRu5nXvCopwns9I32RHEtpD2/_/imgad?/floater_ad./adfuncs./adpicture./swf/ad- HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule703300v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703301v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /f/AGSKWxUJQ9SWgmekbuN5ciQwZRzDDxDQ_B6JuCz5_Qo7WfM9VgWfDDzG8Ovn6SdK7Dky5EXNDAMIZLj_jx4mY9WgA0-zVwtj506BzP_ExcPc9c5C9eJG829oyuHeFN_fT1R-wg93O121fg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4MDI3OTYyLDU1MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vdGNwZGYub3JnLyIsbnVsbCxbWzgsImVza1dYU0ZIc1FnIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule701751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /downloads?name=1726498979&target=OPTIMIZATION_TARGET_NOTIFICATION_PERMISSION_PREDICTIONS HTTP/1.1Host: optimizationguide-pa.googleapis.comConnection: keep-aliveX-Goog-Api-Key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgwSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule701101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120128v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120603v8s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /downloads?name=1726498955&target=OPTIMIZATION_TARGET_GEOLOCATION_PERMISSION_PREDICTIONS HTTP/1.1Host: optimizationguide-pa.googleapis.comConnection: keep-aliveX-Goog-Api-Key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgwSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /f/AGSKWxUJQ9SWgmekbuN5ciQwZRzDDxDQ_B6JuCz5_Qo7WfM9VgWfDDzG8Ovn6SdK7Dky5EXNDAMIZLj_jx4mY9WgA0-zVwtj506BzP_ExcPc9c5C9eJG829oyuHeFN_fT1R-wg93O121fg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4MDI3OTYyLDU1MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vdGNwZGYub3JnLyIsbnVsbCxbWzgsImVza1dYU0ZIc1FnIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /f/AGSKWxXShD4VZNV2HhEI5qwXMn5z0H8zT-bHm62YifBkfUantcEbtw4Rosey-MlmdRKrOMxE8Rc_kXTRsaK3rDlOdvExxmQA5nLrI_KIj-raef6lv7Wwu2OUvTwJHNg_syc_8drawWKUbQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4MDI3OTY0LDczMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vdGNwZGYub3JnLyIsbnVsbCxbWzgsImVza1dYU0ZIc1FnIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule230157v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230162v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230158v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120607v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230104v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /f/AGSKWxUuI48NLWjTs8u0OjPBl25qNwy8eJu7CmuM7oU_UsbH9Mf7t1MBLi9dfeHUGY_TY6TA8WMEOWnWl3OOILddTkw1b7rlRTLjFzoF7almn0G9YlSb4cGcQVAHKbHTLCW5lUcgf4blWg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4MDI3OTY2LDE2NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly90Y3BkZi5vcmcvIixudWxsLFtbOCwiZXNrV1hTRkhzUWciXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /downloads?name=1726585504&target=OPTIMIZATION_TARGET_CLIENT_SIDE_PHISHING HTTP/1.1Host: optimizationguide-pa.googleapis.comConnection: keep-aliveX-Goog-Api-Key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgwSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /f/AGSKWxXShD4VZNV2HhEI5qwXMn5z0H8zT-bHm62YifBkfUantcEbtw4Rosey-MlmdRKrOMxE8Rc_kXTRsaK3rDlOdvExxmQA5nLrI_KIj-raef6lv7Wwu2OUvTwJHNg_syc_8drawWKUbQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4MDI3OTY0LDczMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vdGNwZGYub3JnLyIsbnVsbCxbWzgsImVza1dYU0ZIc1FnIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule230168v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230165v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230164v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230167v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230166v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /img/favicon.ico HTTP/1.1Host: tcpdf.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gads=ID=74748a2114bcd6f8:T=1728027958:RT=1728027958:S=ALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ; __gpi=UID=00000f21a449d160:T=1728027958:RT=1728027958:S=ALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w; __eoi=ID=602bc46dfc4ceee3:T=1728027958:RT=1728027958:S=AA-AfjZJ7pwMWsfMd676OPLIU7FI; FCNEC=%5B%5B%22AKsRol8zwmZbEPFdD411pSr6naKEADwiIjJiedZelzPJStz14fmTMqupJL_eHgv29Czm1yoGKik-lClepWkHJHhWjhEiN5UYcbXpl4vZJspAMiuVS6q_n8JJ1DBcqCW4EqY9dGalDFFqDCwa-mU0Ah5kM6OvX972Og%3D%3D%22%5D%5D
Source: global traffic HTTP traffic detected: GET /f/AGSKWxUuI48NLWjTs8u0OjPBl25qNwy8eJu7CmuM7oU_UsbH9Mf7t1MBLi9dfeHUGY_TY6TA8WMEOWnWl3OOILddTkw1b7rlRTLjFzoF7almn0G9YlSb4cGcQVAHKbHTLCW5lUcgf4blWg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4MDI3OTY2LDE2NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly90Y3BkZi5vcmcvIixudWxsLFtbOCwiZXNrV1hTRkhzUWciXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule230169v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230170v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230171v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230172v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230173v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /img/favicon.ico HTTP/1.1Host: tcpdf.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gads=ID=74748a2114bcd6f8:T=1728027958:RT=1728027958:S=ALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ; __gpi=UID=00000f21a449d160:T=1728027958:RT=1728027958:S=ALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w; __eoi=ID=602bc46dfc4ceee3:T=1728027958:RT=1728027958:S=AA-AfjZJ7pwMWsfMd676OPLIU7FI; FCNEC=%5B%5B%22AKsRol8zwmZbEPFdD411pSr6naKEADwiIjJiedZelzPJStz14fmTMqupJL_eHgv29Czm1yoGKik-lClepWkHJHhWjhEiN5UYcbXpl4vZJspAMiuVS6q_n8JJ1DBcqCW4EqY9dGalDFFqDCwa-mU0Ah5kM6OvX972Og%3D%3D%22%5D%5D
Source: global traffic HTTP traffic detected: GET /img/favicon-32x32.png HTTP/1.1Host: tcpdf.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gads=ID=74748a2114bcd6f8:T=1728027958:RT=1728027958:S=ALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ; __gpi=UID=00000f21a449d160:T=1728027958:RT=1728027958:S=ALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w; __eoi=ID=602bc46dfc4ceee3:T=1728027958:RT=1728027958:S=AA-AfjZJ7pwMWsfMd676OPLIU7FI; FCNEC=%5B%5B%22AKsRol8zwmZbEPFdD411pSr6naKEADwiIjJiedZelzPJStz14fmTMqupJL_eHgv29Czm1yoGKik-lClepWkHJHhWjhEiN5UYcbXpl4vZJspAMiuVS6q_n8JJ1DBcqCW4EqY9dGalDFFqDCwa-mU0Ah5kM6OvX972Og%3D%3D%22%5D%5D
Source: global traffic HTTP traffic detected: GET /sodar/sodar2.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule224900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230174v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120119v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704101v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704100v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /img/favicon-32x32.png HTTP/1.1Host: tcpdf.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gads=ID=74748a2114bcd6f8:T=1728027958:RT=1728027958:S=ALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ; __gpi=UID=00000f21a449d160:T=1728027958:RT=1728027958:S=ALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w; __eoi=ID=602bc46dfc4ceee3:T=1728027958:RT=1728027958:S=AA-AfjZJ7pwMWsfMd676OPLIU7FI; FCNEC=%5B%5B%22AKsRol8zwmZbEPFdD411pSr6naKEADwiIjJiedZelzPJStz14fmTMqupJL_eHgv29Czm1yoGKik-lClepWkHJHhWjhEiN5UYcbXpl4vZJspAMiuVS6q_n8JJ1DBcqCW4EqY9dGalDFFqDCwa-mU0Ah5kM6OvX972Og%3D%3D%22%5D%5D
Source: global traffic HTTP traffic detected: GET /rules/rule704201v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704200v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /sodar/sodar2/232/runner.html HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /sodar/sodar2.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /recaptcha/api2/aframe HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule704151v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule226009v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704150v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /examples HTTP/1.1Host: tcpdf.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gads=ID=74748a2114bcd6f8:T=1728027958:RT=1728027958:S=ALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ; __gpi=UID=00000f21a449d160:T=1728027958:RT=1728027958:S=ALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w; __eoi=ID=602bc46dfc4ceee3:T=1728027958:RT=1728027958:S=AA-AfjZJ7pwMWsfMd676OPLIU7FI; FCNEC=%5B%5B%22AKsRol8zwmZbEPFdD411pSr6naKEADwiIjJiedZelzPJStz14fmTMqupJL_eHgv29Czm1yoGKik-lClepWkHJHhWjhEiN5UYcbXpl4vZJspAMiuVS6q_n8JJ1DBcqCW4EqY9dGalDFFqDCwa-mU0Ah5kM6OvX972Og%3D%3D%22%5D%5D
Source: global traffic HTTP traffic detected: GET /examples/ HTTP/1.1Host: tcpdf.orgConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gads=ID=74748a2114bcd6f8:T=1728027958:RT=1728027958:S=ALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ; __gpi=UID=00000f21a449d160:T=1728027958:RT=1728027958:S=ALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w; __eoi=ID=602bc46dfc4ceee3:T=1728027958:RT=1728027958:S=AA-AfjZJ7pwMWsfMd676OPLIU7FI; FCNEC=%5B%5B%22AKsRol8zwmZbEPFdD411pSr6naKEADwiIjJiedZelzPJStz14fmTMqupJL_eHgv29Czm1yoGKik-lClepWkHJHhWjhEiN5UYcbXpl4vZJspAMiuVS6q_n8JJ1DBcqCW4EqY9dGalDFFqDCwa-mU0Ah5kM6OvX972Og%3D%3D%22%5D%5D
Source: global traffic HTTP traffic detected: GET /en_US/i/btn/btn_donate_SM.gif HTTP/1.1Host: www.paypal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ts=vreXpYrS%3D1822635955%26vteXpYrS%3D1728029755%26vr%3D567e0ffb1920aa30c8a58013fc1bde2c%26vt%3D567e0ffb1920aa30c8a58013fc1bde2b%26vtyp%3Dnew; ts_c=vr%3D567e0ffb1920aa30c8a58013fc1bde2c%26vt%3D567e0ffb1920aa30c8a58013fc1bde2b
Source: global traffic HTTP traffic detected: GET /it_IT/i/scr/pixel.gif HTTP/1.1Host: www.paypal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ts=vreXpYrS%3D1822635955%26vteXpYrS%3D1728029755%26vr%3D567e0ffb1920aa30c8a58013fc1bde2c%26vt%3D567e0ffb1920aa30c8a58013fc1bde2b%26vtyp%3Dnew; ts_c=vr%3D567e0ffb1920aa30c8a58013fc1bde2c%26vt%3D567e0ffb1920aa30c8a58013fc1bde2b
Source: global traffic HTTP traffic detected: GET /bg/bTlXcH-04rkXILOBMXVqPgIDPtI2JqYddFmG09n4rWw.js HTTP/1.1Host: pagead2.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://tpc.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/sodar?id=sodar2&v=232&li=gda_r20241001&jk=2294018084671705&rc= HTTP/1.1Host: pagead2.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /css/combined.css HTTP/1.1Host: tcpdf.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gads=ID=74748a2114bcd6f8:T=1728027958:RT=1728027958:S=ALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ; __gpi=UID=00000f21a449d160:T=1728027958:RT=1728027958:S=ALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w; __eoi=ID=602bc46dfc4ceee3:T=1728027958:RT=1728027958:S=AA-AfjZJ7pwMWsfMd676OPLIU7FI; FCNEC=%5B%5B%22AKsRol8zwmZbEPFdD411pSr6naKEADwiIjJiedZelzPJStz14fmTMqupJL_eHgv29Czm1yoGKik-lClepWkHJHhWjhEiN5UYcbXpl4vZJspAMiuVS6q_n8JJ1DBcqCW4EqY9dGalDFFqDCwa-mU0Ah5kM6OvX972Og%3D%3D%22%5D%5D
Source: global traffic HTTP traffic detected: GET /img/tcpdf_main_logo_150x30.png HTTP/1.1Host: tcpdf.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gads=ID=74748a2114bcd6f8:T=1728027958:RT=1728027958:S=ALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ; __gpi=UID=00000f21a449d160:T=1728027958:RT=1728027958:S=ALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w; __eoi=ID=602bc46dfc4ceee3:T=1728027958:RT=1728027958:S=AA-AfjZJ7pwMWsfMd676OPLIU7FI; FCNEC=%5B%5B%22AKsRol8zwmZbEPFdD411pSr6naKEADwiIjJiedZelzPJStz14fmTMqupJL_eHgv29Czm1yoGKik-lClepWkHJHhWjhEiN5UYcbXpl4vZJspAMiuVS6q_n8JJ1DBcqCW4EqY9dGalDFFqDCwa-mU0Ah5kM6OvX972Og%3D%3D%22%5D%5D
Source: global traffic HTTP traffic detected: GET /js/combined.js HTTP/1.1Host: tcpdf.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gads=ID=74748a2114bcd6f8:T=1728027958:RT=1728027958:S=ALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ; __gpi=UID=00000f21a449d160:T=1728027958:RT=1728027958:S=ALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w; __eoi=ID=602bc46dfc4ceee3:T=1728027958:RT=1728027958:S=AA-AfjZJ7pwMWsfMd676OPLIU7FI; FCNEC=%5B%5B%22AKsRol8zwmZbEPFdD411pSr6naKEADwiIjJiedZelzPJStz14fmTMqupJL_eHgv29Czm1yoGKik-lClepWkHJHhWjhEiN5UYcbXpl4vZJspAMiuVS6q_n8JJ1DBcqCW4EqY9dGalDFFqDCwa-mU0Ah5kM6OvX972Og%3D%3D%22%5D%5D
Source: global traffic HTTP traffic detected: GET /img/tcpdf_main_logo_150x30.png HTTP/1.1Host: tcpdf.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gads=ID=74748a2114bcd6f8:T=1728027958:RT=1728027958:S=ALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ; __gpi=UID=00000f21a449d160:T=1728027958:RT=1728027958:S=ALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w; __eoi=ID=602bc46dfc4ceee3:T=1728027958:RT=1728027958:S=AA-AfjZJ7pwMWsfMd676OPLIU7FI; FCNEC=%5B%5B%22AKsRol8zwmZbEPFdD411pSr6naKEADwiIjJiedZelzPJStz14fmTMqupJL_eHgv29Czm1yoGKik-lClepWkHJHhWjhEiN5UYcbXpl4vZJspAMiuVS6q_n8JJ1DBcqCW4EqY9dGalDFFqDCwa-mU0Ah5kM6OvX972Og%3D%3D%22%5D%5D
Source: global traffic HTTP traffic detected: GET /js/combined.js HTTP/1.1Host: tcpdf.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gads=ID=74748a2114bcd6f8:T=1728027958:RT=1728027958:S=ALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ; __gpi=UID=00000f21a449d160:T=1728027958:RT=1728027958:S=ALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w; __eoi=ID=602bc46dfc4ceee3:T=1728027958:RT=1728027958:S=AA-AfjZJ7pwMWsfMd676OPLIU7FI; FCNEC=%5B%5B%22AKsRol8zwmZbEPFdD411pSr6naKEADwiIjJiedZelzPJStz14fmTMqupJL_eHgv29Czm1yoGKik-lClepWkHJHhWjhEiN5UYcbXpl4vZJspAMiuVS6q_n8JJ1DBcqCW4EqY9dGalDFFqDCwa-mU0Ah5kM6OvX972Og%3D%3D%22%5D%5D
Source: global traffic HTTP traffic detected: GET /fonts/fa-solid-900.woff2 HTTP/1.1Host: tcpdf.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://tcpdf.orgsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gads=ID=74748a2114bcd6f8:T=1728027958:RT=1728027958:S=ALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ; __gpi=UID=00000f21a449d160:T=1728027958:RT=1728027958:S=ALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w; __eoi=ID=602bc46dfc4ceee3:T=1728027958:RT=1728027958:S=AA-AfjZJ7pwMWsfMd676OPLIU7FI; FCNEC=%5B%5B%22AKsRol8zwmZbEPFdD411pSr6naKEADwiIjJiedZelzPJStz14fmTMqupJL_eHgv29Czm1yoGKik-lClepWkHJHhWjhEiN5UYcbXpl4vZJspAMiuVS6q_n8JJ1DBcqCW4EqY9dGalDFFqDCwa-mU0Ah5kM6OvX972Og%3D%3D%22%5D%5D
Source: global traffic HTTP traffic detected: GET /fonts/fa-brands-400.woff2 HTTP/1.1Host: tcpdf.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://tcpdf.orgsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gads=ID=74748a2114bcd6f8:T=1728027958:RT=1728027958:S=ALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ; __gpi=UID=00000f21a449d160:T=1728027958:RT=1728027958:S=ALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w; __eoi=ID=602bc46dfc4ceee3:T=1728027958:RT=1728027958:S=AA-AfjZJ7pwMWsfMd676OPLIU7FI; FCNEC=%5B%5B%22AKsRol8zwmZbEPFdD411pSr6naKEADwiIjJiedZelzPJStz14fmTMqupJL_eHgv29Czm1yoGKik-lClepWkHJHhWjhEiN5UYcbXpl4vZJspAMiuVS6q_n8JJ1DBcqCW4EqY9dGalDFFqDCwa-mU0Ah5kM6OvX972Og%3D%3D%22%5D%5D
Source: global traffic HTTP traffic detected: GET /cse.js?cx=partner-pub-2627887748647914:4304874910 HTTP/1.1Host: cse.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/ads?client=ca-pub-2627887748647914&output=html&h=280&adk=2380828106&adf=1003747024&w=1081&abgtt=1&fwrn=4&fwrnh=100&lmt=1724511650&rafmt=1&format=1081x280&url=https%3A%2F%2Ftcpdf.org%2Fexamples%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1728027971211&bpp=8&bdt=1014&idt=59&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74748a2114bcd6f8%3AT%3D1728027958%3ART%3D1728027958%3AS%3DALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ&gpic=UID%3D00000f21a449d160%3AT%3D1728027958%3ART%3D1728027958%3AS%3DALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w&eo_id_str=ID%3D602bc46dfc4ceee3%3AT%3D1728027958%3ART%3D1728027958%3AS%3DAA-AfjZJ7pwMWsfMd676OPLIU7FI&correlator=598970542174&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=166&ady=229&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087424%2C31087796%2C95343328%2C95335247&oid=2&pvsid=4358598373628446&tmod=824621570&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=103 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Sec-Browsing-Topics: ();p=P0000000000000000000000000000000Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /pagead/ads?client=ca-pub-2627887748647914&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1724511650&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftcpdf.org%2Fexamples%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aifgd=1&aipaq=1&aipecl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1728027971219&bpp=5&bdt=1021&idt=125&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74748a2114bcd6f8%3AT%3D1728027958%3ART%3D1728027958%3AS%3DALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ&gpic=UID%3D00000f21a449d160%3AT%3D1728027958%3ART%3D1728027958%3AS%3DALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w&eo_id_str=ID%3D602bc46dfc4ceee3%3AT%3D1728027958%3ART%3D1728027958%3AS%3DAA-AfjZJ7pwMWsfMd676OPLIU7FI&prev_fmts=1081x280&nras=1&correlator=598970542174&frm=20&pv=1&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087424%2C31087796%2C95343328%2C95335247&oid=2&pvsid=4358598373628446&tmod=824621570&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=168 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Sec-Browsing-Topics: ();p=P0000000000000000000000000000000Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /simgad/3200209128226090959/14763004658117789537 HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/adview?ai=ChM35Np3_ZvzDGNHM1PIPoJzTmAa6g9vQesL9wKaWE8uH_tWXDhABILuLmihgyQagAcH5ofEoyAEBqAMByANIqgTDAU_Qyrjtz0fBpJllMoqeX7-q0xwH-ccBVyay3V7Tf2DYEysilDNERHCbTen4_zckX7yrGSWKR4utmidOrr_UjmNlxWpXRCdOq5HGs4sOFJ8FXh_FEaCI2r1UfXDJFVJBIxVJWdH5bJ4kXeuCxRqEK6fdhY4W1iynIEOGAvX-j0hzDmJy6cg_HcN6GNjUjGwiML5CVzIp_C3-LMTEXG6twaTx1Fhe8KES5VY9OcOjaT0sesJ1pZS3EdSGtXJVaUE7G8bpF8AE4bqNr_8EiAWAsa-GUZIFBAgEGAGSBQQIBRgEoAYugAfBsfLQA6gH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwHyBwUQ4I6eAdIIJgiAYRABGB8yAooCOguAQIDAgICAoKiAAki9_cE6WIHA_OSd9IgDmgncAmh0dHBzOi8vc2VhcmNoLnlhaG9vLmNvbS95aHMvc2VhcmNoP2hzcGFydD15YWhvbyZoc2ltcD15aHMtZzIwN2EmcD1iZXN0K2xhdytmaXJtK21hcmtldGluZytjb21wYW5pZXMmYWRzb3VyY2U9Z2RuJmtleXdvcmQ9Jmt3X2lkPTM4MTcwMzk0NDc2NDUzMzIxOSZhZF9pZD03MTQ5OTU1NTYzOTkmYWRncm91cD0xNzE2MjkwNDMwNDEmY2FtcGFpZ25faWQ9MjE3NTY2MzExNjgmcGxhY2VtZW50PXRjcGRmLm9yZyZndHlwZT0tLXJrdy0xMTE1MTUxNzMyMTI2NTM3MjM1NS1hZC03MTQ5OTU1NTYzOTktcGdyaWQtMTcxNjI5MDQzMDQxLWNwZ25pZC0yMTc1NjYzMTE2OC0mcGxhY2U9dGNwZGYub3JnJmdhZF9zb3VyY2U9NYAKAcgLAdoMEAoKEPDio4HLiNLdJBICAQPYEwzQFQGAFwGyFx4KGggAEhRwdWItMjYyNzg4Nzc0ODY0NzkxNBgAGAG6FwI4AbIYCRIC9moYLiIBANAYAegYAQ&sigh=m1XyfSAj8t8&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwDpaXnfwraMbEJJjcdFqfh5TShXbhsuljVRc5cb-5Nnsi_34Keb0dLt7lVNsLKcNs-dgxy6w315_kvvMzA6gajmKvGBEQbR0xy9QWgCeIEYAQ&template_id=5024&vis=1&nis=6 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAttribution-Reporting-Eligible: trigger, event-sourceReferer: https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /pagead/interaction/?ai=CHD_aNp3_ZovIFovy1PIP-aWeKL2v2qN2_YnB5N4S29keEAEgu4uaKGDJBqAB7brihAPIAQmpAvhHicydf7I-qAMByAPLBKoE0wFP0FmwUpPyb5JVagMdhEHUXO0RJQJipO1YiIfK5jUqZbYMCAAOFACdtVSqQOdGlYgIER5Gw_KGip1qK9ahHUEreuw2AOhWwdZwQJldvOiZbh8scYHJmnvZ1v_c2TB5KWLkmlamc-HU1gHdG3SrtukpmydJfNat38BTqWcJA2ONA5iVk0cLxb8iU90YXE6-MvVj0TfmQ6INpTvEoMw4PCWSV1kSbkyaW_D06Ku5zi8Z9pAUlVe_kkvGDaUNHdxdleChMzkq4zCP0XYU2gJCyIiPvu4FwASfibqU5gSIBeHXjrBKoAYugAf7xJ17qAfVyRuoB9m2sQKoB6a-G6gHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7ECqAfKqbECqAfrpbECqAfqsbECqAeZtbECqAe-t7ECqAf4wrECqAf7wrEC2AcA0ggmCIBhEAEYHzICigI6C4BAgMCAgICgqIACSL39wTpYp__65J30iAOxCXiSimhF2noygAoBigrAAWh0dHBzOi8vbW9uaXRvci5jbGlja2NlYXNlLmNvbS90cmFja2VyLz9pZD1mZnhhb05DMGgwRTlDSiZhZHBvcz0mbG9jcGhpc2ljYWw9Mjg0MCZsb2NpbnRlcmVzdD0mYWRncnA9MTY0ODYyMjY0NDc5Jmt3PSZudz1kJnVybD17bHB1cmx9JmNwbj0xOTk2NTEyNzY0OSZkZXZpY2U9YyZjY3B0dXJsPWNoZWNrbWsuY29tJnBsPXRjcGRmLm9yZ5gLAcgLAeALAYAMAdoMEAoKEMCWgtir6ZKkdxICAQOqDQJVU8gNAbgT5APYEw3QFQGYFgH4FgGAFwGyFwIYAboXAjgBshgJEgLHThguIgEA0BgB6BgB&sigh=ivtoiYeDL0Y&cid=CAQSTgDpaXnfr1vmJpo47AAcBt_oTOHMkst3w1sJcW690O03vI9qUQ5EO2xhS-OGlpU1FvY1ioGFAf4dyfYLqsp9aTv43bXJZQT_r5bg2o2-Cg&label=window_focus&gqid=Np3_ZsLOFdDo1PIPrcOz8QQ&qqid=CIu7--Sd9IgDFQs5VQgd-ZIHBQ&fg=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2627887748647914&output=html&h=280&adk=2380828106&adf=1003747024&w=1081&abgtt=1&fwrn=4&fwrnh=100&lmt=1724511682&rafmt=1&format=1081x280&url=https%3A%2F%2Ftcpdf.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1728027954899&bpp=4&bdt=1547&idt=1445&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=6467355029295&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=166&ady=211&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087423%2C95338242%2C95343329%2C95344188%2C95335245%2C95339678&oid=2&pvsid=2294018084671705&tmod=824621570&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1482Accept-Encoding: gzip, deflate, brAcc
Source: global traffic HTTP traffic detected: GET /pagead/interaction/?ai=Cl4L-Np3_ZpyLGvyD_NUPoZKamAjk3eGyeum2urG5ErGQHxABILuLmihgyQagAbSmt5YDyAEGqAMByAMCqgTPAU_QL9FcHgarbe19Jn981h61vQtxxNhpuYbjSM39ApDdD99gcGjknLaYrt_ao0qLmrSo1f4im8l5uMcHEvddolb1EdJAHZso3HGHsor_qtiB2c3zjvjFDB1uFrLGimUe2PWL19SNhZGB0HwxoAiGZiBgOU-OoBp5kXJpgFmtvZaxgYQmJR_PnjFdH8UTU6aDfT94zPZQoT_H_a5u6ZQGN1VYeAX_wi8E-SgH15I3N2bFA-yeWNcm602AqtTXfy2v9xp43iqywftEVrAgar3f3sAE4OqKq-sEiAWWsbbBBaAGN4AH-ZP9AagH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAqgH6rGxAqgHmbWxAqgHvrexAqgH-MKxAqgH-8KxAtgHAdIIJgiAYRABGB8yAooCOguAQIDAgICAoKiAAki9_cE6WIi7_uSd9IgDsQlIJjcP57y4o4AKAZgLAcgLAdoMEAoKELDBzvzk7aO_aBICAQOqDQJVU8gNAdgTAogUAdAVAfgWAYAXAbIXAhgBuhcCOAGyGAkSAr5QGDciAQDQGAE&sigh=4JYheIKNZao&cid=CAQSTwDpaXnf7OQJLL9ITIJZ_2g82IouF7N1ejeuKzmpxUJgnpZcHkml8GEpFqeK1VvlKR-G5gj_qvVL8Un9LEeLro6Ei4SqVWDiWXFtaBPrVmU&label=window_focus&gqid=Np3_Zob7GIPox_APl678oAU&qqid=CJz-_uSd9IgDFfwBvwQdIYkGgw&fg=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2627887748647914&output=html&h=524&slotname=8227594300&adk=1250016115&adf=30046807&pi=t.ma~as.8227594300&w=1049&abgtt=1&cr_col=4&cr_row=2&fwrn=2&lmt=1724511682&rafmt=9&format=1049x524&url=https%3A%2F%2Ftcpdf.org%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1728027954904&bpp=1&bdt=1552&idt=1511&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1081x280%2C0x0&nras=1&correlator=6467355029295&frm=20&pv=1&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=182&ady=1562&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087423%2C95338242%2C95343329%2C95344188%2C95335245%2C95339678&oid=2&pvsid=2294018084671705&tmod=824621570&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=1516Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /img/favicon.ico HTTP/1.1Host: tcpdf.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gads=ID=74748a2114bcd6f8:T=1728027958:RT=1728027958:S=ALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ; __gpi=UID=00000f21a449d160:T=1728027958:RT=1728027958:S=ALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w; __eoi=ID=602bc46dfc4ceee3:T=1728027958:RT=1728027958:S=AA-AfjZJ7pwMWsfMd676OPLIU7FI; FCNEC=%5B%5B%22AKsRol8zwmZbEPFdD411pSr6naKEADwiIjJiedZelzPJStz14fmTMqupJL_eHgv29Czm1yoGKik-lClepWkHJHhWjhEiN5UYcbXpl4vZJspAMiuVS6q_n8JJ1DBcqCW4EqY9dGalDFFqDCwa-mU0Ah5kM6OvX972Og%3D%3D%22%5D%5D
Source: global traffic HTTP traffic detected: GET /simgad/15610421984567133?w=100&h=100&tw=1&q=75 HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /generate_204?9O9nkQ HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/interaction/?ai=C7TieNp3_ZvzDGNHM1PIPoJzTmAa6g9vQesL9wKaWE8uH_tWXDhABILuLmihgyQagAcH5ofEoyAEBqAMByANIqgTGAU_Qyrjtz0fBpJllMoqeX7-q0xwH-ccBVyay3V7Tf2DYEysilDNERHCbTen4_zckX7yrGSWKR4utmidOrr_UjmNlxWpXRCdOq5HGs4sOFJ8FXh_FEaCI2r1UfXDJFVJBIxVJWdH5bJ4kXeuCxRqEK6fdhY4W1iynIEOGAvX-j0hzDmJy6cg_HcN6GNjUjGwiML5CVzIp_C3-LMTEXG6tg6bRRoD2YuK4dwOd2tAIoustUstbvVgz6sctdK12RVnhl0yqvai_UcAE4bqNr_8EiAWAsa-GUaAGLoAHwbHy0AOoB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQKoB_jCsQKoB_vCsQLYBwHSCCYIgGEQARgfMgKKAjoLgECAwICAgKCogAJIvf3BOliBwPzknfSIA7EJaq6FW45acQ6ACgGKCiRodHRwczovL21zZWFyY2hpLmNvbS90L3Q_dXJsPXtscHVybH2YCwHICwHgCwHaDBAKChDw4qOBy4jS3SQSAgEDqg0CVVPIDQHYEwzQFQH4FgGAFwGyFwIYAboXAjgBshgJEgL2ahguIgEA0BgB6BgB&sigh=2YnpHkZSnjY&cid=CAQSTwDpaXnfwraMbEJJjcdFqfh5TShXbhsuljVRc5cb-5Nnsi_34Keb0dLt7lVNsLKcNs-dgxy6w315_kvvMzA6gajmKvGBEQbR0xy9QWgCeIE&label=window_focus&gqid=Np3_ZsuFF8Pix_APlZ-6kAI&qqid=CPy2_eSd9IgDFVEmVQgdIM4UYw&fg=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /img/manifest.json HTTP/1.1Host: tcpdf.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cse.js?cx=partner-pub-2627887748647914:4304874910 HTTP/1.1Host: cse.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /generate_204 HTTP/1.1Host: clients1.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb5a6065d7ed889630000000000000000%22,%222%22:%220x9caf7ab5f4bd8ba0000000000000000%22,%223%22:%220x81668088936890fe0000000000000000%22,%224%22:%220xfab52aac0506d0a90000000000000000%22,%225%22:%220xc9bc643ed794f3ae0000000000000000%22},%22debug_key%22:%228355901781919909770%22,%22debug_reporting%22:true,%22destination%22:%22https://yahoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974952641%22],%2222%22:[%22true%22],%224%22:[%2210-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224770841866518032545%22}&andc=true HTTP/1.1Host: www.googleadservices.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://googleads.g.doubleclick.netX-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAttribution-Reporting-Eligible: not-navigation-source, trigger, event-sourceReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ar_debug=1
Source: global traffic HTTP traffic detected: GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://googleads.g.doubleclick.netsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/adview?ai=C2qneRZ3_ZsHjH5LjjuwPuI6ogQG9r9qjdv2JweTeEtrZHhABILuLmihgyQagAe264oQDyAEJqQKkbsG2tIGyPqgDAcgDywSqBPcBT9AzFeQXM76UiRnHuKrHi4JGo1PtP5Vrqv-d1ueCeu0mHNz7-p3VdLfGFhTM4nOx3lyw2SzMAeTmGuDrW7V0W4sXWedSeh6Z-SIxwT88h48cTRRDFXvFy5F_iVBrEdUyAP4XBoGgkol_jPpqe8BvwPSn11HIzvyIBIP0QTNFujkYZjKOhFIv11RnTQF8fEoX1FLkpPAzqSpq5CE2duK3nMI567XbN4u2hjt8tlr3Z9krSeChPdNU15BFFi41J8dhvGHzRdrV8mRn_cVEhOv26FX_NehWS6lTgobAZZJXiMDHyeo8eLaDHwGttn6OuoXs5XWZaQ1vJcAEn4m6lOYEiAXh146wSpIFBAgEGAGSBQQIBRgEoAYugAf7xJ17qAfVyRuoB9m2sQKoB6a-G6gHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAPIHBBC7zhHSCCYIgGEQARgfMgKKAjoLgECAwICAgKCogAJIvf3BOljW5ZfsnfSIA5oJ1wFodHRwczovL2NoZWNrbWsuY29tL2wvYS9zdGFydC1jaGVja21rLWZyZWUtdHJpYWwtdXM_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1jcGMmdXRtX2NhbXBhaWduPVtDYW1wYWlnbnNdR0ROLUNvbXBldGl0b3JzLUN1c3RvbWVycy1VUyZ1dG1fYWRncm91cD10b3BpY3MtMjAyNHV0bV9jb250ZW50PWZyZWUtdHJpYWwmdXRtX3Rlcm09dGNwZGYub3JnJmdhZF9zb3VyY2U9NYAKAcgLAdoMEAoKEMDg2ZqQ56ycOBICAQO4E-QD2BMN0BUBmBYBgBcBshceChoIABIUcHViLTI2Mjc4ODc3NDg2NDc5MTQYABgBuhcCOAGyGAkSAsdOGC4iAQDQGAHoGAE&sigh=iI53x0yFMAM&uach_m=%5BUACH%5D&ase=2&cid=CAQSOwDpaXnfRoSfzQet8StMgy3ViE0c6C9qb6HDTae4oaYBzyXOGDsarpxonpTCW6H2bqeNiUqkPi6NI863GAE&template_id=484&nis=6 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAttribution-Reporting-Eligible: trigger, event-source;navigation-sourceReferer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2627887748647914&output=html&h=280&adk=2380828106&adf=1003747024&w=1081&abgtt=1&fwrn=4&fwrnh=100&lmt=1724511650&rafmt=1&format=1081x280&url=https%3A%2F%2Ftcpdf.org%2Fexamples%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1728027971211&bpp=8&bdt=1014&idt=59&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74748a2114bcd6f8%3AT%3D1728027958%3ART%3D1728027958%3AS%3DALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ&gpic=UID%3D00000f21a449d160%3AT%3D1728027958%3ART%3D1728027958%3AS%3DALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w&eo_id_str=ID%3D602bc46dfc4ceee3%3AT%3D1728027958%3ART%3D1728027958%3AS%3DAA-AfjZJ7pwMWsfMd676OPLIU7FI&correlator=598970542174&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=166&ady=229&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087424%2C31087796%2C95343328%2C95335247&oid=2&pvsid=4358598373628446&tmod=824621570&uas=0&nvt=1&fc=896&brdim=0%2C0%2
Source: global traffic HTTP traffic detected: GET /pagead/s/cookie_push_onload.html HTTP/1.1Host: pagead2.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D HTTP/1.1Host: pagead2.googlesyndication.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /i/ca-pub-2627887748647914?href=https%3A%2F%2Ftcpdf.org%2Fexamples&ers=2 HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=3SuwwnH8NpAc1f+&MD=7lXP+XFW HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /pagead/interaction/?ai=CHD_aNp3_ZovIFovy1PIP-aWeKL2v2qN2_YnB5N4S29keEAEgu4uaKGDJBqAB7brihAPIAQmpAvhHicydf7I-qAMByAPLBKoE0wFP0FmwUpPyb5JVagMdhEHUXO0RJQJipO1YiIfK5jUqZbYMCAAOFACdtVSqQOdGlYgIER5Gw_KGip1qK9ahHUEreuw2AOhWwdZwQJldvOiZbh8scYHJmnvZ1v_c2TB5KWLkmlamc-HU1gHdG3SrtukpmydJfNat38BTqWcJA2ONA5iVk0cLxb8iU90YXE6-MvVj0TfmQ6INpTvEoMw4PCWSV1kSbkyaW_D06Ku5zi8Z9pAUlVe_kkvGDaUNHdxdleChMzkq4zCP0XYU2gJCyIiPvu4FwASfibqU5gSIBeHXjrBKoAYugAf7xJ17qAfVyRuoB9m2sQKoB6a-G6gHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7ECqAfKqbECqAfrpbECqAfqsbECqAeZtbECqAe-t7ECqAf4wrECqAf7wrEC2AcA0ggmCIBhEAEYHzICigI6C4BAgMCAgICgqIACSL39wTpYp__65J30iAOxCXiSimhF2noygAoBigrAAWh0dHBzOi8vbW9uaXRvci5jbGlja2NlYXNlLmNvbS90cmFja2VyLz9pZD1mZnhhb05DMGgwRTlDSiZhZHBvcz0mbG9jcGhpc2ljYWw9Mjg0MCZsb2NpbnRlcmVzdD0mYWRncnA9MTY0ODYyMjY0NDc5Jmt3PSZudz1kJnVybD17bHB1cmx9JmNwbj0xOTk2NTEyNzY0OSZkZXZpY2U9YyZjY3B0dXJsPWNoZWNrbWsuY29tJnBsPXRjcGRmLm9yZ5gLAcgLAeALAYAMAdoMEAoKEMCWgtir6ZKkdxICAQOqDQJVU8gNAbgT5APYEw3QFQGYFgH4FgGAFwGyFwIYAboXAjgBshgJEgLHThguIgEA0BgB6BgB&sigh=ivtoiYeDL0Y&cid=CAQSTgDpaXnfr1vmJpo47AAcBt_oTOHMkst3w1sJcW690O03vI9qUQ5EO2xhS-OGlpU1FvY1ioGFAf4dyfYLqsp9aTv43bXJZQT_r5bg2o2-Cg&label=window_focus&gqid=Np3_ZsLOFdDo1PIPrcOz8QQ&qqid=CIu7--Sd9IgDFQs5VQgd-ZIHBQ&fg=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2627887748647914&output=html&h=280&adk=2380828106&adf=1003747024&w=1081&abgtt=1&fwrn=4&fwrnh=100&lmt=1724511682&rafmt=1&format=1081x280&url=https%3A%2F%2Ftcpdf.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1728027954899&bpp=4&bdt=1547&idt=1445&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=6467355029295&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=166&ady=211&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087423%2C95338242%2C95343329%2C95344188%2C95335245%2C95339678&oid=2&pvsid=2294018084671705&tmod=824621570&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1482Accept-Encoding: gzip, deflate, brAcc
Source: global traffic HTTP traffic detected: GET /pagead/interaction/?ai=Cl4L-Np3_ZpyLGvyD_NUPoZKamAjk3eGyeum2urG5ErGQHxABILuLmihgyQagAbSmt5YDyAEGqAMByAMCqgTPAU_QL9FcHgarbe19Jn981h61vQtxxNhpuYbjSM39ApDdD99gcGjknLaYrt_ao0qLmrSo1f4im8l5uMcHEvddolb1EdJAHZso3HGHsor_qtiB2c3zjvjFDB1uFrLGimUe2PWL19SNhZGB0HwxoAiGZiBgOU-OoBp5kXJpgFmtvZaxgYQmJR_PnjFdH8UTU6aDfT94zPZQoT_H_a5u6ZQGN1VYeAX_wi8E-SgH15I3N2bFA-yeWNcm602AqtTXfy2v9xp43iqywftEVrAgar3f3sAE4OqKq-sEiAWWsbbBBaAGN4AH-ZP9AagH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAqgH6rGxAqgHmbWxAqgHvrexAqgH-MKxAqgH-8KxAtgHAdIIJgiAYRABGB8yAooCOguAQIDAgICAoKiAAki9_cE6WIi7_uSd9IgDsQlIJjcP57y4o4AKAZgLAcgLAdoMEAoKELDBzvzk7aO_aBICAQOqDQJVU8gNAdgTAogUAdAVAfgWAYAXAbIXAhgBuhcCOAGyGAkSAr5QGDciAQDQGAE&sigh=4JYheIKNZao&cid=CAQSTwDpaXnf7OQJLL9ITIJZ_2g82IouF7N1ejeuKzmpxUJgnpZcHkml8GEpFqeK1VvlKR-G5gj_qvVL8Un9LEeLro6Ei4SqVWDiWXFtaBPrVmU&label=window_focus&gqid=Np3_Zob7GIPox_APl678oAU&qqid=CJz-_uSd9IgDFfwBvwQdIYkGgw&fg=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2627887748647914&output=html&h=524&slotname=8227594300&adk=1250016115&adf=30046807&pi=t.ma~as.8227594300&w=1049&abgtt=1&cr_col=4&cr_row=2&fwrn=2&lmt=1724511682&rafmt=9&format=1049x524&url=https%3A%2F%2Ftcpdf.org%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1728027954904&bpp=1&bdt=1552&idt=1511&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1081x280%2C0x0&nras=1&correlator=6467355029295&frm=20&pv=1&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=182&ady=1562&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087423%2C95338242%2C95343329%2C95344188%2C95335245%2C95339678&oid=2&pvsid=2294018084671705&tmod=824621570&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=1516Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /pagead/interaction/?ai=C7TieNp3_ZvzDGNHM1PIPoJzTmAa6g9vQesL9wKaWE8uH_tWXDhABILuLmihgyQagAcH5ofEoyAEBqAMByANIqgTGAU_Qyrjtz0fBpJllMoqeX7-q0xwH-ccBVyay3V7Tf2DYEysilDNERHCbTen4_zckX7yrGSWKR4utmidOrr_UjmNlxWpXRCdOq5HGs4sOFJ8FXh_FEaCI2r1UfXDJFVJBIxVJWdH5bJ4kXeuCxRqEK6fdhY4W1iynIEOGAvX-j0hzDmJy6cg_HcN6GNjUjGwiML5CVzIp_C3-LMTEXG6tg6bRRoD2YuK4dwOd2tAIoustUstbvVgz6sctdK12RVnhl0yqvai_UcAE4bqNr_8EiAWAsa-GUaAGLoAHwbHy0AOoB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQKoB_jCsQKoB_vCsQLYBwHSCCYIgGEQARgfMgKKAjoLgECAwICAgKCogAJIvf3BOliBwPzknfSIA7EJaq6FW45acQ6ACgGKCiRodHRwczovL21zZWFyY2hpLmNvbS90L3Q_dXJsPXtscHVybH2YCwHICwHgCwHaDBAKChDw4qOBy4jS3SQSAgEDqg0CVVPIDQHYEwzQFQH4FgGAFwGyFwIYAboXAjgBshgJEgL2ahguIgEA0BgB6BgB&sigh=2YnpHkZSnjY&cid=CAQSTwDpaXnfwraMbEJJjcdFqfh5TShXbhsuljVRc5cb-5Nnsi_34Keb0dLt7lVNsLKcNs-dgxy6w315_kvvMzA6gajmKvGBEQbR0xy9QWgCeIE&label=window_focus&gqid=Np3_ZsuFF8Pix_APlZ-6kAI&qqid=CPy2_eSd9IgDFVEmVQgdIM4UYw&fg=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /img/favicon.ico HTTP/1.1Host: tcpdf.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gads=ID=74748a2114bcd6f8:T=1728027958:RT=1728027958:S=ALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ; __gpi=UID=00000f21a449d160:T=1728027958:RT=1728027958:S=ALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w; __eoi=ID=602bc46dfc4ceee3:T=1728027958:RT=1728027958:S=AA-AfjZJ7pwMWsfMd676OPLIU7FI; FCNEC=%5B%5B%22AKsRol8zwmZbEPFdD411pSr6naKEADwiIjJiedZelzPJStz14fmTMqupJL_eHgv29Czm1yoGKik-lClepWkHJHhWjhEiN5UYcbXpl4vZJspAMiuVS6q_n8JJ1DBcqCW4EqY9dGalDFFqDCwa-mU0Ah5kM6OvX972Og%3D%3D%22%5D%5D
Source: global traffic HTTP traffic detected: GET /pagead/interaction/?ai=CmSKlRZ3_ZsHjH5LjjuwPuI6ogQG9r9qjdv2JweTeEtrZHhABILuLmihgyQagAe264oQDyAEJqQKkbsG2tIGyPqgDAcgDywSqBPoBT9AzFeQXM76UiRnHuKrHi4JGo1PtP5Vrqv-d1ueCeu0mHNz7-p3VdLfGFhTM4nOx3lyw2SzMAeTmGuDrW7V0W4sXWedSeh6Z-SIxwT88h48cTRRDFXvFy5F_iVBrEdUyAP4XBoGgkol_jPpqe8BvwPSn11HIzvyIBIP0QTNFujkYZjKOhFIv11RnTQF8fEoX1FLkpPAzqSpq5CE2duK3nMI567XbN4u2hjt8tlr3Z9krSeChPdNU15BFFi41J8dhvCPxdEgxBtRZGXVta0aYDPiwvD9XwVYvq4xtb7lPWGAIyGDJqZWtB_BlAxBqNRrMyW1_qKVRwYZwWMAEn4m6lOYEiAXh146wSqAGLoAH-8Sde6gH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAqgH6rGxAqgHmbWxAqgHvrexAqgH-MKxAqgH-8KxAtgHANIIJgiAYRABGB8yAooCOguAQIDAgICAoKiAAki9_cE6WNbll-yd9IgDsQl4kopoRdp6MoAKAYoKwAFodHRwczovL21vbml0b3IuY2xpY2tjZWFzZS5jb20vdHJhY2tlci8_aWQ9ZmZ4YW9OQzBoMEU5Q0omYWRwb3M9JmxvY3BoaXNpY2FsPTI4NDAmbG9jaW50ZXJlc3Q9JmFkZ3JwPTE2NDg2MjI2NDQ3OSZrdz0mbnc9ZCZ1cmw9e2xwdXJsfSZjcG49MTk5NjUxMjc2NDkmZGV2aWNlPWMmY2NwdHVybD1jaGVja21rLmNvbSZwbD10Y3BkZi5vcmeYCwHICwHgCwGADAHaDBAKChDA4NmakOesnDgSAgEDqg0CVVPIDQG4E-QD2BMN0BUBmBYB-BYBgBcBshcCGAG6FwI4AbIYCRICx04YLiIBANAYAegYAQ&sigh=KSSI5GYnfC4&cid=CAQSOwDpaXnfRoSfzQet8StMgy3ViE0c6C9qb6HDTae4oaYBzyXOGDsarpxonpTCW6H2bqeNiUqkPi6NI863&label=window_focus&gqid=RZ3_ZrPsHoHjjuwPpLrjgQg&qqid=CIGamOyd9IgDFZKxgwcdOAcqEA&fg=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2627887748647914&output=html&h=280&adk=2380828106&adf=1003747024&w=1081&abgtt=1&fwrn=4&fwrnh=100&lmt=1724511650&rafmt=1&format=1081x280&url=https%3A%2F%2Ftcpdf.org%2Fexamples%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1728027971211&bpp=8&bdt=1014&idt=59&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74748a2114bcd6f8%3AT%3D1728027958%3ART%3D1728027958%3AS%3DALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ&gpic=UID%3D00000f21a449d160%3AT%3D1728027958%3ART%3D1728027958%3AS%3DALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w&eo_id_str=ID%3D602bc46dfc4ceee3%3AT%3D1728027958%3ART%3D1728027958%3AS%3DAA-AfjZJ7pwMWsfMd676OPLIU7FI&correlator=598970542174&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=166&ady=229&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087424%2C31087796%2C95343328
Source: global traffic HTTP traffic detected: GET /simgad/3200209128226090959/14763004658117789537 HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /simgad/15610421984567133?w=100&h=100&tw=1&q=75 HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb5a6065d7ed889630000000000000000%22,%222%22:%220x9caf7ab5f4bd8ba0000000000000000%22,%223%22:%220x81668088936890fe0000000000000000%22,%224%22:%220xfab52aac0506d0a90000000000000000%22,%225%22:%220xc9bc643ed794f3ae0000000000000000%22},%22debug_key%22:%228355901781919909770%22,%22debug_reporting%22:true,%22destination%22:%22https://yahoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974952641%22],%2222%22:[%22true%22],%224%22:[%2210-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224770841866518032545%22}&andc=true HTTP/1.1Host: www.googleadservices.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ar_debug=1
Source: global traffic HTTP traffic detected: GET /int/cm?exc=1&acc=crimtan&google_gid=CAESECBHgfwy-MCSvbluS7ozM0k&google_cver=1&google_push=AXcoOmR8PqpLHhRrgSN4TfI5rtxRa26g8FFRx-ot3zEG1tZsb3XduOTyK63_OCGgUqsPOR9p598IsoHKhMZN7JrAbAxUYjI5T3nLNbg HTTP/1.1Host: gcm.ctnsnet.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1184c3e1cee1a2f80000000000000000%22,%222%22:%220xf096886877e5ac240000000000000000%22,%223%22:%220xe31b55a86ff1e4d40000000000000000%22,%224%22:%220x19b2d8ae706dd50f0000000000000000%22,%225%22:%220xbe8309a619f260dd0000000000000000%22},%22debug_key%22:%2215948003920359143422%22,%22debug_reporting%22:true,%22destination%22:%22https://checkmk.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22815308141%22],%2222%22:[%22true%22],%224%22:[%2210-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226446532385923562369%22}&andc=true HTTP/1.1Host: www.googleadservices.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://googleads.g.doubleclick.netX-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAttribution-Reporting-Eligible: trigger, event-source;navigation-sourceReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ar_debug=1
Source: global traffic HTTP traffic detected: GET /f/AGSKWxXQvm7CrzWEtJnF7sDZcIdiCacKDXUsJzOxoqbEt5FugjdeP5P7C7VjCTk0PQ3w2x1KUTK-Mp0GziJ4OYqRS2ufBGQgc4hC-Z3lOiqNxV_FD9zdq9Q3IylxpofmJKjrqj83OsoUOA==?fccs=W1siQUtzUm9sOHp3bVpiRVBGZEQ0MTFwU3I2bmFLRUFEd2lJakppZWRaZWx6UEpTdHoxNGZtVE1xdXBKTF9lSGd2MjlDem0xeW9HS2lrLWxDbGVwV2tISkhoV2poRWlONVVZY2JYcGw0dlpKc3BBTWl1VlM2cV9uOEpKMURCY3FDVzRFcVk5ZEdhbERGRnFEQ3dhLW1VMEFoNWtNNk92WDk3Mk9nPT0iXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsWzE3MjgwMjc5NzUsMzMwMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3RjcGRmLm9yZy9leGFtcGxlcy8iLG51bGwsW1s4LCJlc2tXWFNGSHNRZyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODIyNTRdLDE4LDFdIl0sWzE5LCIyIl1dXQ HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /api/ad/union/gg_cookie_matching?google_gid=CAESEBcyLH_rDQiK_0c48RzDP64&google_cver=1&google_push=AXcoOmTP1kQx1eA-bgShJQnOZ5vqbEIU-JjVd5dLpRCC9EQmaUZaR4fbREmG4VMCtv1qtD5NNINlfi7b-NDzaMMQ1n_X2ixe37B45bso HTTP/1.1Host: analytics.pangle-ads.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /tum?umid=4&uid=CAESEN4Raq6kYBlaOcPf0gZaSmI&google_cver=1&google_push=AXcoOmRLBxKsvfcKPfmXE7crfROMgFHTV3UfGOKcIDq7rPAc0encBk0V8RCjH4UG3WSTbII9vBJ-jst8EJcxGsrIB8YVKjXjQZRgYQ HTTP/1.1Host: ums.acuityplatform.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pixel/attr?d=AHNF13IOtP9VmQhamvHueibuaBeu9KwHT8UDUYp9Q5QNG-mTOUwKHNbf72goGRruhbA1CBbl0OuVYi0 HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /gcm?google_gid=CAESEFuIZVdNK4yYnyu4E_mTUkU&google_cver=1&google_push=AXcoOmR3RVKYUiMzKJlRven0LF0LObY4lGkY15adutTpM87KT3VmdMoqTbb2t3sEmS4GMNy0iMUj21fKk0kayFtPMIcknA9KblcvWEg HTTP/1.1Host: a.c.appier.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /adx/user/cookie_syn?pubid=Z29vZ2xlYWR4&google_gid=CAESEGCFv4-baNIpcJs37iXx5m0&google_cver=1&google_push=AXcoOmRtCjeVtF5AEpLXzLiym3qLgSyrJlqBfI0v3y8pYEQvO4I3lOHsCmOY76HS3_flMldKC3F2wiUMLkV-6qgL8LPOO9XVl10tBJI HTTP/1.1Host: gw-iad-bid.ymmobi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS-1sNSFynhY2Thkdw1lzf7I957wEhODNrnHjQax28PgWmI24obD7q-E4Mjf8W9wkwrXCxndBGM5v0TWCwBOnoT1YIhDRIEvZU&google_gid=CAESEKKUfZojA2PWTPsrxN37hrs&google_cver=1 HTTP/1.1Host: dis.criteo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cookie-sync/adx?google_gid=CAESEPHikw-Tu8rWgEP2GfezLSw&google_cver=1&google_push=AXcoOmRHh7xUgx1iTz1SFRpj7aLJoe7xOV6j9wLlNxDi7zslY4VseSq1NGlfoX533jQLgG0mSZA2Pw1V43h-nNhjnB7HDqMEqZd3fbY HTTP/1.1Host: match.prod.bidr.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-2627887748647914&output=html&h=280&adk=3363856768&adf=3504424305&pi=t.aa~a.3536566133~rp.3&w=1113&abgtt=1&fwrn=4&fwrnh=100&lmt=1724511650&rafmt=1&to=qs&pwprc=8713060051&format=1113x280&url=https%3A%2F%2Ftcpdf.org%2Fexamples%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1728027974003&bpp=1&bdt=3806&idt=-M&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74748a2114bcd6f8%3AT%3D1728027958%3ART%3D1728027958%3AS%3DALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ&gpic=UID%3D00000f21a449d160%3AT%3D1728027958%3ART%3D1728027958%3AS%3DALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w&eo_id_str=ID%3D602bc46dfc4ceee3%3AT%3D1728027958%3ART%3D1728027958%3AS%3DAA-AfjZJ7pwMWsfMd676OPLIU7FI&prev_fmts=1081x280%2C0x0&nras=2&correlator=598970542174&frm=20&pv=1&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=150&ady=2448&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087424%2C31087796%2C95343328%2C95335247&oid=2&psts=AOrYGsmjro6GJRh-yjtCicStqB3thBW5_LDCDVDW2L8rLaz3cJtyPuIHjgF2c3eoaQ4Y-t6xVRa18B32yn1Mh5jKFu4kfw&pvsid=4358598373628446&tmod=824621570&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=1333 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Sec-Browsing-Topics: ();p=P0000000000000000000000000000000Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /pixel?google_nid=crimtan&google_push=AXcoOmR8PqpLHhRrgSN4TfI5rtxRa26g8FFRx-ot3zEG1tZsb3XduOTyK63_OCGgUqsPOR9p598IsoHKhMZN7JrAbAxUYjI5T3nLNbg&google_hm=dJLMgq7aT2m-9AgK3VNQZiE HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /int/cm?exc=1&acc=crimtan&google_gid=CAESECBHgfwy-MCSvbluS7ozM0k&google_cver=1&google_push=AXcoOmQMVf9n66avQSEE8XWK4WNQZ7rpgdP6WHhQ1ww608F0cVsGxewxOyBLa_VJ1lug5LGuf-g4xyQCYlJqcvrjOtyzPmdBEPQ6-MQ HTTP/1.1Host: gcm.ctnsnet.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid_7492cc82aeda4f69bef4080add535066=1; gid_CAESECBHgfwy-MCSvbluS7ozM0k=1
Source: global traffic HTTP traffic detected: GET /adx/user/cookie_syn?pubid=Z29vZ2xlYWR4&google_gid=CAESEGCFv4-baNIpcJs37iXx5m0&google_cver=1&google_push=AXcoOmRKzIIpX_Q_QgTBj6LjIYaiqP0X7J3Z66wurmIpzD7iiaGRX-w7n7txPta-pn7O7o89DuD8G465EXhvoZWBbxVwBGyss2tG2U_A HTTP/1.1Host: gw-iad-bid.ymmobi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/js/r20240930/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/js/r20240930/r20110914/elements/html/fullscreen_api_adapter_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/js/r20240930/r20110914/client/load_preloaded_resource_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/js/r20240930/r20110914/elements/html/interstitial_ad_frame_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /css?family=Roboto%3A400%2C500%2C600 HTTP/1.1Host: fonts.googleapis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS-1sNSFynhY2Thkdw1lzf7I957wEhODNrnHjQax28PgWmI24obD7q-E4Mjf8W9wkwrXCxndBGM5v0TWCwBOnoT1YIhDRIEvZU&google_gid=CAESEKKUfZojA2PWTPsrxN37hrs&google_cver=1 HTTP/1.1Host: widget.us.criteo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /sync?exchange=11&google_gid=CAESEARTD1fgx9J3MutUqWsB0rc&google_cver=1&google_push=AXcoOmR0EQchTimTNsJCn53Dqxb-RYp34iQdeO0LFCExHJnTDfTQ6QbtlulsxNm8o4gmzvjIlI38uUgKWVxFZnLfhf_N9mqBgsq7rto HTTP/1.1Host: dsp.adkernel.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pixel?google_nid=toutiao_usd&google_push=AXcoOmTP1kQx1eA-bgShJQnOZ5vqbEIU-JjVd5dLpRCC9EQmaUZaR4fbREmG4VMCtv1qtD5NNINlfi7b-NDzaMMQ1n_X2ixe37B45bso HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /pagead/js/r20240930/r20110914/abg_lite_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cookie-sync/adx?google_gid=CAESEPHikw-Tu8rWgEP2GfezLSw&google_cver=1&google_push=AXcoOmRHh7xUgx1iTz1SFRpj7aLJoe7xOV6j9wLlNxDi7zslY4VseSq1NGlfoX533jQLgG0mSZA2Pw1V43h-nNhjnB7HDqMEqZd3fbY&_bee_ppp=1 HTTP/1.1Host: match.prod.bidr.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: checkForPermission=ok
Source: global traffic HTTP traffic detected: GET /cm-notify?pi=adxab&google_nid=rtb_house&google_gid=CAESEIFtXtqEgnFRZijhSqRasU4&google_cver=1&google_push=AXcoOmSxZ8b44lhEMSx6qZOwzmw4ZbxbEtSBGf1cmFFWKt_nA1lnBaN7yO12FpsqcpVrRM1W0UqJwxKMBHoFqW6lC0Annqxs6usM0NE HTTP/1.1Host: creativecdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/js/r20240930/r20110914/client/window_focus_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /adxcookie?id=&google_gid=CAESEDiq53ncC4_XpZJVzkktuK8&google_cver=1&google_push=AXcoOmQelMX6L5WBrxemBonqB21giyw8X05OUQ3eVKJRbKY3Fp-mf2cqTFKeJUzFCswmk0tVUkXpdTyh5kQ0r4ycZw8bFkGgf6-y0ug HTTP/1.1Host: match.adsby.bidtheatre.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pixel/attr?d=AHNF13JmdPMm0v9ii2R1kIon2Rhrj75YY9b09KIWuLo124NMD1GfWHioxJoVNwIxnfp90-vSmr7S81s HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /pcs/activeview?xai=AKAOjsvpCc815WRJDVjnWek2pimJRbijrch1U6-DcfT0KcB-qNccrGSOLlWW4SRJDCI1P6ScPfiZUUEVftUbo8WtQgcLudJ2HvrvU-XN1f7BCssYkedaujdIc1tvw7zuf6tIrec81o4s6-yZDhB7kNwsnitciK_Vk6sIUtXtNxwlJEl9z_3rbdKV0QDsUUx5RtxP&sai=AMfl-YSJUJJhG0kY6yR4OpJy1wOBZmTFI8Xz8Cex-FPVTA9bK-xxL36TVDfZnmuV0T1Hktvk-szrchnFHC4cy_taFm82LhHuOTLyt6CWoVJUBSlqchFrakSdfcG9agI&sig=Cg0ArKJSzNKci04q64kgEAE&cid=CAQSOwDpaXnfRoSfzQet8StMgy3ViE0c6C9qb6HDTae4oaYBzyXOGDsarpxonpTCW6H2bqeNiUqkPi6NI863GAE&id=lidar2&mcvt=1009&p=0,0,280,1081&tm=2718.2000000000116&tu=1709.4000000000233&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20240930&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2380828106&rs=2&la=1&cr=0&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0%3D&vs=4&r=v&co=2396077300&rst=1728027971332&rpt=4053&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 HTTP/1.1Host: pagead2.googlesyndication.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pixel?google_hm=LU1TM0p0TXlEQXFteXh5d1NaM19aZw%3D%3D&google_nid=appier&google_push=AXcoOmR3RVKYUiMzKJlRven0LF0LObY4lGkY15adutTpM87KT3VmdMoqTbb2t3sEmS4GMNy0iMUj21fKk0kayFtPMIcknA9KblcvWEg HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /mapuid/GoogleSspUid/?partner-tag=yandex_ag&ssp-id=17298340&google_gid=CAESEMzWRsTrUSeGA9S-JkDNbaY&google_cver=1&google_push=AXcoOmRhAw1oF1MYSlEF9QLrxYP9eyIFMZ0OeGoMBPETnLRrYYbTGqxRECPFwM7xlNXxg5HIGgdSaysBIwO6bb6YOmIfVB3lHgFLJIA HTTP/1.1Host: an.yandex.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECsZU4uAFJj-DtVaAvz52p4&google_cver=1&google_push=AXcoOmTgW26iJFS7b53PxbKW0SNAe8SWcjfTmAAfS3HV3xNjG92d7ZZCl29aYgMcGycrhnlcw0nyDK9l9vS0mgwrzn9hfTYzbo0KFi4 HTTP/1.1Host: cms.quantserve.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /i/ca-pub-2627887748647914?href=https%3A%2F%2Ftcpdf.org%2Fexamples&ers=2 HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1184c3e1cee1a2f80000000000000000%22,%222%22:%220xf096886877e5ac240000000000000000%22,%223%22:%220xe31b55a86ff1e4d40000000000000000%22,%224%22:%220x19b2d8ae706dd50f0000000000000000%22,%225%22:%220xbe8309a619f260dd0000000000000000%22},%22debug_key%22:%2215948003920359143422%22,%22debug_reporting%22:true,%22destination%22:%22https://checkmk.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22815308141%22],%2222%22:[%22true%22],%224%22:[%2210-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226446532385923562369%22}&andc=true HTTP/1.1Host: www.googleadservices.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ar_debug=1
Source: global traffic HTTP traffic detected: GET /f/AGSKWxXQvm7CrzWEtJnF7sDZcIdiCacKDXUsJzOxoqbEt5FugjdeP5P7C7VjCTk0PQ3w2x1KUTK-Mp0GziJ4OYqRS2ufBGQgc4hC-Z3lOiqNxV_FD9zdq9Q3IylxpofmJKjrqj83OsoUOA==?fccs=W1siQUtzUm9sOHp3bVpiRVBGZEQ0MTFwU3I2bmFLRUFEd2lJakppZWRaZWx6UEpTdHoxNGZtVE1xdXBKTF9lSGd2MjlDem0xeW9HS2lrLWxDbGVwV2tISkhoV2poRWlONVVZY2JYcGw0dlpKc3BBTWl1VlM2cV9uOEpKMURCY3FDVzRFcVk5ZEdhbERGRnFEQ3dhLW1VMEFoNWtNNk92WDk3Mk9nPT0iXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsWzE3MjgwMjc5NzUsMzMwMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3RjcGRmLm9yZy9leGFtcGxlcy8iLG51bGwsW1s4LCJlc2tXWFNGSHNRZyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODIyNTRdLDE4LDFdIl0sWzE5LCIyIl1dXQ HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS-1sNSFynhY2Thkdw1lzf7I957wEhODNrnHjQax28PgWmI24obD7q-E4Mjf8W9wkwrXCxndBGM5v0TWCwBOnoT1YIhDRIEvZU&google_gid=CAESEKKUfZojA2PWTPsrxN37hrs&google_cver=1 HTTP/1.1Host: widget.us.criteo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pixel?google_nid=crimtan&google_push=AXcoOmQMVf9n66avQSEE8XWK4WNQZ7rpgdP6WHhQ1ww608F0cVsGxewxOyBLa_VJ1lug5LGuf-g4xyQCYlJqcvrjOtyzPmdBEPQ6-MQ&google_hm=dJLMgq7aT2m-9AgK3VNQZiE HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /f/AGSKWxVPkGW_bHn4bk-pDw8DpvFadmPbBfan4BPHhqhGgekAE3Rjn9xBfc2YEqLQC63zUFyCjbWo_iOyNm8X_SydQpc6TIKXkydyBFj9Qr0OqB6osTLn3L1u584ONioht8b687gQC-mezJfBIywtfxJ2XgUkPArllr6tqqz-A30UXq91npqigUY4P0rjm3sv/_/css/ads-/ad_scroller./ads/adp4.=234x60;script,domain=imx.to HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pixel?google_nid=adkernel&google_hm=QTU3MzYwNDcwMTExNTk5MTk1NDE&google_push=AXcoOmR0EQchTimTNsJCn53Dqxb-RYp34iQdeO0LFCExHJnTDfTQ6QbtlulsxNm8o4gmzvjIlI38uUgKWVxFZnLfhf_N9mqBgsq7rto HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /pixel?google_nid=crimtan&google_push=AXcoOmR8PqpLHhRrgSN4TfI5rtxRa26g8FFRx-ot3zEG1tZsb3XduOTyK63_OCGgUqsPOR9p598IsoHKhMZN7JrAbAxUYjI5T3nLNbg&google_hm=dJLMgq7aT2m-9AgK3VNQZiE HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /cm-notify?pi=adxab&google_nid=rtb_house&google_gid=CAESEIFtXtqEgnFRZijhSqRasU4&google_cver=1&google_push=AXcoOmSxZ8b44lhEMSx6qZOwzmw4ZbxbEtSBGf1cmFFWKt_nA1lnBaN7yO12FpsqcpVrRM1W0UqJwxKMBHoFqW6lC0Annqxs6usM0NE&tc=1 HTTP/1.1Host: creativecdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: g=ONqNfcmPGKIFxh2DFULA_1728027978401; ts=1728027978
Source: global traffic HTTP traffic detected: GET /ads/measurement/l?ebcid=ALh7CaQIiAE2JyJ7qgxNyeT3cY-cRl0hHMRso2KuHW-LMEQyrrz7u0dFpwnt8iMrSk-cjqFQiowvHtpWQHMpVMW6ZSY9StjAyw HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pixel?google_nid=bt&google_push=AXcoOmQelMX6L5WBrxemBonqB21giyw8X05OUQ3eVKJRbKY3Fp-mf2cqTFKeJUzFCswmk0tVUkXpdTyh5kQ0r4ycZw8bFkGgf6-y0ug HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D HTTP/1.1Host: pagead2.googlesyndication.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEanlVN05fenNBQUJrSWlranBqUQ&google_push=AXcoOmRHh7xUgx1iTz1SFRpj7aLJoe7xOV6j9wLlNxDi7zslY4VseSq1NGlfoX533jQLgG0mSZA2Pw1V43h-nNhjnB7HDqMEqZd3fbY&bee_sync_partners=&bee_sync_current_partner=adx&bee_sync_hop_count=1 HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /pagead/js/r20240930/r20110914/client/load_preloaded_resource_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/js/r20240930/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/js/r20240930/r20110914/elements/html/fullscreen_api_adapter_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/js/r20240930/r20110914/elements/html/interstitial_ad_frame_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/js/r20240930/r20110914/client/window_focus_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pixel?google_nid=toutiao_usd&google_push=AXcoOmTP1kQx1eA-bgShJQnOZ5vqbEIU-JjVd5dLpRCC9EQmaUZaR4fbREmG4VMCtv1qtD5NNINlfi7b-NDzaMMQ1n_X2ixe37B45bso HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /pixel?google_hm=LU1TM0p0TXlEQXFteXh5d1NaM19aZw%3D%3D&google_nid=appier&google_push=AXcoOmR3RVKYUiMzKJlRven0LF0LObY4lGkY15adutTpM87KT3VmdMoqTbb2t3sEmS4GMNy0iMUj21fKk0kayFtPMIcknA9KblcvWEg HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /pagead/js/r20240930/r20110914/abg_lite_fy2021.js HTTP/1.1Host: tpc.googlesyndication.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTgW26iJFS7b53PxbKW0SNAe8SWcjfTmAAfS3HV3xNjG92d7ZZCl29aYgMcGycrhnlcw0nyDK9l9vS0mgwrzn9hfTYzbo0KFi4&google_hm=p3aQIUmnrWFB-39DLi5PEg HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /mapuid/GoogleSspUid/?partner-tag=yandex_ag&ssp-id=17298340&google_gid=CAESEMzWRsTrUSeGA9S-JkDNbaY&google_cver=1&google_push=AXcoOmRhAw1oF1MYSlEF9QLrxYP9eyIFMZ0OeGoMBPETnLRrYYbTGqxRECPFwM7xlNXxg5HIGgdSaysBIwO6bb6YOmIfVB3lHgFLJIA HTTP/1.1Host: an.yandex.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: i=Yuqs7gEJsox5w8T/wJNkQ34yE8WYkAziQ3qH1B+6m8Ntgg5OVV4nuExZfK1IsClpjhDt3dRrQZdn3qtXKwoJuQaWeos=; yandexuid=2257158801728027978; yashr=1695784991728027978
Source: global traffic HTTP traffic detected: GET /pagead/interaction/?ai=CHD_aNp3_ZovIFovy1PIP-aWeKL2v2qN2_YnB5N4S29keEAEgu4uaKGDJBqAB7brihAPIAQmpAvhHicydf7I-qAMByAPLBKoE0wFP0FmwUpPyb5JVagMdhEHUXO0RJQJipO1YiIfK5jUqZbYMCAAOFACdtVSqQOdGlYgIER5Gw_KGip1qK9ahHUEreuw2AOhWwdZwQJldvOiZbh8scYHJmnvZ1v_c2TB5KWLkmlamc-HU1gHdG3SrtukpmydJfNat38BTqWcJA2ONA5iVk0cLxb8iU90YXE6-MvVj0TfmQ6INpTvEoMw4PCWSV1kSbkyaW_D06Ku5zi8Z9pAUlVe_kkvGDaUNHdxdleChMzkq4zCP0XYU2gJCyIiPvu4FwASfibqU5gSIBeHXjrBKoAYugAf7xJ17qAfVyRuoB9m2sQKoB6a-G6gHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7ECqAfKqbECqAfrpbECqAfqsbECqAeZtbECqAe-t7ECqAf4wrECqAf7wrEC2AcA0ggmCIBhEAEYHzICigI6C4BAgMCAgICgqIACSL39wTpYp__65J30iAOxCXiSimhF2noygAoBigrAAWh0dHBzOi8vbW9uaXRvci5jbGlja2NlYXNlLmNvbS90cmFja2VyLz9pZD1mZnhhb05DMGgwRTlDSiZhZHBvcz0mbG9jcGhpc2ljYWw9Mjg0MCZsb2NpbnRlcmVzdD0mYWRncnA9MTY0ODYyMjY0NDc5Jmt3PSZudz1kJnVybD17bHB1cmx9JmNwbj0xOTk2NTEyNzY0OSZkZXZpY2U9YyZjY3B0dXJsPWNoZWNrbWsuY29tJnBsPXRjcGRmLm9yZ5gLAcgLAeALAYAMAdoMEAoKEMCWgtir6ZKkdxICAQOqDQJVU8gNAbgT5APYEw3QFQGYFgH4FgGAFwGyFwIYAboXAjgBshgJEgLHThguIgEA0BgB6BgB&sigh=ivtoiYeDL0Y&cid=CAQSTgDpaXnfr1vmJpo47AAcBt_oTOHMkst3w1sJcW690O03vI9qUQ5EO2xhS-OGlpU1FvY1ioGFAf4dyfYLqsp9aTv43bXJZQT_r5bg2o2-Cg&label=window_focus&gqid=Np3_ZsLOFdDo1PIPrcOz8QQ&qqid=CIu7--Sd9IgDFQs5VQgd-ZIHBQ&fg=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2627887748647914&output=html&h=280&adk=2380828106&adf=1003747024&w=1081&abgtt=1&fwrn=4&fwrnh=100&lmt=1724511682&rafmt=1&format=1081x280&url=https%3A%2F%2Ftcpdf.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1728027954899&bpp=4&bdt=1547&idt=1445&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=6467355029295&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=166&ady=211&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087423%2C95338242%2C95343329%2C95344188%2C95335245%2C95339678&oid=2&pvsid=2294018084671705&tmod=824621570&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1482Accept-Encoding: gzip, deflate, brAcc
Source: global traffic HTTP traffic detected: GET /pagead/interaction/?ai=Cl4L-Np3_ZpyLGvyD_NUPoZKamAjk3eGyeum2urG5ErGQHxABILuLmihgyQagAbSmt5YDyAEGqAMByAMCqgTPAU_QL9FcHgarbe19Jn981h61vQtxxNhpuYbjSM39ApDdD99gcGjknLaYrt_ao0qLmrSo1f4im8l5uMcHEvddolb1EdJAHZso3HGHsor_qtiB2c3zjvjFDB1uFrLGimUe2PWL19SNhZGB0HwxoAiGZiBgOU-OoBp5kXJpgFmtvZaxgYQmJR_PnjFdH8UTU6aDfT94zPZQoT_H_a5u6ZQGN1VYeAX_wi8E-SgH15I3N2bFA-yeWNcm602AqtTXfy2v9xp43iqywftEVrAgar3f3sAE4OqKq-sEiAWWsbbBBaAGN4AH-ZP9AagH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAqgH6rGxAqgHmbWxAqgHvrexAqgH-MKxAqgH-8KxAtgHAdIIJgiAYRABGB8yAooCOguAQIDAgICAoKiAAki9_cE6WIi7_uSd9IgDsQlIJjcP57y4o4AKAZgLAcgLAdoMEAoKELDBzvzk7aO_aBICAQOqDQJVU8gNAdgTAogUAdAVAfgWAYAXAbIXAhgBuhcCOAGyGAkSAr5QGDciAQDQGAE&sigh=4JYheIKNZao&cid=CAQSTwDpaXnf7OQJLL9ITIJZ_2g82IouF7N1ejeuKzmpxUJgnpZcHkml8GEpFqeK1VvlKR-G5gj_qvVL8Un9LEeLro6Ei4SqVWDiWXFtaBPrVmU&label=window_focus&gqid=Np3_Zob7GIPox_APl678oAU&qqid=CJz-_uSd9IgDFfwBvwQdIYkGgw&fg=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2627887748647914&output=html&h=524&slotname=8227594300&adk=1250016115&adf=30046807&pi=t.ma~as.8227594300&w=1049&abgtt=1&cr_col=4&cr_row=2&fwrn=2&lmt=1724511682&rafmt=9&format=1049x524&url=https%3A%2F%2Ftcpdf.org%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1728027954904&bpp=1&bdt=1552&idt=1511&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1081x280%2C0x0&nras=1&correlator=6467355029295&frm=20&pv=1&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=182&ady=1562&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087423%2C95338242%2C95343329%2C95344188%2C95335245%2C95339678&oid=2&pvsid=2294018084671705&tmod=824621570&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=1516Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /pagead/interaction/?ai=C7TieNp3_ZvzDGNHM1PIPoJzTmAa6g9vQesL9wKaWE8uH_tWXDhABILuLmihgyQagAcH5ofEoyAEBqAMByANIqgTGAU_Qyrjtz0fBpJllMoqeX7-q0xwH-ccBVyay3V7Tf2DYEysilDNERHCbTen4_zckX7yrGSWKR4utmidOrr_UjmNlxWpXRCdOq5HGs4sOFJ8FXh_FEaCI2r1UfXDJFVJBIxVJWdH5bJ4kXeuCxRqEK6fdhY4W1iynIEOGAvX-j0hzDmJy6cg_HcN6GNjUjGwiML5CVzIp_C3-LMTEXG6tg6bRRoD2YuK4dwOd2tAIoustUstbvVgz6sctdK12RVnhl0yqvai_UcAE4bqNr_8EiAWAsa-GUaAGLoAHwbHy0AOoB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQKoB_jCsQKoB_vCsQLYBwHSCCYIgGEQARgfMgKKAjoLgECAwICAgKCogAJIvf3BOliBwPzknfSIA7EJaq6FW45acQ6ACgGKCiRodHRwczovL21zZWFyY2hpLmNvbS90L3Q_dXJsPXtscHVybH2YCwHICwHgCwHaDBAKChDw4qOBy4jS3SQSAgEDqg0CVVPIDQHYEwzQFQH4FgGAFwGyFwIYAboXAjgBshgJEgL2ahguIgEA0BgB6BgB&sigh=2YnpHkZSnjY&cid=CAQSTwDpaXnfwraMbEJJjcdFqfh5TShXbhsuljVRc5cb-5Nnsi_34Keb0dLt7lVNsLKcNs-dgxy6w315_kvvMzA6gajmKvGBEQbR0xy9QWgCeIE&label=window_focus&gqid=Np3_ZsuFF8Pix_APlZ-6kAI&qqid=CPy2_eSd9IgDFVEmVQgdIM4UYw&fg=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /pagead/interaction/?ai=CMva6RZ3_ZuS5JcKOjuwPoIXV-AOmvc2Ac4nZidGXEtTb4p-8ARABILuLmihgyQagAZq8oJMDyAEJqAMByAPLBKoE-QFP0FxD41t37ZPv43xVNREcEmRhU-P9U82fRUZTc8ZYBeiaU4Xz7FzK5mjDRfFlcTZwBOSbor_MqOVp0vOwd2F91mQIgDE0Cz90qHn1Rsc6pvylTHn1-8TjEqNyeIbc_jkPP7gx5qKwiIsRB2uAZ1mOhRcuKO5ZCihkLWLmk0YRTpH9u3TSkHCjSGm6YPGIw3AgwMn2wvLngwA2BDLMX1JxLsTFfz5u55PS0BZNH1IeWPEPy5LKeVvDQnxxVAKALN3SvcVKGbCBd8fwd3Fv6M8gMUgVyPTDrehMHIRx2XFT7Aa0ebLX88ZGCT1_3sMLHkgnuUa8z2slV1PABKnoq9ODBIgFxpL8hT6gBi6AB87D32yoB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQKoB_jCsQKoB_vCsQKoB8LIsQLYBwDSCCYIgGEQARgfMgKKAjoLgECAwICAgKCogAJIvf3BOlijup3snfSIA7EJ2eOOdG8AD-qACgGKCjJodHRwOi8vd3d3Ljk0OXZhbnMuY29tL3dlLWJ1eS13aGVlbGNoYWlyLXZhbnMuYXNweJgLAcgLAeALAYAMAdoMEQoLEJDp5MWGu-DC-QESAgEDqg0CVVPIDQGiE1YKOQgDQAFSCAoGEgQIARABaPrE3NBIciMSISACKAE4AkDGkvyFPlgBaP7__________wFwAoABAZgBAxoZChdjYS1wdWItMjYyNzg4Nzc0ODY0NzkxNLgTiATYEwrQFQGYFgH4FgGAFwGyFwIYAboXAjgBshgJEgL-URguIgEA0BgB&sigh=9TFKQIxcwfQ&cid=CAQSOwDpaXnfbConORMkQNbnw39GJCimQLDVX4hyrN5oMCnVf5BOhwTQ12oSs6qrp22LxJIDs-L5PRNXwqtl&label=window_focus&gqid=RZ3_Zo2hJInsjuwP053wwAU&qqid=CKTwneyd9IgDFUKHgwcdoEIVPw&fg=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /pixel?google_nid=crimtan&google_push=AXcoOmQMVf9n66avQSEE8XWK4WNQZ7rpgdP6WHhQ1ww608F0cVsGxewxOyBLa_VJ1lug5LGuf-g4xyQCYlJqcvrjOtyzPmdBEPQ6-MQ&google_hm=dJLMgq7aT2m-9AgK3VNQZiE HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /pagead/interaction/?ai=CmSKlRZ3_ZsHjH5LjjuwPuI6ogQG9r9qjdv2JweTeEtrZHhABILuLmihgyQagAe264oQDyAEJqQKkbsG2tIGyPqgDAcgDywSqBPoBT9AzFeQXM76UiRnHuKrHi4JGo1PtP5Vrqv-d1ueCeu0mHNz7-p3VdLfGFhTM4nOx3lyw2SzMAeTmGuDrW7V0W4sXWedSeh6Z-SIxwT88h48cTRRDFXvFy5F_iVBrEdUyAP4XBoGgkol_jPpqe8BvwPSn11HIzvyIBIP0QTNFujkYZjKOhFIv11RnTQF8fEoX1FLkpPAzqSpq5CE2duK3nMI567XbN4u2hjt8tlr3Z9krSeChPdNU15BFFi41J8dhvCPxdEgxBtRZGXVta0aYDPiwvD9XwVYvq4xtb7lPWGAIyGDJqZWtB_BlAxBqNRrMyW1_qKVRwYZwWMAEn4m6lOYEiAXh146wSqAGLoAH-8Sde6gH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAqgH6rGxAqgHmbWxAqgHvrexAqgH-MKxAqgH-8KxAtgHANIIJgiAYRABGB8yAooCOguAQIDAgICAoKiAAki9_cE6WNbll-yd9IgDsQl4kopoRdp6MoAKAYoKwAFodHRwczovL21vbml0b3IuY2xpY2tjZWFzZS5jb20vdHJhY2tlci8_aWQ9ZmZ4YW9OQzBoMEU5Q0omYWRwb3M9JmxvY3BoaXNpY2FsPTI4NDAmbG9jaW50ZXJlc3Q9JmFkZ3JwPTE2NDg2MjI2NDQ3OSZrdz0mbnc9ZCZ1cmw9e2xwdXJsfSZjcG49MTk5NjUxMjc2NDkmZGV2aWNlPWMmY2NwdHVybD1jaGVja21rLmNvbSZwbD10Y3BkZi5vcmeYCwHICwHgCwGADAHaDBAKChDA4NmakOesnDgSAgEDqg0CVVPIDQG4E-QD2BMN0BUBmBYB-BYBgBcBshcCGAG6FwI4AbIYCRICx04YLiIBANAYAegYAQ&sigh=KSSI5GYnfC4&cid=CAQSOwDpaXnfRoSfzQet8StMgy3ViE0c6C9qb6HDTae4oaYBzyXOGDsarpxonpTCW6H2bqeNiUqkPi6NI863&label=window_focus&gqid=RZ3_ZrPsHoHjjuwPpLrjgQg&qqid=CIGamOyd9IgDFZKxgwcdOAcqEA&fg=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2627887748647914&output=html&h=280&adk=2380828106&adf=1003747024&w=1081&abgtt=1&fwrn=4&fwrnh=100&lmt=1724511650&rafmt=1&format=1081x280&url=https%3A%2F%2Ftcpdf.org%2Fexamples%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1728027971211&bpp=8&bdt=1014&idt=59&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74748a2114bcd6f8%3AT%3D1728027958%3ART%3D1728027958%3AS%3DALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ&gpic=UID%3D00000f21a449d160%3AT%3D1728027958%3ART%3D1728027958%3AS%3DALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w&eo_id_str=ID%3D602bc46dfc4ceee3%3AT%3D1728027958%3ART%3D1728027958%3AS%3DAA-AfjZJ7pwMWsfMd676OPLIU7FI&correlator=598970542174&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=166&ady=229&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087424%2C31087796%2C95343328
Source: global traffic HTTP traffic detected: GET /f/AGSKWxVPkGW_bHn4bk-pDw8DpvFadmPbBfan4BPHhqhGgekAE3Rjn9xBfc2YEqLQC63zUFyCjbWo_iOyNm8X_SydQpc6TIKXkydyBFj9Qr0OqB6osTLn3L1u584ONioht8b687gQC-mezJfBIywtfxJ2XgUkPArllr6tqqz-A30UXq91npqigUY4P0rjm3sv/_/css/ads-/ad_scroller./ads/adp4.=234x60;script,domain=imx.to HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pixel?google_nid=adkernel&google_hm=QTU3MzYwNDcwMTExNTk5MTk1NDE&google_push=AXcoOmR0EQchTimTNsJCn53Dqxb-RYp34iQdeO0LFCExHJnTDfTQ6QbtlulsxNm8o4gmzvjIlI38uUgKWVxFZnLfhf_N9mqBgsq7rto HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /pixel?google_ula=5153224&google_hm=v5PT78ZNfv5sjKcjRx6luEgv9eOkvf1BvZmFsWbrLdM&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house&google_gid=CAESEIFtXtqEgnFRZijhSqRasU4&google_cver=1&google_push=AXcoOmSxZ8b44lhEMSx6qZOwzmw4ZbxbEtSBGf1cmFFWKt_nA1lnBaN7yO12FpsqcpVrRM1W0UqJwxKMBHoFqW6lC0Annqxs6usM0NE&tc=1 HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEanlVN05fenNBQUJrSWlranBqUQ&google_push=AXcoOmRHh7xUgx1iTz1SFRpj7aLJoe7xOV6j9wLlNxDi7zslY4VseSq1NGlfoX533jQLgG0mSZA2Pw1V43h-nNhjnB7HDqMEqZd3fbY&bee_sync_partners=&bee_sync_current_partner=adx&bee_sync_hop_count=1 HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /pixel?google_nid=bt&google_push=AXcoOmQelMX6L5WBrxemBonqB21giyw8X05OUQ3eVKJRbKY3Fp-mf2cqTFKeJUzFCswmk0tVUkXpdTyh5kQ0r4ycZw8bFkGgf6-y0ug HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTgW26iJFS7b53PxbKW0SNAe8SWcjfTmAAfS3HV3xNjG92d7ZZCl29aYgMcGycrhnlcw0nyDK9l9vS0mgwrzn9hfTYzbo0KFi4&google_hm=p3aQIUmnrWFB-39DLi5PEg HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /f/AGSKWxX7lM9hq_KX0f8_xJIY4nXimPRg12Zm5ipRI981JIL0okGxvv_Gho3XkGX3LLJQ3dnQO4ePZjTf_n2qbCR8jXRA4xjJV_WErG54ti5-xSp4Hgzb7ttOW0njdCuOMT2tzuuP4lPkpw==?fccs=W1siQUtzUm9sOHp3bVpiRVBGZEQ0MTFwU3I2bmFLRUFEd2lJakppZWRaZWx6UEpTdHoxNGZtVE1xdXBKTF9lSGd2MjlDem0xeW9HS2lrLWxDbGVwV2tISkhoV2poRWlONVVZY2JYcGw0dlpKc3BBTWl1VlM2cV9uOEpKMURCY3FDVzRFcVk5ZEdhbERGRnFEQ3dhLW1VMEFoNWtNNk92WDk3Mk9nPT0iXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsWzE3MjgwMjc5NzgsNzI3MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly90Y3BkZi5vcmcvZXhhbXBsZXMvIixudWxsLFtbOCwiZXNrV1hTRkhzUWciXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzMxMDgyMjU0XSwxOCwxXSJdLFsxOSwiMiJdXV0 HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pixel?google_ula=5153224&google_hm=v5PT78ZNfv5sjKcjRx6luEgv9eOkvf1BvZmFsWbrLdM&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house&google_gid=CAESEIFtXtqEgnFRZijhSqRasU4&google_cver=1&google_push=AXcoOmSxZ8b44lhEMSx6qZOwzmw4ZbxbEtSBGf1cmFFWKt_nA1lnBaN7yO12FpsqcpVrRM1W0UqJwxKMBHoFqW6lC0Annqxs6usM0NE&tc=1 HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUkblmCrnsJzgN45qGAFdujDscKWm-xUUzoyDFi24g1e3_tv8cWp7VrCfKJ1WdQ
Source: global traffic HTTP traffic detected: GET /f/AGSKWxX7lM9hq_KX0f8_xJIY4nXimPRg12Zm5ipRI981JIL0okGxvv_Gho3XkGX3LLJQ3dnQO4ePZjTf_n2qbCR8jXRA4xjJV_WErG54ti5-xSp4Hgzb7ttOW0njdCuOMT2tzuuP4lPkpw==?fccs=W1siQUtzUm9sOHp3bVpiRVBGZEQ0MTFwU3I2bmFLRUFEd2lJakppZWRaZWx6UEpTdHoxNGZtVE1xdXBKTF9lSGd2MjlDem0xeW9HS2lrLWxDbGVwV2tISkhoV2poRWlONVVZY2JYcGw0dlpKc3BBTWl1VlM2cV9uOEpKMURCY3FDVzRFcVk5ZEdhbERGRnFEQ3dhLW1VMEFoNWtNNk92WDk3Mk9nPT0iXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsWzE3MjgwMjc5NzgsNzI3MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly90Y3BkZi5vcmcvZXhhbXBsZXMvIixudWxsLFtbOCwiZXNrV1hTRkhzUWciXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzMxMDgyMjU0XSwxOCwxXSJdLFsxOSwiMiJdXV0 HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /f/AGSKWxWOn10wFeR496R2B-NkA0aflFOSnWWpKo08Xb480VZoZWJ9-UTWlPnAZjlyb9ZR4kGHPAXXnfK4E1DzMI7BB-jYKB-hQJJOfxtn4ONAarBzM9eN0oQ8Wwm6MmH3TrpyF8nFdCYizw==?fccs=W1siQUtzUm9sOHp3bVpiRVBGZEQ0MTFwU3I2bmFLRUFEd2lJakppZWRaZWx6UEpTdHoxNGZtVE1xdXBKTF9lSGd2MjlDem0xeW9HS2lrLWxDbGVwV2tISkhoV2poRWlONVVZY2JYcGw0dlpKc3BBTWl1VlM2cV9uOEpKMURCY3FDVzRFcVk5ZEdhbERGRnFEQ3dhLW1VMEFoNWtNNk92WDk3Mk9nPT0iXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsWzE3MjgwMjc5ODAsODAwMDAwMDBdLG51bGwsbnVsbCxudWxsLFtudWxsLFs3LDYsMTBdLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL3RjcGRmLm9yZy9leGFtcGxlcy8iLG51bGwsW1s4LCJlc2tXWFNGSHNRZyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODIyNTRdLDE4LDFdIl0sWzE5LCIyIl1dXQ HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /f/AGSKWxUE3XC3dE7JlOr8jIDsNtNdMLrHx1qp2MXbe2TJwsuYlF3NiQ-kFrUb_RHG65cKe2xTmyWBQ-uelKs8Ry_gxVZeeZ2f2tUR5VDwwyfohgMzvg0XgC8QLXkCV3iqA62GFZ-NZJsxFQ==?fccs=W1siQUtzUm9sOHp3bVpiRVBGZEQ0MTFwU3I2bmFLRUFEd2lJakppZWRaZWx6UEpTdHoxNGZtVE1xdXBKTF9lSGd2MjlDem0xeW9HS2lrLWxDbGVwV2tISkhoV2poRWlONVVZY2JYcGw0dlpKc3BBTWl1VlM2cV9uOEpKMURCY3FDVzRFcVk5ZEdhbERGRnFEQ3dhLW1VMEFoNWtNNk92WDk3Mk9nPT0iXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsWzE3MjgwMjc5ODEsMTYwMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2LDEwLDldLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL3RjcGRmLm9yZy9leGFtcGxlcy8iLG51bGwsW1s4LCJlc2tXWFNGSHNRZyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODIyNTRdLDE4LDFdIl0sWzE5LCIyIl1dXQ HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /f/AGSKWxWOn10wFeR496R2B-NkA0aflFOSnWWpKo08Xb480VZoZWJ9-UTWlPnAZjlyb9ZR4kGHPAXXnfK4E1DzMI7BB-jYKB-hQJJOfxtn4ONAarBzM9eN0oQ8Wwm6MmH3TrpyF8nFdCYizw==?fccs=W1siQUtzUm9sOHp3bVpiRVBGZEQ0MTFwU3I2bmFLRUFEd2lJakppZWRaZWx6UEpTdHoxNGZtVE1xdXBKTF9lSGd2MjlDem0xeW9HS2lrLWxDbGVwV2tISkhoV2poRWlONVVZY2JYcGw0dlpKc3BBTWl1VlM2cV9uOEpKMURCY3FDVzRFcVk5ZEdhbERGRnFEQ3dhLW1VMEFoNWtNNk92WDk3Mk9nPT0iXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsWzE3MjgwMjc5ODAsODAwMDAwMDBdLG51bGwsbnVsbCxudWxsLFtudWxsLFs3LDYsMTBdLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL3RjcGRmLm9yZy9leGFtcGxlcy8iLG51bGwsW1s4LCJlc2tXWFNGSHNRZyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODIyNTRdLDE4LDFdIl0sWzE5LCIyIl1dXQ HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /img/favicon.ico HTTP/1.1Host: tcpdf.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gads=ID=74748a2114bcd6f8:T=1728027958:RT=1728027958:S=ALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ; __gpi=UID=00000f21a449d160:T=1728027958:RT=1728027958:S=ALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w; __eoi=ID=602bc46dfc4ceee3:T=1728027958:RT=1728027958:S=AA-AfjZJ7pwMWsfMd676OPLIU7FI; FCNEC=%5B%5B%22AKsRol-vhyreHlfvEEoo2i4Yvo_3UhVTuFbHSLZ5ILxYk9RNgh_agu_6PJSXYHSBipzZuK-_eCRcjGmTYWn4GKemBtYl4jQxDShF49XUMig28_clMXZIgKVyk1KZ7dBE--w-yNH1K56-y6TpOgfXrB4UUGgwFflJsg%3D%3D%22%5D%5D
Source: global traffic HTTP traffic detected: GET /f/AGSKWxUE3XC3dE7JlOr8jIDsNtNdMLrHx1qp2MXbe2TJwsuYlF3NiQ-kFrUb_RHG65cKe2xTmyWBQ-uelKs8Ry_gxVZeeZ2f2tUR5VDwwyfohgMzvg0XgC8QLXkCV3iqA62GFZ-NZJsxFQ==?fccs=W1siQUtzUm9sOHp3bVpiRVBGZEQ0MTFwU3I2bmFLRUFEd2lJakppZWRaZWx6UEpTdHoxNGZtVE1xdXBKTF9lSGd2MjlDem0xeW9HS2lrLWxDbGVwV2tISkhoV2poRWlONVVZY2JYcGw0dlpKc3BBTWl1VlM2cV9uOEpKMURCY3FDVzRFcVk5ZEdhbERGRnFEQ3dhLW1VMEFoNWtNNk92WDk3Mk9nPT0iXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsWzE3MjgwMjc5ODEsMTYwMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2LDEwLDldLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL3RjcGRmLm9yZy9leGFtcGxlcy8iLG51bGwsW1s4LCJlc2tXWFNGSHNRZyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODIyNTRdLDE4LDFdIl0sWzE5LCIyIl1dXQ HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /img/favicon.ico HTTP/1.1Host: tcpdf.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gads=ID=74748a2114bcd6f8:T=1728027958:RT=1728027958:S=ALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ; __gpi=UID=00000f21a449d160:T=1728027958:RT=1728027958:S=ALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w; __eoi=ID=602bc46dfc4ceee3:T=1728027958:RT=1728027958:S=AA-AfjZJ7pwMWsfMd676OPLIU7FI; FCNEC=%5B%5B%22AKsRol-vhyreHlfvEEoo2i4Yvo_3UhVTuFbHSLZ5ILxYk9RNgh_agu_6PJSXYHSBipzZuK-_eCRcjGmTYWn4GKemBtYl4jQxDShF49XUMig28_clMXZIgKVyk1KZ7dBE--w-yNH1K56-y6TpOgfXrB4UUGgwFflJsg%3D%3D%22%5D%5D
Source: global traffic HTTP traffic detected: GET /tecnickcom/tc-lib-pdf HTTP/1.1Host: github.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /assets/light-3e154969b9f9.css HTTP/1.1Host: github.githubassets.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://github.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://github.com/tecnickcom/tc-lib-pdfAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /assets/dark-9c5b7a476542.css HTTP/1.1Host: github.githubassets.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://github.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://github.com/tecnickcom/tc-lib-pdfAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: chromecache_1096.11.dr String found in binary or memory: "https://www.facebook.com/tribe29.software", equals www.facebook.com (Facebook)
Source: chromecache_1096.11.dr String found in binary or memory: "https://www.linkedin.com/company/tribe29", equals www.linkedin.com (Linkedin)
Source: chromecache_1096.11.dr String found in binary or memory: "https://www.facebook.com/checkmk", equals www.facebook.com (Facebook)
Source: chromecache_1096.11.dr String found in binary or memory: "https://www.linkedin.com/showcase/checkmk/", equals www.linkedin.com (Linkedin)
Source: chromecache_1096.11.dr String found in binary or memory: "https://www.youtube.com/c/checkmk-channel", equals www.youtube.com (Youtube)
Source: chromecache_1053.11.dr String found in binary or memory: L.getElementsByTagName("iframe"),ka=P.length,na=0;na<ka;na++)if(!v&&c(P[na],H.He)){oJ("https://www.youtube.com/iframe_api");v=!0;break}})}}else F(u.vtp_gtmOnSuccess)}var q=["www.youtube.com","www.youtube-nocookie.com"],r={UNSTARTED:-1,ENDED:0,PLAYING:1,PAUSED:2,BUFFERING:3,CUED:5},t,v=!1;Z.__ytl=n;Z.__ytl.o="ytl";Z.__ytl.isVendorTemplate=!0;Z.__ytl.priorityOverride=0;Z.__ytl.isInfrastructure=!1; equals www.youtube.com (Youtube)
Source: chromecache_1288.11.dr, chromecache_1053.11.dr String found in binary or memory: Math.round(q);u["gtm.videoElapsedTime"]=Math.round(f);u["gtm.videoPercent"]=r;u["gtm.videoVisible"]=t;return u},bk:function(){e=zb()},nd:function(){d()}}};var gc=la(["data-gtm-yt-inspected-"]),LC=["www.youtube.com","www.youtube-nocookie.com"],MC,NC=!1; equals www.youtube.com (Youtube)
Source: global traffic DNS traffic detected: DNS query: x1.i.lencr.org
Source: global traffic DNS traffic detected: DNS query: www.tcpdf.org
Source: global traffic DNS traffic detected: DNS query: tcpdf.org
Source: global traffic DNS traffic detected: DNS query: www.paypal.com
Source: global traffic DNS traffic detected: DNS query: www.paypalobjects.com
Source: global traffic DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: global traffic DNS traffic detected: DNS query: cse.google.com
Source: unknown HTTP traffic detected: POST /el/AGSKWxVEbUKtG6EO-1z6hVlLyFBjoY6Q3qOn6xnbTKbfsUThUZc_fEi_i1LtIAukBDqFn3rRJOPdhMteh2TItUOHoophCKqkwOMTxtMiYOBGSJjuIMX_Bc9zOs_37csKF31TnOhYCpeRMg== HTTP/1.1Host: fundingchoicesmessages.google.comConnection: keep-aliveContent-Length: 247sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: text/plainAccept: */*Origin: https://tcpdf.orgX-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeAccept-Ch: Sec-CH-UA-FullCache-Control: max-age=0, no-cache, no-store, must-revalidateContent-Security-Policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https: data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/cspContent-Type: text/html; charset=utf-8Origin-Trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==Paypal-Debug-Id: f99605143ffc5Set-Cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 04 Oct 2024 16:32:50 GMT; HttpOnly; Secure
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeAccept-Ch: Sec-CH-UA-FullCache-Control: max-age=0, no-cache, no-store, must-revalidateContent-Security-Policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https: data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/cspContent-Type: text/html; charset=utf-8Origin-Trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==Paypal-Debug-Id: f17993973e377Set-Cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 04 Oct 2024 16:33:15 GMT; HttpOnly; Secure
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 04 Oct 2024 07:47:24 GMTServer: ApacheContent-Location: 404.html.brVary: negotiate,accept-encodingTCN: choiceStrict-Transport-Security: max-age=31536000 ; includeSubDomainsX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffCache-Control: no-store, max-age=0Content-Security-Policy: default-src 'self' *.doubleclick.net *.google.com *.googleapis.com *.googlesyndication.com *.paypal.com *.paypalobjects.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.google.com *.googleapis.com *.googlesyndication.com *.paypal.com *.paypalobjects.com; img-src 'self' data: *.doubleclick.net *.google.com *.googleapis.com *.googlesyndication.com *.paypal.com *.paypalobjects.com; style-src 'self' 'unsafe-inline' *.doubleclick.net *.google.com *.googleapis.com *.googlesyndication.com *.paypal.com *.paypalobjects.com; font-src 'self' *.doubleclick.net *.google.com *.googleapis.com *.googlesyndication.com *.paypal.com *.paypalobjects.com; object-src 'self' frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-contentCross-Origin-Opener-Policy: same-siteCross-Origin-Resource-Policy: same-sitePermissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),layout-animations=(self),legacy-image-formats=(self),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()Pragma: no-cacheReferrer-Policy: no-referrerX-Permitted-Cross-Domain-Policies: noneLast-Modified: Sat, 24 Aug 2024 15:01:22 GMTETag: "479-6206f2a377480;6206f2a58dc63;6206f2a3b8adAccept-Ranges: bytesContent-Length: 1145X-Precompressed-Version-Served: *.html was requested, *.html.br found and servedConnection: closeContent-Type: text/html; charset=UTF-8Content-Encoding: br
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: http://dejavu-fonts.org
Source: chromecache_863.11.dr, chromecache_659.11.dr String found in binary or memory: http://github.com/sparkbox/mediaCheck
Source: chromecache_945.11.dr, chromecache_601.11.dr, chromecache_854.11.dr, chromecache_1252.11.dr String found in binary or memory: http://google.com
Source: chromecache_973.11.dr, chromecache_945.11.dr, chromecache_601.11.dr, chromecache_854.11.dr, chromecache_1016.11.dr, chromecache_1252.11.dr, chromecache_623.11.dr, chromecache_1062.11.dr String found in binary or memory: http://googleads.g.doubleclick.net
Source: chromecache_945.11.dr, chromecache_601.11.dr, chromecache_854.11.dr, chromecache_1252.11.dr String found in binary or memory: http://mathiasbynens.be/
Source: chromecache_1096.11.dr String found in binary or memory: http://ogp.me/ns#
Source: chromecache_1096.11.dr String found in binary or memory: http://ogp.me/ns/fb#
Source: chromecache_1096.11.dr String found in binary or memory: http://ogp.me/ns/website#
Source: chromecache_973.11.dr, chromecache_945.11.dr, chromecache_601.11.dr, chromecache_854.11.dr, chromecache_1016.11.dr, chromecache_1252.11.dr, chromecache_623.11.dr, chromecache_1062.11.dr String found in binary or memory: http://pagead2.googlesyndication.com
Source: chromecache_930.11.dr, chromecache_870.11.dr String found in binary or memory: http://polymer.github.io/AUTHORS.txt
Source: chromecache_930.11.dr, chromecache_870.11.dr String found in binary or memory: http://polymer.github.io/CONTRIBUTORS.txt
Source: chromecache_930.11.dr, chromecache_870.11.dr String found in binary or memory: http://polymer.github.io/LICENSE.txt
Source: chromecache_930.11.dr, chromecache_870.11.dr String found in binary or memory: http://polymer.github.io/PATENTS.txt
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: http://projects.arabeyes.org/
Source: chromecache_863.11.dr, chromecache_659.11.dr String found in binary or memory: http://responsiveslides.com
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: http://schema.org/SoftwareSourceCode
Source: chromecache_863.11.dr, chromecache_659.11.dr String found in binary or memory: http://twitter.com/robtarr)
Source: chromecache_863.11.dr, chromecache_659.11.dr String found in binary or memory: http://viljamis.com
Source: FA-EDI-2409-0280.pdf String found in binary or memory: http://www.aiim.org/pdfa/ns/extension/
Source: FA-EDI-2409-0280.pdf String found in binary or memory: http://www.aiim.org/pdfa/ns/id/
Source: FA-EDI-2409-0280.pdf String found in binary or memory: http://www.aiim.org/pdfa/ns/property#
Source: FA-EDI-2409-0280.pdf String found in binary or memory: http://www.aiim.org/pdfa/ns/schema#
Source: chromecache_609.11.dr, chromecache_593.11.dr String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_736.11.dr, chromecache_972.11.dr, chromecache_719.11.dr, chromecache_1035.11.dr String found in binary or memory: http://www.day.com/dam/1.0
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: http://www.gnu.org/copyleft/lesser.html
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: http://www.gnu.org/software/freefont/
Source: chromecache_1148.11.dr, chromecache_1178.11.dr, chromecache_968.11.dr String found in binary or memory: http://www.google.com
Source: chromecache_1148.11.dr, chromecache_1178.11.dr, chromecache_968.11.dr String found in binary or memory: http://www.google.com/
Source: chromecache_1148.11.dr, chromecache_1178.11.dr, chromecache_968.11.dr String found in binary or memory: http://www.google.com/support/websearch/bin/answer.py?hl=
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: http://www.imagemagick.org/script/formats.php
Source: chromecache_1246.11.dr String found in binary or memory: http://www.tcpdf.org
Source: FA-EDI-2409-0280.pdf String found in binary or memory: http://www.tcpdf.org)
Source: 2D85F72862B55C4EADD9E66E06947F3D0.2.dr String found in binary or memory: http://x1.i.lencr.org/
Source: chromecache_1073.11.dr, chromecache_788.11.dr, chromecache_821.11.dr, chromecache_1249.11.dr, chromecache_664.11.dr String found in binary or memory: https://adsense.com.
Source: chromecache_1288.11.dr, chromecache_1053.11.dr String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://api.github.com/_private/browser/errors
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://api.github.com/_private/browser/stats
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://avatars.githubusercontent.com
Source: chromecache_1246.11.dr String found in binary or memory: https://avatars.githubusercontent.com/u/1179011?s=64&amp;v=4
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://avatars.githubusercontent.com/u/1186996?s=64&amp;v=4
Source: chromecache_1246.11.dr String found in binary or memory: https://avatars.githubusercontent.com/u/1192057?s=64&amp;v=4
Source: chromecache_1246.11.dr String found in binary or memory: https://avatars.githubusercontent.com/u/166079?s=64&amp;v=4
Source: chromecache_1246.11.dr String found in binary or memory: https://avatars.githubusercontent.com/u/177580?s=64&amp;v=4
Source: chromecache_1246.11.dr String found in binary or memory: https://avatars.githubusercontent.com/u/2228672?s=64&amp;v=4
Source: chromecache_1246.11.dr String found in binary or memory: https://avatars.githubusercontent.com/u/2691312?s=64&amp;v=4
Source: chromecache_1246.11.dr String found in binary or memory: https://avatars.githubusercontent.com/u/2694489?s=64&amp;v=4
Source: chromecache_1246.11.dr String found in binary or memory: https://avatars.githubusercontent.com/u/270445?s=64&amp;v=4
Source: chromecache_1246.11.dr String found in binary or memory: https://avatars.githubusercontent.com/u/279826?s=64&amp;v=4
Source: chromecache_1246.11.dr String found in binary or memory: https://avatars.githubusercontent.com/u/33253653?s=64&amp;v=4
Source: chromecache_1246.11.dr String found in binary or memory: https://avatars.githubusercontent.com/u/69105?s=64&amp;v=4
Source: chromecache_1246.11.dr String found in binary or memory: https://avatars.githubusercontent.com/u/7206135?s=64&amp;v=4
Source: chromecache_1246.11.dr String found in binary or memory: https://avatars.githubusercontent.com/u/7784660?s=64&amp;v=4
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://camo.githubusercontent.com/c3228e0cc4947576f5c179b0a0aaeaf48c1edd09d8b7eacbc0d2b21de96b91b1/
Source: chromecache_1288.11.dr, chromecache_1053.11.dr String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_945.11.dr, chromecache_601.11.dr, chromecache_854.11.dr, chromecache_1252.11.dr String found in binary or memory: https://cdn.ampproject.org/amp4ads-host-v0.js
Source: chromecache_945.11.dr, chromecache_601.11.dr, chromecache_854.11.dr, chromecache_1252.11.dr String found in binary or memory: https://cdn.ampproject.org/rtv/$
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/application/files/1217/2000/7143/G2_high_performer_summer2024.svg
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/application/files/4017/0660/9015/g2-stars-v2.svg
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/application/files/4517/0860/3350/k8s_icon.svg
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/application/files/5117/2000/7143/G2_fastest_implementation_summer2024.svg
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/application/files/5617/2000/7143/G2_best_relationship_summer2024.svg
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/application/files/5717/2000/7142/G2_leader_summer2024.svg
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/application/files/6617/0739/5249/top50_it_infrastructure_2024_padding.svg
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/application/files/8416/8319/3468/icon_check.svg
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/application/files/8917/2000/7142/G2_most_likely_to_recommend_summer2024.svg
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/application/files/thumbnails/extra_small/2816/1521/8125/light-dark-v2.png
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/application/files/thumbnails/medium/1316/1787/3544/flexibe-configuration-s.jpg
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/application/files/thumbnails/medium/3316/1787/5559/infrastructure-monitoring-s.j
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/application/files/thumbnails/medium/5216/1840/9514/notifications-alerts-s.jpg
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/application/files/thumbnails/medium/6616/1787/7451/metrics-cpu-load-hover-s.jpg
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/application/files/thumbnails/medium/7616/1840/9530/availability-reporting-s.jpg
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/application/files/thumbnails/medium/8316/1787/6331/event-console-s.jpg
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/application/files/thumbnails/medium/9916/1787/8136/main-dashboard-s.jpg
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/checkmk_logo.png
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/contact
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/download
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/l/a/start-checkmk-free-trial-us
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/packages/tribe29_core/themes/checkmk/images/share_image.png
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/pricing
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/product/features
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/request-quote
Source: chromecache_1096.11.dr String found in binary or memory: https://checkmk.com/werks
Source: chromecache_595.11.dr, chromecache_626.11.dr, chromecache_672.11.dr String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_595.11.dr, chromecache_626.11.dr, chromecache_672.11.dr String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://collector.github.com/github/collect
Source: chromecache_1211.11.dr, chromecache_690.11.dr String found in binary or memory: https://consent.cookiefirst.com/banner.no-autoblock.js
Source: chromecache_785.11.dr String found in binary or memory: https://consent.cookiefirst.com/bulk/bc-handler.min.js?v=
Source: chromecache_1096.11.dr String found in binary or memory: https://consent.cookiefirst.com/sites/checkmk.com-d95e75e2-94c0-422e-94cf-e0e0df1cab4a/consent.js
Source: chromecache_1148.11.dr, chromecache_1178.11.dr, chromecache_968.11.dr String found in binary or memory: https://cse.google.com/?ref=b&hl=en
Source: chromecache_1148.11.dr, chromecache_1178.11.dr, chromecache_968.11.dr String found in binary or memory: https://cse.google.com/cse
Source: chromecache_945.11.dr, chromecache_601.11.dr, chromecache_854.11.dr, chromecache_1252.11.dr String found in binary or memory: https://cse.google.com/cse.js
Source: chromecache_1148.11.dr, chromecache_1178.11.dr, chromecache_968.11.dr String found in binary or memory: https://cse.google.com/cse/element/v1
Source: chromecache_1148.11.dr, chromecache_727.11.dr, chromecache_1055.11.dr, chromecache_1178.11.dr, chromecache_968.11.dr String found in binary or memory: https://csp.withgoogle.com/csp/lcreport/
Source: chromecache_1148.11.dr, chromecache_1178.11.dr, chromecache_968.11.dr String found in binary or memory: https://csqr-autopush.corp.google.com/cse/element/v1
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/api/nvp-soap/
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/beta/apm-beta
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/braintree/
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/dashboard
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/docs/(classic
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/docs/3rd-party/
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/docs/api/(?
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/docs/archive/
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/docs/checkout/(apm
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/docs/checkout/advanced/
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/docs/checkout/standard/.
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/docs/disputes/
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/docs/multiparty/
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/docs/payouts/
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/docs/reports/
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/docs/subscriptions
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/home
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/integration-builder/
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/reference/
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/sdk/
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/studio/checkout/standard
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/studio/checkout/standard/getstarted
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/studio/checkout/standard/integrate
Source: chromecache_775.11.dr String found in binary or memory: https://developer.paypal.com/tools/sandbox/
Source: chromecache_1148.11.dr, chromecache_1178.11.dr, chromecache_968.11.dr String found in binary or memory: https://developers.google.com/custom-search/docs/element.
Source: chromecache_595.11.dr, chromecache_626.11.dr, chromecache_672.11.dr String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_595.11.dr, chromecache_626.11.dr, chromecache_672.11.dr String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_595.11.dr, chromecache_626.11.dr, chromecache_672.11.dr String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://docs.github.com
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://docs.github.com/
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://docs.github.com/get-started/accessibility/keyboard-shortcuts
Source: chromecache_721.11.dr, chromecache_1266.11.dr, chromecache_1011.11.dr, chromecache_768.11.dr String found in binary or memory: https://docs.github.com/repositories/managing-your-repositorys-settings-and-features/customizing-you
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://docs.github.com/site-policy/github-terms/github-terms-of-service
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Source: chromecache_960.11.dr, chromecache_1166.11.dr, chromecache_621.11.dr, chromecache_1253.11.dr, chromecache_791.11.dr String found in binary or memory: https://ep1.adtrafficquality.google/bg/
Source: chromecache_945.11.dr, chromecache_601.11.dr, chromecache_854.11.dr, chromecache_1252.11.dr String found in binary or memory: https://ep1.adtrafficquality.google/getconfig/sodar
Source: chromecache_1166.11.dr, chromecache_621.11.dr String found in binary or memory: https://ep1.adtrafficquality.google/pagead/gen_204?id=sodar2&v=231
Source: chromecache_960.11.dr, chromecache_1253.11.dr, chromecache_791.11.dr String found in binary or memory: https://ep1.adtrafficquality.google/pagead/gen_204?id=sodar2&v=232
Source: chromecache_1166.11.dr, chromecache_621.11.dr String found in binary or memory: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=231
Source: chromecache_960.11.dr, chromecache_1253.11.dr, chromecache_791.11.dr String found in binary or memory: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232
Source: chromecache_1253.11.dr, chromecache_791.11.dr String found in binary or memory: https://ep2.adtrafficquality.google
Source: chromecache_960.11.dr, chromecache_1253.11.dr, chromecache_791.11.dr String found in binary or memory: https://ep2.adtrafficquality.google/sodar/
Source: chromecache_945.11.dr, chromecache_601.11.dr, chromecache_854.11.dr, chromecache_1252.11.dr String found in binary or memory: https://ep2.adtrafficquality.google/sodar/$
Source: chromecache_778.11.dr, chromecache_795.11.dr, chromecache_1226.11.dr String found in binary or memory: https://fontawesome.com
Source: chromecache_778.11.dr, chromecache_795.11.dr, chromecache_1226.11.dr String found in binary or memory: https://fontawesome.com/license
Source: chromecache_600.11.dr, chromecache_592.11.dr, chromecache_936.11.dr, chromecache_853.11.dr, chromecache_619.11.dr, chromecache_871.11.dr String found in binary or memory: https://fonts.google.com/license/googlerestricted
Source: chromecache_1252.11.dr String found in binary or memory: https://fonts.googleapis.com/css2?family=Google
Source: chromecache_883.11.dr, chromecache_920.11.dr, chromecache_1256.11.dr, chromecache_1227.11.dr, chromecache_1013.11.dr, chromecache_745.11.dr String found in binary or memory: https://fonts.googleapis.com/css?family=
Source: chromecache_1252.11.dr String found in binary or memory: https://fonts.googleapis.com/css?family=Google
Source: chromecache_600.11.dr String found in binary or memory: https://fonts.gstatic.com/s/googlesans/v61/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RF
Source: chromecache_619.11.dr String found in binary or memory: https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv39oS_a.woff2)
Source: chromecache_619.11.dr String found in binary or memory: https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDvr9oS_a.woff2)
Source: chromecache_592.11.dr, chromecache_853.11.dr String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmZjtiu7.woff2)
Source: chromecache_592.11.dr, chromecache_853.11.dr String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmdjtiu7.woff2)
Source: chromecache_592.11.dr, chromecache_853.11.dr String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmhjtg.woff2)
Source: chromecache_592.11.dr, chromecache_853.11.dr String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmtjtiu7.woff2)
Source: chromecache_592.11.dr, chromecache_853.11.dr String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmxjtiu7.woff2)
Source: chromecache_592.11.dr, chromecache_853.11.dr String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qE52i1dC.woff2)
Source: chromecache_592.11.dr, chromecache_853.11.dr String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qER2i1dC.woff2)
Source: chromecache_592.11.dr, chromecache_853.11.dr String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEV2i1dC.woff2)
Source: chromecache_592.11.dr, chromecache_853.11.dr String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEl2i1dC.woff2)
Source: chromecache_592.11.dr, chromecache_853.11.dr String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2)
Source: chromecache_936.11.dr String found in binary or memory: https://fonts.gstatic.com/s/googlesymbols/v295/HhyAU5Ak9u-oMExPeInvcuEmPosC9zSpYaEEU68cdvrHJg.woff2)
Source: chromecache_600.11.dr, chromecache_698.11.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2)
Source: chromecache_600.11.dr, chromecache_698.11.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2)
Source: chromecache_600.11.dr, chromecache_698.11.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2)
Source: chromecache_600.11.dr, chromecache_698.11.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2)
Source: chromecache_600.11.dr, chromecache_698.11.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2)
Source: chromecache_600.11.dr, chromecache_698.11.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSOmu1aB.woff2)
Source: chromecache_600.11.dr, chromecache_698.11.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2)
Source: chromecache_600.11.dr, chromecache_698.11.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2)
Source: chromecache_600.11.dr, chromecache_698.11.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2)
Source: chromecache_600.11.dr, chromecache_698.11.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2)
Source: chromecache_1022.11.dr String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2)
Source: chromecache_1022.11.dr String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2)
Source: chromecache_1022.11.dr String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2)
Source: chromecache_1022.11.dr String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJnecmNE.woff2)
Source: chromecache_624.11.dr, chromecache_641.11.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2)
Source: chromecache_624.11.dr, chromecache_641.11.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2)
Source: chromecache_624.11.dr, chromecache_641.11.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2)
Source: chromecache_624.11.dr, chromecache_641.11.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2)
Source: chromecache_624.11.dr, chromecache_641.11.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fCRc4EsA.woff2)
Source: chromecache_624.11.dr, chromecache_641.11.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2)
Source: chromecache_624.11.dr, chromecache_641.11.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2)
Source: chromecache_600.11.dr, chromecache_624.11.dr, chromecache_641.11.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_600.11.dr, chromecache_624.11.dr, chromecache_641.11.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_600.11.dr, chromecache_624.11.dr, chromecache_641.11.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_600.11.dr, chromecache_624.11.dr, chromecache_641.11.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_600.11.dr, chromecache_624.11.dr, chromecache_641.11.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_600.11.dr, chromecache_624.11.dr, chromecache_641.11.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_600.11.dr, chromecache_624.11.dr, chromecache_641.11.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_945.11.dr, chromecache_601.11.dr, chromecache_854.11.dr, chromecache_1252.11.dr String found in binary or memory: https://fundingchoicesmessages.google.com/i/$
Source: chromecache_974.11.dr, chromecache_1164.11.dr String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github-cloud.s3.amazonaws.com
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.blog
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com
Source: chromecache_1096.11.dr String found in binary or memory: https://github.com/Checkmk/checkmk
Source: chromecache_1246.11.dr String found in binary or memory: https://github.com/DominiqueFERET
Source: chromecache_1246.11.dr String found in binary or memory: https://github.com/Jakuje
Source: chromecache_1246.11.dr String found in binary or memory: https://github.com/NiklasBr
Source: chromecache_1246.11.dr String found in binary or memory: https://github.com/cedric-anne
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/collections
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/customer-stories
Source: chromecache_1246.11.dr String found in binary or memory: https://github.com/defrance
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/enterprise
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/enterprise/advanced-security
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/enterprise/startups
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/features
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/features/actions
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/features/code-review
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/features/codespaces
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/features/copilot
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/features/discussions
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/features/issues
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/features/security
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/fluidicon.png
Source: chromecache_1246.11.dr String found in binary or memory: https://github.com/gemal
Source: chromecache_1246.11.dr String found in binary or memory: https://github.com/leofeyer
Source: chromecache_909.11.dr, chromecache_1028.11.dr, chromecache_995.11.dr, chromecache_710.11.dr, chromecache_1065.11.dr String found in binary or memory: https://github.com/material-components/material-components-web/blob/master/LICENSE
Source: chromecache_1246.11.dr String found in binary or memory: https://github.com/mvorisek
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/nicolaasuni
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/notifications/beta/shelf
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/pricing
Source: chromecache_843.11.dr String found in binary or memory: https://github.com/primer/github-syntax-theme-generator/blob/master/LICENSE)
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/readme
Source: chromecache_1246.11.dr String found in binary or memory: https://github.com/remicollet
Source: chromecache_1246.11.dr String found in binary or memory: https://github.com/rvanginneken
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/security
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/solutions/ci-cd
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/solutions/devops
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/solutions/devsecops
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/solutions/industries/financial-services
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/solutions/industries/healthcare
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/solutions/industries/manufacturing
Source: chromecache_1246.11.dr String found in binary or memory: https://github.com/stchr
Source: chromecache_1246.11.dr String found in binary or memory: https://github.com/supervirus
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/team
Source: chromecache_1246.11.dr String found in binary or memory: https://github.com/tecnickcom/TCPDF
Source: chromecache_1246.11.dr String found in binary or memory: https://github.com/tecnickcom/TCPDF.git
Source: chromecache_1266.11.dr, chromecache_768.11.dr String found in binary or memory: https://github.com/tecnickcom/TCPDF/funding_links?fragment=1&quot;
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/tecnickcom/tc-lib-pdf
Source: chromecache_721.11.dr, chromecache_1011.11.dr String found in binary or memory: https://github.com/tecnickcom/tc-lib-pdf/funding_links?fragment=1&quot;
Source: chromecache_1246.11.dr String found in binary or memory: https://github.com/tecnickcom/tcpdf
Source: chromecache_1246.11.dr String found in binary or memory: https://github.com/tecnickcom/tcpdf&quot;
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/topics
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.com/trending
Source: chromecache_974.11.dr, chromecache_1164.11.dr String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_974.11.dr, chromecache_1164.11.dr String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_1246.11.dr String found in binary or memory: https://github.com/williamdes
Source: chromecache_1171.11.dr, chromecache_1037.11.dr String found in binary or memory: https://github.com/zloirock/core-js
Source: chromecache_1171.11.dr, chromecache_1037.11.dr String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.37.1/LICENSE
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/
Source: chromecache_916.11.dr String found in binary or memory: https://github.githubassets.com/assets/app-icon-192-bcc967ab9829.png
Source: chromecache_916.11.dr String found in binary or memory: https://github.githubassets.com/assets/app-icon-512-7f9c4ff2e960.png
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_as
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_m
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/app_assets_modules_github_ref-selector_ts-00df584d9e79.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-11260080
Source: chromecache_916.11.dr String found in binary or memory: https://github.githubassets.com/assets/apple-touch-icon-114x114-09ce42d3ca4b.png
Source: chromecache_916.11.dr String found in binary or memory: https://github.githubassets.com/assets/apple-touch-icon-120x120-92bd46d04241.png
Source: chromecache_916.11.dr String found in binary or memory: https://github.githubassets.com/assets/apple-touch-icon-144x144-b882e354c005.png
Source: chromecache_916.11.dr String found in binary or memory: https://github.githubassets.com/assets/apple-touch-icon-152x152-5f777cdc30ae.png
Source: chromecache_916.11.dr String found in binary or memory: https://github.githubassets.com/assets/apple-touch-icon-180x180-a80b8e11abe2.png
Source: chromecache_916.11.dr String found in binary or memory: https://github.githubassets.com/assets/apple-touch-icon-57x57-22f09f5b3a64.png
Source: chromecache_916.11.dr String found in binary or memory: https://github.githubassets.com/assets/apple-touch-icon-60x60-19037ac897bf.png
Source: chromecache_916.11.dr String found in binary or memory: https://github.githubassets.com/assets/apple-touch-icon-72x72-e090c8a282d0.png
Source: chromecache_916.11.dr String found in binary or memory: https://github.githubassets.com/assets/apple-touch-icon-76x76-a4523d80afb4.png
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/behaviors-262955c7666a.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/code-5fa7b9088c7e.css
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/code-menu-ab2b8d126a2a.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/codespaces-3bf9ff7d0f93.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/dark-9c5b7a476542.css
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/dark_colorblind-56fff47acadc.css
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/dark_dimmed-afda8eb0fb33.css
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/dark_high_contrast-2494e44ccdc5.css
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/dark_tritanopia-68d6b2c79663.css
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/element-registry-c56d56a908be.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/environment-2f240f7ed1b3.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/github-d1e3b63864f7.css
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/github-elements-dff955edb4df.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/global-49ca3d2b8a83.css
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/keyboard-shortcuts-dialog-b27738315573.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/light-3e154969b9f9.css
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/light_colorblind-71cd4cc132ec.css
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/light_high_contrast-fd5499848985.css
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/light_tritanopia-31d17ba3e139.css
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/notifications-global-54f34167118d.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/notifications-subscriptions-menu-2028a046d5ed.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/octicons-react-45c3a19dd792.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/pinned-octocat-093da3e6fa40.svg
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/primer-fefb1a332c28.css
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/primer-primitives-4cf0d59ab51a.css
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/primer-react-66afe5e98e2b.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/primer-react.a38d782b719dc67594c9.module.css
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/react-core-3a8d5a38c00a.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/react-lib-7b7b5264f6c1.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/repos-overview-6ede60b7bd95.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/repos-overview.47b2222c697daf78496d.module.css
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/repositories-d27a99fb2b65.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/repository-0f7cf89e325a.css
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/sessions-f3ddee0032e4.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/ui_packages_analytics-provider_analytics-provider_ts-ui_packa
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/ui_packages_code-view-shared_components_SharedMarkdownContent
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/ui_packages_commit-checks-status_index_ts-ui_packages_use-ana
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/ui_packages_failbot_failbot_ts-aabfa4ec15fe.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/ui_packages_paths_index_ts-6d26e38db34f.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/ui_packages_ref-selector_RefSelector_tsx-69cea3cdae62.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/ui_packages_ui-commands_ui-commands_ts-4c141348476c.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-3f4401350b
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/ui_packages_use-alive_use-alive_ts-ui_packages_code-dropdown-
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-0e07cc183eed.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modu
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-b73fdff77a4e.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-pr
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-po
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_catalyst_lib_index_js-node_module
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_combobox-nav_dist_index_js-node_m
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_inde
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_j
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_hydro-analytics-client_dist_analy
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_decorators_js-
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-nod
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_mo
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-85
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-ce7225a304c5.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-4aa4
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_e
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_queryOb
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_query_j
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_virtualized-list_es_index_js-node_module
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/assets/wp-runtime-945f21d74ae7.js
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/favicons/favicon.png
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://github.githubassets.com/favicons/favicon.svg
Source: chromecache_1235.11.dr String found in binary or memory: https://github.paypal.com/jlowery/paypal-vxpattern-lib
Source: chromecache_639.11.dr, chromecache_944.11.dr String found in binary or memory: https://github.paypal.com/pages/Globalization-R/worldready-js/docs/about-load-worldready-data.html
Source: chromecache_1148.11.dr, chromecache_1178.11.dr, chromecache_968.11.dr String found in binary or memory: https://goo.gl/Gs1KIc.
Source: chromecache_1288.11.dr, chromecache_1053.11.dr String found in binary or memory: https://google.com
Source: chromecache_1016.11.dr, chromecache_1252.11.dr, chromecache_623.11.dr, chromecache_1062.11.dr, chromecache_1053.11.dr String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_945.11.dr, chromecache_601.11.dr, chromecache_854.11.dr, chromecache_1252.11.dr String found in binary or memory: https://googleads.g.doubleclick.net/pagead/html/$
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://img.shields.io/badge/donate-paypal-87ceeb.svg
Source: chromecache_1246.11.dr String found in binary or memory: https://opengraph.githubassets.com/85082fb84e859a95981417fd95e208e77ae727e55674f4894ad00a215ecea921/
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://packages.debian.org/source/stable/icc-profiles-free
Source: chromecache_1252.11.dr, chromecache_725.11.dr, chromecache_1198.11.dr, chromecache_782.11.dr, chromecache_912.11.dr, chromecache_701.11.dr, chromecache_623.11.dr, chromecache_1249.11.dr, chromecache_1194.11.dr, chromecache_622.11.dr, chromecache_695.11.dr, chromecache_1290.11.dr, chromecache_1062.11.dr, chromecache_789.11.dr, chromecache_664.11.dr, chromecache_1053.11.dr String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_960.11.dr, chromecache_1166.11.dr, chromecache_621.11.dr, chromecache_1253.11.dr, chromecache_791.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/bg/
Source: chromecache_945.11.dr, chromecache_601.11.dr, chromecache_854.11.dr, chromecache_1252.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/getconfig/sodar
Source: chromecache_945.11.dr, chromecache_601.11.dr, chromecache_1204.11.dr, chromecache_1194.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204
Source: chromecache_609.11.dr, chromecache_593.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=error&bin=
Source: chromecache_609.11.dr, chromecache_593.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=error&name=invalid_geo&context=10
Source: chromecache_609.11.dr, chromecache_593.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=
Source: chromecache_609.11.dr, chromecache_593.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fetch&later&lidartos
Source: chromecache_609.11.dr, chromecache_593.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fetch&later&start&control&fle=1&s
Source: chromecache_609.11.dr, chromecache_593.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-fallback2
Source: chromecache_609.11.dr, chromecache_593.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-later2
Source: chromecache_609.11.dr, chromecache_593.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-pagehide2
Source: chromecache_609.11.dr, chromecache_593.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Source: chromecache_609.11.dr, chromecache_593.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=
Source: chromecache_605.11.dr, chromecache_726.11.dr, chromecache_1278.11.dr, chromecache_666.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=fccs&
Source: chromecache_714.11.dr, chromecache_1046.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=
Source: chromecache_1073.11.dr, chromecache_788.11.dr, chromecache_821.11.dr, chromecache_1249.11.dr, chromecache_664.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=plmetrics
Source: chromecache_973.11.dr, chromecache_1016.11.dr, chromecache_623.11.dr, chromecache_1062.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=rcs_internal
Source: chromecache_1166.11.dr, chromecache_621.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=231
Source: chromecache_960.11.dr, chromecache_1253.11.dr, chromecache_791.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=232
Source: chromecache_1288.11.dr, chromecache_883.11.dr, chromecache_920.11.dr, chromecache_1256.11.dr, chromecache_1227.11.dr, chromecache_1013.11.dr, chromecache_745.11.dr, chromecache_1053.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_755.11.dr, chromecache_789.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=urind
Source: chromecache_945.11.dr, chromecache_601.11.dr, chromecache_854.11.dr, chromecache_1252.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/html/$
Source: chromecache_1252.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/js/$
Source: chromecache_973.11.dr, chromecache_945.11.dr, chromecache_601.11.dr, chromecache_854.11.dr, chromecache_1016.11.dr, chromecache_1252.11.dr, chromecache_623.11.dr, chromecache_1062.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Source: chromecache_945.11.dr, chromecache_601.11.dr, chromecache_854.11.dr, chromecache_1252.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=
Source: chromecache_973.11.dr, chromecache_945.11.dr, chromecache_1073.11.dr, chromecache_601.11.dr, chromecache_755.11.dr, chromecache_854.11.dr, chromecache_1016.11.dr, chromecache_788.11.dr, chromecache_821.11.dr, chromecache_1252.11.dr, chromecache_623.11.dr, chromecache_1249.11.dr, chromecache_1062.11.dr, chromecache_789.11.dr, chromecache_664.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/js/err_rep.js
Source: chromecache_945.11.dr, chromecache_1073.11.dr, chromecache_601.11.dr, chromecache_854.11.dr, chromecache_788.11.dr, chromecache_821.11.dr, chromecache_1252.11.dr, chromecache_1249.11.dr, chromecache_664.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/js/logging_library.js
Source: chromecache_1252.11.dr, chromecache_1249.11.dr, chromecache_664.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/$
Source: chromecache_1252.11.dr, chromecache_623.11.dr, chromecache_1249.11.dr, chromecache_1062.11.dr, chromecache_664.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/ping?e=1
Source: chromecache_1106.11.dr, chromecache_1257.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/sodar?
Source: chromecache_1166.11.dr, chromecache_621.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=231
Source: chromecache_960.11.dr, chromecache_1253.11.dr, chromecache_791.11.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://partner.github.com
Source: chromecache_883.11.dr, chromecache_920.11.dr, chromecache_1256.11.dr, chromecache_1227.11.dr, chromecache_1013.11.dr, chromecache_745.11.dr String found in binary or memory: https://partner.googleadservices.com/gampad/cookie.js
Source: chromecache_595.11.dr, chromecache_626.11.dr, chromecache_672.11.dr, chromecache_1178.11.dr, chromecache_968.11.dr String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_916.11.dr String found in binary or memory: https://play.google.com/store/apps/details?id=com.github.android
Source: chromecache_1153.11.dr, chromecache_1048.11.dr String found in binary or memory: https://policies.google.com/privacy
Source: chromecache_1288.11.dr, chromecache_1053.11.dr String found in binary or memory: https://px.ads.linkedin.com/collect?
Source: chromecache_595.11.dr, chromecache_626.11.dr, chromecache_672.11.dr String found in binary or memory: https://recaptcha.net
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://resources.github.com
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://resources.github.com/learn/pathways
Source: chromecache_1096.11.dr String found in binary or memory: https://schema.org
Source: chromecache_1096.11.dr String found in binary or memory: https://schema.org/Answer
Source: chromecache_1096.11.dr String found in binary or memory: https://schema.org/FAQPage
Source: chromecache_1096.11.dr String found in binary or memory: https://schema.org/Question
Source: chromecache_945.11.dr, chromecache_601.11.dr, chromecache_854.11.dr, chromecache_1252.11.dr String found in binary or memory: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://skills.github.com
Source: chromecache_1288.11.dr, chromecache_1053.11.dr String found in binary or memory: https://snap.licdn.com/li.lms-analytics/insight.min.js
Source: chromecache_1288.11.dr, chromecache_1053.11.dr String found in binary or memory: https://static.hotjar.com/c/hotjar-
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://support.github.com?tags=dotcom-footer
Source: chromecache_1148.11.dr, chromecache_1178.11.dr, chromecache_968.11.dr String found in binary or memory: https://support.google.com/programmable-search/answer/6001359#captcha
Source: chromecache_595.11.dr, chromecache_626.11.dr, chromecache_672.11.dr String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_595.11.dr, chromecache_626.11.dr, chromecache_672.11.dr String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_595.11.dr, chromecache_626.11.dr, chromecache_672.11.dr String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_595.11.dr, chromecache_626.11.dr, chromecache_672.11.dr String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_863.11.dr, chromecache_659.11.dr String found in binary or memory: https://swiperjs.com
Source: chromecache_883.11.dr, chromecache_920.11.dr, chromecache_1256.11.dr, chromecache_1227.11.dr, chromecache_1013.11.dr, chromecache_745.11.dr String found in binary or memory: https://syndicatedsearch.goog
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://tcpdf.org
Source: chromecache_1288.11.dr, chromecache_1053.11.dr String found in binary or memory: https://td.doubleclick.net
Source: chromecache_830.11.dr, chromecache_1104.11.dr String found in binary or memory: https://tinyurl.com/y2uuvskb
Source: chromecache_1253.11.dr, chromecache_791.11.dr String found in binary or memory: https://tpc.googlesyndication.com
Source: chromecache_960.11.dr, chromecache_1253.11.dr, chromecache_791.11.dr String found in binary or memory: https://tpc.googlesyndication.com/sodar/
Source: chromecache_945.11.dr, chromecache_601.11.dr, chromecache_854.11.dr, chromecache_1252.11.dr String found in binary or memory: https://tpc.googlesyndication.com/sodar/$
Source: chromecache_956.11.dr, chromecache_984.11.dr String found in binary or memory: https://turbo.hotwired.dev/handbook/building#working-with-script-elements
Source: chromecache_1096.11.dr String found in binary or memory: https://twitter.com/checkmk
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://user-images.githubusercontent.com/
Source: chromecache_1096.11.dr String found in binary or memory: https://www.capterra.com.de/software/181692/check-mk
Source: chromecache_1096.11.dr String found in binary or memory: https://www.g2.com/products/checkmk
Source: chromecache_1096.11.dr String found in binary or memory: https://www.g2.com/products/checkmk/reviews?utm_source=rewards-badge
Source: chromecache_1096.11.dr String found in binary or memory: https://www.gartner.com/reviews/market/it-infrastructure-monitoring-tools/vendor/tribe29/product/che
Source: chromecache_1246.11.dr, chromecache_814.11.dr String found in binary or memory: https://www.githubstatus.com/
Source: chromecache_1253.11.dr, chromecache_791.11.dr, chromecache_1053.11.dr, chromecache_1178.11.dr, chromecache_968.11.dr String found in binary or memory: https://www.google.com
Source: chromecache_1073.11.dr, chromecache_788.11.dr, chromecache_821.11.dr, chromecache_1249.11.dr, chromecache_664.11.dr String found in binary or memory: https://www.google.com/adsense
Source: chromecache_945.11.dr, chromecache_601.11.dr, chromecache_854.11.dr, chromecache_1252.11.dr String found in binary or memory: https://www.google.com/adsense/search/async-ads.js
Source: chromecache_1148.11.dr, chromecache_1178.11.dr, chromecache_968.11.dr String found in binary or memory: https://www.google.com/cse/static
Source: chromecache_1148.11.dr, chromecache_1178.11.dr, chromecache_968.11.dr String found in binary or memory: https://www.google.com/cse/static/element/
Source: chromecache_1222.11.dr, chromecache_612.11.dr String found in binary or memory: https://www.google.com/cse/static/element/%
Source: chromecache_1148.11.dr, chromecache_1178.11.dr, chromecache_968.11.dr String found in binary or memory: https://www.google.com/cse/static/images/1x/
Source: chromecache_1148.11.dr, chromecache_1178.11.dr, chromecache_968.11.dr String found in binary or memory: https://www.google.com/cse/static/images/2x/
Source: chromecache_705.11.dr, chromecache_825.11.dr, chromecache_1222.11.dr, chromecache_612.11.dr String found in binary or memory: https://www.google.com/cse/static/style/look/%
Source: chromecache_883.11.dr, chromecache_920.11.dr, chromecache_1256.11.dr, chromecache_1227.11.dr, chromecache_1013.11.dr, chromecache_745.11.dr String found in binary or memory: https://www.google.com/pagead/1p-conversion/16521530460/?gad_source=1&adview_type=5
Source: chromecache_1115.11.dr String found in binary or memory: https://www.google.com/pagead/drt/ui
Source: chromecache_1148.11.dr, chromecache_1178.11.dr, chromecache_968.11.dr String found in binary or memory: https://www.google.com/recaptcha/api.js?render=explicit
Source: chromecache_595.11.dr, chromecache_626.11.dr, chromecache_672.11.dr String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_945.11.dr, chromecache_601.11.dr, chromecache_960.11.dr, chromecache_1166.11.dr, chromecache_854.11.dr, chromecache_621.11.dr, chromecache_1252.11.dr, chromecache_1253.11.dr, chromecache_791.11.dr String found in binary or memory: https://www.google.com/recaptcha/api2/aframe
Source: chromecache_945.11.dr, chromecache_601.11.dr, chromecache_854.11.dr, chromecache_1252.11.dr String found in binary or memory: https://www.google.com/s2/favicons?sz=64&domain_url=
Source: chromecache_1288.11.dr, chromecache_1053.11.dr String found in binary or memory: https://www.googleadservices.com
Source: chromecache_883.11.dr, chromecache_920.11.dr, chromecache_1256.11.dr, chromecache_1227.11.dr, chromecache_1013.11.dr, chromecache_745.11.dr String found in binary or memory: https://www.googleadservices.com/pagead/conversion/16521530460/?gad_source=1&adview_type=3
Source: chromecache_609.11.dr, chromecache_593.11.dr String found in binary or memory: https://www.googleadservices.com/pagead/managed/js/activeview/
Source: chromecache_1288.11.dr, chromecache_1053.11.dr String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_1288.11.dr, chromecache_1053.11.dr String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_1096.11.dr String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: chromecache_1096.11.dr String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-NJ3VGL8
Source: chromecache_1288.11.dr, chromecache_1053.11.dr String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: chromecache_595.11.dr, chromecache_626.11.dr, chromecache_672.11.dr String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__.
Source: chromecache_1252.11.dr String found in binary or memory: https://www.gstatic.com
Source: chromecache_945.11.dr, chromecache_601.11.dr, chromecache_854.11.dr, chromecache_1252.11.dr String found in binary or memory: https://www.gstatic.com/prose/protected/$
Source: chromecache_1089.11.dr, chromecache_891.11.dr, chromecache_1176.11.dr, chromecache_711.11.dr String found in binary or memory: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js
Source: chromecache_1096.11.dr String found in binary or memory: https://www.linkedin.com/company/tribe29
Source: chromecache_1096.11.dr String found in binary or memory: https://www.linkedin.com/showcase/checkmk/
Source: chromecache_1011.11.dr, chromecache_814.11.dr, chromecache_768.11.dr String found in binary or memory: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&amp;currency_code=GBP&amp;business=paypal
Source: chromecache_775.11.dr String found in binary or memory: https://www.paypal.com/invoice/m/create/post-send
Source: chromecache_775.11.dr String found in binary or memory: https://www.paypal.com/invoice/m/create/search-item
Source: chromecache_1235.11.dr, chromecache_1167.11.dr String found in binary or memory: https://www.paypalobjects.com/images/shared/monogram
Source: chromecache_1235.11.dr, chromecache_1167.11.dr String found in binary or memory: https://www.paypalobjects.com/images/shared/paypal-logo-129x32.png
Source: chromecache_1235.11.dr, chromecache_1167.11.dr String found in binary or memory: https://www.paypalobjects.com/images/shared/paypal-logo-129x32.svg
Source: chromecache_881.11.dr String found in binary or memory: https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Bold.woff)
Source: chromecache_881.11.dr String found in binary or memory: https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Bold.woff2)
Source: chromecache_881.11.dr String found in binary or memory: https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Regular.woff)
Source: chromecache_881.11.dr String found in binary or memory: https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Regular.woff2)
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/ui-web/vx-icons/2-0-1/PayPalVXIcons-Regular.eot
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/ui-web/vx-icons/2-0-1/PayPalVXIcons-Regular.eot?#iefix
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/ui-web/vx-icons/2-0-1/PayPalVXIcons-Regular.svg#69ac2c9fc1e0803e59e06e
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/ui-web/vx-icons/2-0-1/PayPalVXIcons-Regular.ttf
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/ui-web/vx-icons/2-0-1/PayPalVXIcons-Regular.woff
Source: chromecache_1235.11.dr, chromecache_1167.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/i/consumer/onboarding/sprite_form.png
Source: chromecache_1235.11.dr, chromecache_1167.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/i/consumer/onboarding/sprite_form_2x.png
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Light.eot
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Light.eot?#iefix
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Light.svg
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Light.woff
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Medium.eot
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Medium.eot?#iefix
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Medium.svg
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Medium.woff
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Thin.eot
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Thin.eot?#iefix
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Thin.svg
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Thin.woff
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Light.eot
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Light.eot?#iefi
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Light.svg
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Light.woff
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Medium.eot
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Medium.eot?#ief
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Medium.svg
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Medium.woff
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Regular.eot
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Regular.eot?#ie
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Regular.svg
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Regular.woff
Source: chromecache_1235.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/2014design/font/headlinedark/festivo1.ttf
Source: chromecache_1235.11.dr, chromecache_1167.11.dr String found in binary or memory: https://www.paypalobjects.com/webstatic/mktg/consumer/onboarding/ui-sprite.png
Source: chromecache_891.11.dr, chromecache_1176.11.dr String found in binary or memory: https://www.recaptcha.net/recaptcha/enterprise/
Source: chromecache_775.11.dr String found in binary or memory: https://www.sandbox.paypal.com/invoice/m/create/post-send
Source: chromecache_775.11.dr String found in binary or memory: https://www.sandbox.paypal.com/invoice/m/create/search-item
Source: chromecache_1096.11.dr String found in binary or memory: https://www.xing.com/companies/tribe29gmbh
Source: chromecache_1096.11.dr String found in binary or memory: https://www.youtube.com/c/checkmk-channel
Source: chromecache_1288.11.dr, chromecache_1053.11.dr String found in binary or memory: https://www.youtube.com/iframe_api
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49941 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49941
Source: unknown Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49936 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49928
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown Network traffic detected: HTTP traffic on port 49937 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49900
Source: unknown Network traffic detected: HTTP traffic on port 49888 -> 443
Source: unknown HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:49710 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.6:49711 version: TLS 1.2
Source: unknown HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49743 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49765 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49774 version: TLS 1.2
Source: unknown HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.6:49788 version: TLS 1.2
Source: unknown HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49843 version: TLS 1.2
Source: classification engine Classification label: sus25.phis.winPDF@62/1161@19/100
Source: FA-EDI-2409-0280.pdf Initial sample: http://www.tcpdf.org
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe File created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.6332 Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe File created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-10-04 03-45-27-600.log Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CA Jump to behavior
Source: unknown Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\FA-EDI-2409-0280.pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2088 --field-trial-handle=1740,i,4004120980904792418,12153791403947030670,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "http://www.tcpdf.org"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 --field-trial-handle=2212,i,18367372152763981669,441212640499137429,262144 /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2088 --field-trial-handle=1740,i,4004120980904792418,12153791403947030670,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 --field-trial-handle=2212,i,18367372152763981669,441212640499137429,262144 /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected
Source: FA-EDI-2409-0280.pdf Initial sample: PDF keyword /JS count = 0
Source: FA-EDI-2409-0280.pdf Initial sample: PDF keyword /JavaScript count = 0
Source: FA-EDI-2409-0280.pdf Initial sample: PDF keyword /EmbeddedFile count = 0
PDF has an OpenAction (likely to launch a dropper script)
Source: FA-EDI-2409-0280.pdf Initial sample: PDF keyword /OpenAction
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: chromecache_1096.11.dr Binary or memory string: "operatingSystem": "RedHat, CentOS, SLES, Debian, Ubuntu, Docker, VMware ESXi, VirtualBox",
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1525475 Sample: FA-EDI-2409-0280.pdf Startdate: 04/10/2024 Architecture: WINDOWS Score: 25 21 x1.i.lencr.org 2->21 37 HTML page contains obfuscated javascript 2->37 8 chrome.exe 1 2->8         started        11 Acrobat.exe 20 70 2->11         started        signatures3 process4 dnsIp5 25 192.168.2.16 unknown unknown 8->25 27 192.168.2.4 unknown unknown 8->27 29 2 other IPs or domains 8->29 13 chrome.exe 8->13         started        16 AcroCEF.exe 107 11->16         started        process6 dnsIp7 31 77.88.21.90 YANDEXRU Russian Federation 13->31 33 93.158.134.90 YANDEXRU Russian Federation 13->33 35 100 other IPs or domains 13->35 18 AcroCEF.exe 2 16->18         started        process8 dnsIp9 23 104.77.220.172, 443, 49807 AKAMAI-ASUS United States 18->23
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
142.250.185.99
 unknown United States
15169 GOOGLEUS false
142.250.186.68
 unknown United States
15169 GOOGLEUS false
172.217.16.136
 unknown United States
15169 GOOGLEUS false
91.228.74.166
 unknown United Kingdom
27281 QUANTCASTUS false
216.58.212.142
 unknown United States
15169 GOOGLEUS false
142.250.185.100
 www.google.com United States
15169 GOOGLEUS false
142.250.185.227
 unknown United States
15169 GOOGLEUS false
169.150.247.39
 unknown United States
2711 SPIRITTEL-ASUS false
51.89.9.252
 unknown France
16276 OVHFR false
169.150.247.37
 unknown United States
2711 SPIRITTEL-ASUS false
46.137.57.71
 unknown Ireland
16509 AMAZON-02US false
185.199.109.133
 unknown Netherlands
54113 FASTLYUS false
20.157.217.65
 unknown United States
8075 MICROSOFT-CORP-MSN-AS-BLOCKUS false
54.209.225.147
 unknown United States
14618 AMAZON-AESUS false
3.77.232.241
 unknown United States
16509 AMAZON-02US false
142.250.186.74
 unknown United States
15169 GOOGLEUS false
172.217.16.142
 unknown United States
15169 GOOGLEUS false
37.157.2.229
 unknown Denmark
198622 ADFORMDK false
93.158.134.90
 unknown Russian Federation
13238 YANDEXRU false
142.250.185.234
 unknown United States
15169 GOOGLEUS false
172.217.18.3
 unknown United States
15169 GOOGLEUS false
77.88.21.90
 unknown Russian Federation
13238 YANDEXRU false
142.250.185.238
 unknown United States
15169 GOOGLEUS false
142.250.185.193
 unknown United States
15169 GOOGLEUS false
169.150.236.104
 unknown United States
2711 SPIRITTEL-ASUS false
239.255.255.250
 unknown Reserved
unknown unknown false
193.0.160.130
 unknown Netherlands
54312 ROCKETFUELUS false
172.217.23.100
 unknown United States
15169 GOOGLEUS false
142.250.185.195
 unknown United States
15169 GOOGLEUS false
142.250.186.142
 unknown United States
15169 GOOGLEUS false
47.253.61.56
 unknown United States
45102 CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdC false
140.82.112.22
 unknown United States
36459 GITHUBUS false
151.101.67.1
 unknown United States
54113 FASTLYUS false
142.250.186.46
 unknown United States
15169 GOOGLEUS false
142.250.185.78
 unknown United States
15169 GOOGLEUS false
142.250.185.206
 unknown United States
15169 GOOGLEUS false
172.217.18.14
 unknown United States
15169 GOOGLEUS false
216.58.206.34
 unknown United States
15169 GOOGLEUS false
142.250.181.234
 unknown United States
15169 GOOGLEUS false
142.250.185.202
 unknown United States
15169 GOOGLEUS false
216.58.206.36
 unknown United States
15169 GOOGLEUS false
46.228.164.11
 unknown United Kingdom
56396 TURNGB false
188.166.17.21
 unknown Netherlands
14061 DIGITALOCEAN-ASNUS false
142.250.185.163
 unknown United States
15169 GOOGLEUS false
142.250.185.162
 unknown United States
15169 GOOGLEUS false
172.217.18.99
 unknown United States
15169 GOOGLEUS false
172.217.18.10
 unknown United States
15169 GOOGLEUS false
216.58.212.174
 unknown United States
15169 GOOGLEUS false
185.199.110.133
 unknown Netherlands
54113 FASTLYUS false
142.250.186.138
 unknown United States
15169 GOOGLEUS false
178.250.1.9
 unknown France
44788 ASN-CRITEO-EUROPEFR false
140.82.121.3
 unknown United States
36459 GITHUBUS false
140.82.121.4
 unknown United States
36459 GITHUBUS false
140.82.121.6
 unknown United States
36459 GITHUBUS false
142.250.185.170
 unknown United States
15169 GOOGLEUS false
142.250.186.129
 unknown United States
15169 GOOGLEUS false
142.250.181.227
 unknown United States
15169 GOOGLEUS false
142.250.185.174
 unknown United States
15169 GOOGLEUS false
151.101.65.21
 unknown United States
54113 FASTLYUS false
45.133.11.28
 unknown Germany
31400 ACCELERATED-ITDE false
185.199.108.133
 unknown Netherlands
54113 FASTLYUS false
172.217.16.130
 unknown United States
15169 GOOGLEUS false
64.202.112.63
 unknown United States
22075 AS-OUTBRAINUS false
104.77.220.172
 unknown United States
16625 AKAMAI-ASUS false
142.250.186.66
 unknown United States
15169 GOOGLEUS false
142.250.185.98
 unknown United States
15169 GOOGLEUS false
34.198.52.31
 unknown United States
14618 AMAZON-AESUS false
104.18.37.193
 unknown United States
13335 CLOUDFLARENETUS false
20.234.104.33
 unknown United States
8075 MICROSOFT-CORP-MSN-AS-BLOCKUS false
185.199.111.154
 unknown Netherlands
54113 FASTLYUS false
192.229.221.25
 cs1150.wpc.betacdn.net United States
15133 EDGECASTUS false
37.157.5.132
 unknown Denmark
198622 ADFORMDK false
151.101.3.1
 unknown United States
54113 FASTLYUS false
142.250.185.142
 unknown United States
15169 GOOGLEUS false
142.250.186.110
 unknown United States
15169 GOOGLEUS false
34.147.177.40
 unknown United States
2686 ATGS-MMD-ASUS false
142.250.184.228
 unknown United States
15169 GOOGLEUS false
142.250.185.65
 unknown United States
15169 GOOGLEUS false
151.101.193.21
 unknown United States
54113 FASTLYUS false
142.250.185.66
 unknown United States
15169 GOOGLEUS false
174.137.133.49
 unknown United States
27257 WEBAIR-INTERNETUS false
142.250.184.195
 unknown United States
15169 GOOGLEUS false
142.250.184.196
 unknown United States
15169 GOOGLEUS false
142.250.186.34
 unknown United States
15169 GOOGLEUS false
142.250.185.67
 unknown United States
15169 GOOGLEUS false
142.250.184.193
 unknown United States
15169 GOOGLEUS false
172.64.150.63
 unknown United States
13335 CLOUDFLARENETUS false
185.184.8.90
 unknown Poland
204995 RTB-HOUSE-AMSNL false
151.101.129.21
 unknown United States
54113 FASTLYUS false
185.199.108.154
 unknown Netherlands
54113 FASTLYUS false
69.164.210.100
 tcpdf.org United States
63949 LINODE-APLinodeLLCUS false
142.250.184.238
 cse.google.com United States
15169 GOOGLEUS false
172.104.64.149
 unknown United States
63949 LINODE-APLinodeLLCUS false
23.210.92.139
 unknown United States
20940 AKAMAI-ASN1EU false
172.217.16.194
 unknown United States
15169 GOOGLEUS false
52.223.40.198
 unknown United States
8987 AMAZONEXPANSIONGB false
142.250.184.234
 unknown United States
15169 GOOGLEUS false

Private

IP
192.168.2.16
192.168.2.4
192.168.2.6

Contacted Domains

Name IP Active
tcpdf.org 69.164.210.100 true
www.tcpdf.org 69.164.210.100 true
cs1150.wpc.betacdn.net 192.229.221.25 true
googleads.g.doubleclick.net 142.250.184.226 true
paypal-dynamic.map.fastly.net 151.101.1.21 true
cse.google.com 142.250.184.238 true
www.google.com 142.250.185.100 true
x1.i.lencr.org unknown unknown
www.paypalobjects.com unknown unknown
www.paypal.com unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://github.githubassets.com/assets/ui_packages_code-view-shared_components_SharedMarkdownContent_tsx-ui_packages_copy-to-clipboa-b2118b-b4842033cb44.js false
    		unknown
    https://www.paypal.com/auth/createchallenge/3a869b42ba0a1ff4/recaptchav3.js?_sessionID=iFqzQFFdcmLfwTx6rDoFtO0kv5hDi8ND true
      		unknown
      https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECBHgfwy-MCSvbluS7ozM0k&google_cver=1&google_push=AXcoOmR8PqpLHhRrgSN4TfI5rtxRa26g8FFRx-ot3zEG1tZsb3XduOTyK63_OCGgUqsPOR9p598IsoHKhMZN7JrAbAxUYjI5T3nLNbg false
        		unknown
        https://www.paypalobjects.com/web/res/ec0/f4c900712161f04047a226200a2c1/js/apps/donate/649.e64dd235532b91208bac.js false
          		unknown
          https://camo.githubusercontent.com/298ac5866fdfa1f2eb955eb06a567d00c9402ddd40045c90335caf4c56637b64/68747470733a2f2f706f7365722e707567782e6f72672f7465636e69636b636f6d2f74632d6c69622d7064662f76657273696f6e false
            		unknown
            https://www.paypalobjects.com/web/res/ec0/f4c900712161f04047a226200a2c1/js/apps/donate/45.98aa5c7ae691353d1b6f.css false
              		unknown
              https://tecnick.com/img/manifest.json false
                		unknown
                https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGKIE2g0RXxWD-qsvH4P_KU&google_cver=1&google_push=AXcoOmRpmtUm0s9qsTHDMIGjPjm9RnAqWCwgQtTlbpwkVbXTrbcnXgtmTMsmx42kZKuaGD8k0A5dIvzGuLTkOAQWy_WVWEUp0PhDyak6 false
                  		unknown
                  https://checkmk.com/manifest.json false
                    		unknown
                    https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGKIE2g0RXxWD-qsvH4P_KU&google_cver=1&google_push=AXcoOmSnXNBI4kgmZSAEUa5HzuMnaEBi999MKK9h__OEmp8bhKNLEdt6SQtMKPI-yIokdR-5FRjl-rlHQJTpmvJyHtLQl2-0JlnDZw false
                      		unknown
                      https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js false
                        		unknown
                        https://googleads.g.doubleclick.net/pagead/interaction/?ai=C7TieNp3_ZvzDGNHM1PIPoJzTmAa6g9vQesL9wKaWE8uH_tWXDhABILuLmihgyQagAcH5ofEoyAEBqAMByANIqgTGAU_Qyrjtz0fBpJllMoqeX7-q0xwH-ccBVyay3V7Tf2DYEysilDNERHCbTen4_zckX7yrGSWKR4utmidOrr_UjmNlxWpXRCdOq5HGs4sOFJ8FXh_FEaCI2r1UfXDJFVJBIxVJWdH5bJ4kXeuCxRqEK6fdhY4W1iynIEOGAvX-j0hzDmJy6cg_HcN6GNjUjGwiML5CVzIp_C3-LMTEXG6tg6bRRoD2YuK4dwOd2tAIoustUstbvVgz6sctdK12RVnhl0yqvai_UcAE4bqNr_8EiAWAsa-GUaAGLoAHwbHy0AOoB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQKoB_jCsQKoB_vCsQLYBwHSCCYIgGEQARgfMgKKAjoLgECAwICAgKCogAJIvf3BOliBwPzknfSIA7EJaq6FW45acQ6ACgGKCiRodHRwczovL21zZWFyY2hpLmNvbS90L3Q_dXJsPXtscHVybH2YCwHICwHgCwHaDBAKChDw4qOBy4jS3SQSAgEDqg0CVVPIDQHYEwzQFQH4FgGAFwGyFwIYAboXAjgBshgJEgL2ahguIgEA0BgB6BgB&sigh=2YnpHkZSnjY&cid=CAQSTwDpaXnfwraMbEJJjcdFqfh5TShXbhsuljVRc5cb-5Nnsi_34Keb0dLt7lVNsLKcNs-dgxy6w315_kvvMzA6gajmKvGBEQbR0xy9QWgCeIE&label=window_focus&gqid=Np3_ZsuFF8Pix_APlZ-6kAI&qqid=CPy2_eSd9IgDFVEmVQgdIM4UYw&fg=1 false
                          		unknown
                          https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKa_YSz9zWs5OpKjKK0b0xs&google_cver=1&google_push=AXcoOmQQdJmuA_6zXfkuQIf3wKQEAD2aGL4tffnNCQF8NdRrNBRJvnEAqMQzwzwNvpW3BI7Gq1kT8QM_JwkPQTKBRa0xD2l0zjrcf7U false
                            		unknown
                            https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEH2LKz6SA_ujFrj4Qmfaz_4&google_cver=1&google_push=AXcoOmTfHdcdIuyd-Py-lLIVGL3ncXCKbzUo1PdSw6Hdt3cuewfnxh1xeUeJ7Uw3rkTBryvbT9Y1Sn8m9Nsgm3atUWkiJHCnBUs9DTwE false
                              		unknown
                              https://github.githubassets.com/assets/vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-96453a51f920.js false
                                		unknown
                                https://github.githubassets.com/assets/ui_packages_failbot_failbot_ts-aabfa4ec15fe.js false
                                  		unknown
                                  https://github.githubassets.com/assets/ui_packages_analytics-provider_analytics-provider_ts-ui_packages_aria-live_aria-live_ts-ui_pa-34342e-61e6c34c9419.js false
                                    		unknown
                                    https://checkmk.com/application/files/cache/js/4746e57df6e9968397710bb96c20c1ef749773d8.js?ccm_nocache=a41fa37a62a868f0da0b9c454306bf72127905e0 false
                                      		unknown
                                      https://widget.us.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRAsqsqI7eqlX2kviRLGvx0sZZzmCQ3SplnhdGs0jqwsDlV2fVlOmf84NmDnhKz3z21P3BISPC8JwxfEG6gPLZFVcY9dFimu_k&google_gid=CAESEKKUfZojA2PWTPsrxN37hrs&google_cver=1 false
                                        		unknown
                                        https://www.paypal.com/it_IT/i/scr/pixel.gif false
                                          		unknown
                                          https://checkmk.com/concrete/js/vue.js?ccm_nocache=a41fa37a62a868f0da0b9c454306bf72127905e0 false
                                            		unknown
                                            https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-ab87c1d6c5c8.js false
                                              		unknown
                                              https://nicola.asuni.xyz/img/manifest.json false
                                                		unknown
                                                https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=pageLoad&page=main:donate:wps::landing:web::&component=donatenodeweb&eventSourceUrl=https://www.paypal.com/donate/ false
                                                  		unknown
                                                  https://github.githubassets.com/assets/primer-react.a38d782b719dc67594c9.module.css false
                                                    		unknown
                                                    https://avatars.githubusercontent.com/u/1186996?s=64&v=4 false
                                                      		unknown
                                                      https://fundingchoicesmessages.google.com/i/ca-pub-2627887748647914?href=https%3A%2F%2Ftcpdf.org&ers=2 false
                                                        		unknown
                                                        https://github.githubassets.com/assets/ui_packages_ui-commands_ui-commands_ts-4c141348476c.js false
                                                          		unknown
                                                          https://www.paypalobjects.com/web/res/ec0/f4c900712161f04047a226200a2c1/js/apps/donate/donate.0731280f50427384978e.js false
                                                            		unknown
                                                            https://www.google.com/cse/static/images/1x/en/branding.png false
                                                              		unknown
                                                              https://github.githubassets.com/assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-41da55-1851acd376ff.js false
                                                                		unknown
                                                                https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2627887748647914&output=html&h=280&adk=2380828106&adf=1003747024&w=1081&abgtt=1&fwrn=4&fwrnh=100&lmt=1724511650&rafmt=1&format=1081x280&url=https%3A%2F%2Ftcpdf.org%2Fexamples%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1728028037398&bpp=7&bdt=1118&idt=37&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74748a2114bcd6f8%3AT%3D1728027958%3ART%3D1728027958%3AS%3DALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ&gpic=UID%3D00000f21a449d160%3AT%3D1728027958%3ART%3D1728027958%3AS%3DALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w&eo_id_str=ID%3D602bc46dfc4ceee3%3AT%3D1728027958%3ART%3D1728027958%3AS%3DAA-AfjZJ7pwMWsfMd676OPLIU7FI&correlator=6207797285538&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=166&ady=229&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532524%2C44795921%2C95331689%2C95341936%2C95335246%2C95339678&oid=2&pvsid=4381103064551193&tmod=824621570&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=89 false
                                                                  		unknown
                                                                  https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house&google_gid=CAESEIFtXtqEgnFRZijhSqRasU4&google_cver=1&google_push=AXcoOmSxZ8b44lhEMSx6qZOwzmw4ZbxbEtSBGf1cmFFWKt_nA1lnBaN7yO12FpsqcpVrRM1W0UqJwxKMBHoFqW6lC0Annqxs6usM0NE false
                                                                    		unknown
                                                                    https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IOtP9VmQhamvHueibuaBeu9KwHT8UDUYp9Q5QNG-mTOUwKHNbf72goGRruhbA1CBbl0OuVYi0 false
                                                                      		unknown
                                                                      https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAXFMUYedSfAtGN__rjEcEc&google_cver=1&google_push=AXcoOmRD3X_TEucpWbN6iSfaISWjjlnLCbIazBlT0xiwVcDx_sOAzEmo_ftbDdgI5KSio249ahp5cprJRH5XSnxyQ0d62RSiNBVKOg false
                                                                        		unknown
                                                                        https://googleads.g.doubleclick.net/pagead/adview?ai=CoOj4eJ3_ZrGCI5bDjuwPzqyY6Q-BjMuSd7iGiaXRCmQQASC7i5ooYMkGoAGDwOz9A8gBCagDAcgDywSqBM4BT9D2wzaZ0YZTDu3lBZ_Fg0zzBl0vhZQxMt8jCSURn0YZ16bnezgXh1f3ATq-DwFyjHYP7FIo4uq4ZEr0E0LOc_NDfS19bRuEE3VzI2NNQj3yiyHFlMbE_P3jgAAx0YHHXBFDdqyEsDywOauzpIJUr-c7-_-hxOCWaFPZPyjZju3FIXxAu3jTcXUSjACyEQSYJixeIj36MxHRM5lww_rLJDF3tOtEmZSJaiisBt6tA-Ss9FXso8ZyzYJSI9t6necW0KQbBt7ekVD3BwFXBvHABNyw_bKRAYgFv5664QKSBQQIBBgBkgUECAUYBKAGLoAH5b-TAqgH2baxAqgHpr4bqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcA8gcEEKaNE9IIJgiAYRABGB8yAooCOguAQIDAgICAoKiAAki9_cE6WOnqw4Se9IgDmgknaHR0cHM6Ly93d3cuZHJpcGRlcG90LmNvbS8_Z2FkX3NvdXJjZT01gAoByAsB2gwRCgsQ4OW9vpvz_cHZARICAQPYEwKIFALQFQGAFwGyFx4KGggAEhRwdWItMjYyNzg4Nzc0ODY0NzkxNBgAGAG6FwI4AbIYCRIC2moYLiIBANAYAQ&sigh=mAwZkQHLNY8&cmd=ChdjYS1wdWItMjYyNzg4Nzc0ODY0NzkxNBDuAxgB&uach_m=%5BUACH%5D&ase=2&cid=CAQSOwDpaXnfAwsGzdUbzf__lQztHV-ddcK23HI9ngFAwEHsfTapYtYlOuBR691K6Tw8rSix3RiosX1Oke_fGAE&template_id=494&nis=6 false
                                                                          		unknown
                                                                          https://www.paypalobjects.com/pa/mi/paypal/latmconf.js false
                                                                            		unknown
                                                                            https://checkmk.com/packages/tribe29_core/css/features/fontawesome/css/core.css?ccm_nocache=a41fa37a62a868f0da0b9c454306bf72127905e0 false
                                                                              		unknown
                                                                              https://github.githubassets.com/assets/vendors-node_modules_github_combobox-nav_dist_index_js-node_modules_github_g-emoji-element_di-6ce195-53781cbc550f.js false
                                                                                		unknown
                                                                                https://fundingchoicesmessages.google.com/f/AGSKWxUE3XC3dE7JlOr8jIDsNtNdMLrHx1qp2MXbe2TJwsuYlF3NiQ-kFrUb_RHG65cKe2xTmyWBQ-uelKs8Ry_gxVZeeZ2f2tUR5VDwwyfohgMzvg0XgC8QLXkCV3iqA62GFZ-NZJsxFQ==?fccs=W1siQUtzUm9sOHp3bVpiRVBGZEQ0MTFwU3I2bmFLRUFEd2lJakppZWRaZWx6UEpTdHoxNGZtVE1xdXBKTF9lSGd2MjlDem0xeW9HS2lrLWxDbGVwV2tISkhoV2poRWlONVVZY2JYcGw0dlpKc3BBTWl1VlM2cV9uOEpKMURCY3FDVzRFcVk5ZEdhbERGRnFEQ3dhLW1VMEFoNWtNNk92WDk3Mk9nPT0iXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsWzE3MjgwMjc5ODEsMTYwMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2LDEwLDldLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL3RjcGRmLm9yZy9leGFtcGxlcy8iLG51bGwsW1s4LCJlc2tXWFNGSHNRZyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODIyNTRdLDE4LDFdIl0sWzE5LCIyIl1dXQ false
                                                                                  		unknown
                                                                                  https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_queryObserver_js-node_modules_tanstack_-defd52-7aa5ebad499a.js false
                                                                                    		unknown
                                                                                    https://www.paypalobjects.com/webstatic/logo/logo_paypal_106x27.png false
                                                                                      		unknown
                                                                                      https://github.githubassets.com/favicons/favicon.svg false
                                                                                        		unknown
                                                                                        https://checkmk.com/application/files/6617/1654/6896/graph_2024_onwhite.svg false
                                                                                          		unknown
                                                                                          https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2627887748647914&output=html&h=280&adk=2380828106&adf=1003747024&w=1081&abgtt=1&fwrn=4&fwrnh=100&lmt=1724511682&rafmt=1&format=1081x280&url=https%3A%2F%2Ftcpdf.org%2Fabout%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1728028022388&bpp=15&bdt=1111&idt=65&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74748a2114bcd6f8%3AT%3D1728027958%3ART%3D1728027958%3AS%3DALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ&gpic=UID%3D00000f21a449d160%3AT%3D1728027958%3ART%3D1728027958%3AS%3DALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w&eo_id_str=ID%3D602bc46dfc4ceee3%3AT%3D1728027958%3ART%3D1728027958%3AS%3DAA-AfjZJ7pwMWsfMd676OPLIU7FI&correlator=5973480552048&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=166&ady=229&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C95341936%2C95343454%2C95344188&oid=2&pvsid=4345362532085388&tmod=824621570&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=87 false
                                                                                            		unknown
                                                                                            https://github.githubassets.com/assets/ui_packages_paths_index_ts-6d26e38db34f.js false
                                                                                              		unknown
                                                                                              https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-6faacedf87fe.js false
                                                                                                		unknown
                                                                                                https://t.paypal.com/ts?v=1.9.1&t=1728028008063&g=240&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Accpa&pgst=1728028004301&calc=f411015dcb21b&nsid=iFqzQFFdcmLfwTx6rDoFtO0kv5hDi8ND&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=cd94b9f137374a3d879eb19fdc85ec75&comp=donatenodeweb&tsrce=donatenodeweb&cu=0&ef_policy=ccpa&context_id=evpoeG6180dVX58iC-TNM8SYPNPff4F6LmNseITVW2Z_xAcyVHrsjYDnBrEHi4JHeXQMGPA0CtBx-w3V&token=evpoeG6180dVX58iC-TNM8SYPNPff4F6LmNseITVW2Z_xAcyVHrsjYDnBrEHi4JHeXQMGPA0CtBx-w3V&xe=110041%2C109128%2C105410%2C105409%2C104759%2C109059%2C104406%2C104407&xt=148500%2C143659%2C123956%2C123954%2C120842%2C143369%2C119037%2C119038&ccd=US&button_id=undefined&hosted_button_id=undefined&action=LOAD_WPS_LANDING_PAGE&product=cookieBanner&sender_account_type=guest&flow=WPS_DONATION&tmpl=main%3Adonate%3Awps%3A%3Alanding&charitylogo=false&ckusr=false&amttyp=any&autord=false&rdtyp=GET&gstalwd=true&mrid=78UYQEEELK7DC&pp_flow=Donate&one_touch_enabled=false&pglk=null&api_name=cookieBanner&displaypage=main%3Adonate%3Awps%3A%3Alanding&ppage=privacy_banner&bannertype=cookiebanner&flag=ccpa&bannerversion=v4&bannersource=ConsentNodeServ&eligibility_reason=true&is_native=false&cookie_disabled=false&userstate=NY&usercountry=US&stateaccuracy=1&countryaccuracy=99&loggedin=false&event_name=cookie_banner_shown&e=ac false
                                                                                                  		unknown
                                                                                                  https://github.com/tecnickcom/TCPDF/funding_links?fragment=1 false
                                                                                                    		unknown
                                                                                                    https://tcpdf.org/fonts/fa-brands-400.woff2 false
                                                                                                      		unknown
                                                                                                      https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-d1a841-8f251a0656e7.js false
                                                                                                        		unknown
                                                                                                        https://github.com/tecnickcom/tc-lib-pdf/security/overall-count false
                                                                                                          		unknown
                                                                                                          https://tcpdf.org/examples/ false
                                                                                                            		unknown
                                                                                                            https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2627887748647914&output=html&h=280&adk=2380828106&adf=1003747024&w=1081&abgtt=1&fwrn=4&fwrnh=100&lmt=1724511650&rafmt=1&format=1081x280&url=https%3A%2F%2Ftcpdf.org%2Fexamples%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1728027971211&bpp=8&bdt=1014&idt=59&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74748a2114bcd6f8%3AT%3D1728027958%3ART%3D1728027958%3AS%3DALNI_Mar1KmreopR1YR0LuEj6YjN1CiwtQ&gpic=UID%3D00000f21a449d160%3AT%3D1728027958%3ART%3D1728027958%3AS%3DALNI_MbeZ5RStNrFx1VgIOfQjr19_H2y1w&eo_id_str=ID%3D602bc46dfc4ceee3%3AT%3D1728027958%3ART%3D1728027958%3AS%3DAA-AfjZJ7pwMWsfMd676OPLIU7FI&correlator=598970542174&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=166&ady=229&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087424%2C31087796%2C95343328%2C95335247&oid=2&pvsid=4358598373628446&tmod=824621570&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=103 false
                                                                                                              		unknown