Windows Analysis Report
https://dartergary.wordpress.com/

Overview

General Information

Sample URL:	https://dartergary.wordpress.com/
Analysis ID:	1544892
Infos:

Detection

HTMLPhisher

Score:	72
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Yara detected HtmlPhish44

AI detected landing page (webpage, office document or email)

AI detected suspicious URL

Phishing site detected (based on shot match)

Phishing site or detected (based on various text indicators)

Detected non-DNS traffic on DNS port

HTML page contains hidden javascript code

HTML title does not match URL

Stores files to the Windows start menu directory

Classification

Signatures

Phishing

AI detected phishing page

Source: https://usqe.bin4tgla.com/fpI2Ggql/

LLM: Score: 9 Reasons: The brand 'reCAPTCHA' is well-known and typically associated with the domain 'recaptcha.net'., The provided URL 'usqe.bin4tgla.com' does not match the legitimate domain for reCAPTCHA., The domain 'bin4tgla.com' does not appear to be associated with reCAPTCHA or any known Google services., The URL contains a subdomain 'usqe' which is not typically associated with reCAPTCHA., The presence of unusual subdomains and the lack of association with the legitimate domain suggest a potential phishing attempt. DOM: 2.5.pages.csv

Yara detected HtmlPhish44

Source: Yara match

File source: dropped/chromecache_142, type: DROPPED

Phishing site detected (based on shot match)

Source: https://usqe.bin4tgla.com/fpI2Ggql/	Matcher: Template: captcha matched
Source: https://usqe.bin4tgla.com/fpI2Ggql/	Matcher: Template: captcha matched
Source: https://usqe.bin4tgla.com/fpI2Ggql/	Matcher: Template: captcha matched

Phishing site or detected (based on various text indicators)

Source: Chrome DOM: 1.0	OCR Text: Design a site like this with WordPress.cam Get started New Document Received New File Received ! PDF You've received (2) new PDF Documents for your review Please sign & return VIEW SECURE DOCUMENT
Source: Chrome DOM: 1.1	OCR Text: Design a site like this with WordPress.cam Get started New Document Received New File Received ! PDF You've received (2) new PDF Documents for your review Please sign & return VIEW SECURE DOCUMENT Subscribe

HTML page contains hidden javascript code

Source: https://dartergary.wordpress.com/

HTTP Parser: Base64 decoded: PN4ynP7J|3f?DMf%V7noZGuBm/fZmiG&n%-K_[yBdWg17D/kAfG+Qcl9mugZ1QEe71PeG-dtY2h81EH1J2gAw+.Zbz~JT%|Y=YBBmj5,RbLXeutwVX.15iWoaCepyFV]/5q~TL6BgO1H=67[uM9n.?fz&[7St|2Wtm3nULA4JntlZ3XKyUbyP586MMCA5Gp8V+rZ|ka/4AKbY9.]w56syDkd4jBcb=O,nLSI]nEXkU,C1+H~.wgBw

HTML title does not match URL

Source: https://dartergary.wordpress.com/

HTTP Parser: Title: Site Title does not match URL

Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://www.asos.com/	HTTP Parser: No favicon
Source: https://www.asos.com/	HTTP Parser: No favicon
Source: https://www.asos.com/	HTTP Parser: No favicon

Source: https://dartergary.wordpress.com/	HTTP Parser: No <meta name="author".. found
Source: https://dartergary.wordpress.com/	HTTP Parser: No <meta name="author".. found

Source: https://dartergary.wordpress.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://dartergary.wordpress.com/	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49808 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.16:49968 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: dartergary.wordpress.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/blog-plugins/marketing-bar/css/marketing-bar.css?m=1729529312i&cssminify=yes HTTP/1.1Host: s0.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://dartergary.wordpress.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_static/??/wp-content/mu-plugins/core-compat/wp-mediaelement.css,/wp-content/mu-plugins/wpcom-bbpress-premium-themes.css?m=1432920480j&cssminify=yes HTTP/1.1Host: s1.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://dartergary.wordpress.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_static/??-eJzTLy/QTc7PK0nNK9HPLdUtyClNz8wr1i9KTcrJTwcy0/WTi5G5ekCujj52Temp+bo5+cmJJZn5eSgc3bScxMwikFb7XFtDE1NLExMLc0OTLACohS2q&cssminify=yes HTTP/1.1Host: s1.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://dartergary.wordpress.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_static/??/wp-content/js/rlt-proxy.js,/wp-content/mu-plugins/jetpack-plugin/sun/jetpack_vendor/automattic/jetpack-videopress/build/lib/token-bridge.js?m=1724856138j HTTP/1.1Host: s0.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://dartergary.wordpress.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/h4/global.css?m=1420737423i&cssminify=yes HTTP/1.1Host: s2.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://dartergary.wordpress.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/hovercards/hovercards.min.js?ver=202444448e29c9ec460f70535c7958cd60e9e2980f935c5309d61d08f40d080a876779 HTTP/1.1Host: 0.gravatar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2024/09/pdf-image.png?w=204 HTTP/1.1Host: fqr44.wordpress.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240i HTTP/1.1Host: s2.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://dartergary.wordpress.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2024/09/pdf-image.png?w=204 HTTP/1.1Host: fqr44.wordpress.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i/logo/wpcom-gray-white.png HTTP/1.1Host: s2.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/js/mobile-useragent-info.js?m=1609849039i HTTP/1.1Host: s1.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://dartergary.wordpress.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /w.js?67 HTTP/1.1Host: stats.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_static/??/wp-content/js/rlt-proxy.js,/wp-content/mu-plugins/jetpack-plugin/sun/jetpack_vendor/automattic/jetpack-videopress/build/lib/token-bridge.js?m=1724856138j HTTP/1.1Host: s0.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuFuYMZ1rib2Bg-4.woff2 HTTP/1.1Host: fonts.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://dartergary.wordpress.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfMZ1rib2Bg-4.woff2 HTTP/1.1Host: fonts.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://dartergary.wordpress.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/hovercards/hovercards.min.js?ver=202444448e29c9ec460f70535c7958cd60e9e2980f935c5309d61d08f40d080a876779 HTTP/1.1Host: 0.gravatar.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240i HTTP/1.1Host: s2.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i/logo/wpcom-gray-white.png HTTP/1.1Host: s2.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/js/mobile-useragent-info.js?m=1609849039i HTTP/1.1Host: s1.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/blog-plugins/marketing-bar/images/wpcom-mark.svg HTTP/1.1Host: s0.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://s0.wp.com/wp-content/blog-plugins/marketing-bar/css/marketing-bar.css?m=1729529312i&cssminify=yesAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/hovercards/hovercards.min.css?ver=202444448e29c9ec460f70535c7958cd60e9e2980f935c5309d61d08f40d080a876779 HTTP/1.1Host: 0.gravatar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /w.js?67 HTTP/1.1Host: stats.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.7921517821766884 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /g.gif?blog=238502921&v=wpcom&tz=-4&user_id=0&subd=dartergary&host=dartergary.wordpress.com&ref=&rand=0.82970019227276 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /g.gif?crypt=UE40eW5QN0p8M2Y%2FRE1mJVY3bm9aR3VCbS9mWm1pRyZuJS1LX1t5QmRXZzE3RC9rQWZHK1FjbDltdWdaMVFFZTcxUGVHLWR0WTJoODFFSDFKMmdBdysuWmJ6fkpUJXxZPVlCQm1qNSxSYkxYZXV0d1ZYLjE1aVdvYUNlcHlGVl0vNXF%2BVEw2QmdPMUg9NjdbdU05bi4%2FZnomWzdTdHwyV3RtM25VTEE0Sm50bFozWEt5VWJ5UDU4Nk1NQ0E1R3A4VityWnxrYS80QUtiWTkuXXc1NnN5RGtkNGpCY2I9TyxuTFNJXW5FWGtVLEMxK0h%2BLndnQnc%3D&v=wpcom-no-pv&rand=0.16543343148914724 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/wp-emoji-release.min.js?m=1719498190i&ver=6.7-RC1-59308 HTTP/1.1Host: s2.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /t.gif?is_current_user_blog_owner=false&_en=wpcom_marketing_bar_impression&_ui=17YqG79Brj34dSgrHP4bzBgK&_ut=anon&_ts=1730228981995&_tz=4&_lg=en-US&_pf=Win32&_ht=1024&_wd=1280&_sx=0&_sy=0&_dl=https%3A%2F%2Fdartergary.wordpress.com%2F&_dr=&blog_id=238502921&blog_tz=-4&user_lang=en&blog_lang=en&user_id=0&_rt=1730228981996&_=_ HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /osd.xml HTTP/1.1Host: dartergary.wordpress.comConnection: keep-aliveSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/blog-plugins/marketing-bar/images/wpcom-mark.svg HTTP/1.1Host: s0.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /g.gif?blog=238502921&v=wpcom&tz=-4&user_id=0&subd=dartergary&host=dartergary.wordpress.com&ref=&rand=0.82970019227276 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.7921517821766884 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /g.gif?crypt=UE40eW5QN0p8M2Y%2FRE1mJVY3bm9aR3VCbS9mWm1pRyZuJS1LX1t5QmRXZzE3RC9rQWZHK1FjbDltdWdaMVFFZTcxUGVHLWR0WTJoODFFSDFKMmdBdysuWmJ6fkpUJXxZPVlCQm1qNSxSYkxYZXV0d1ZYLjE1aVdvYUNlcHlGVl0vNXF%2BVEw2QmdPMUg9NjdbdU05bi4%2FZnomWzdTdHwyV3RtM25VTEE0Sm50bFozWEt5VWJ5UDU4Nk1NQ0E1R3A4VityWnxrYS80QUtiWTkuXXc1NnN5RGtkNGpCY2I9TyxuTFNJXW5FWGtVLEMxK0h%2BLndnQnc%3D&v=wpcom-no-pv&rand=0.16543343148914724 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /t.gif?is_current_user_blog_owner=false&_en=wpcom_marketing_bar_impression&_ui=17YqG79Brj34dSgrHP4bzBgK&_ut=anon&_ts=1730228981995&_tz=4&_lg=en-US&_pf=Win32&_ht=1024&_wd=1280&_sx=0&_sy=0&_dl=https%3A%2F%2Fdartergary.wordpress.com%2F&_dr=&blog_id=238502921&blog_tz=-4&user_lang=en&blog_lang=en&user_id=0&_rt=1730228981996&_=_ HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/wp-emoji-release.min.js?m=1719498190i&ver=6.7-RC1-59308 HTTP/1.1Host: s2.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/mu-plugins/actionbar/actionbar.css?v=20241015 HTTP/1.1Host: s0.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i/favicon.ico HTTP/1.1Host: s1.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/mu-plugins/actionbar/actionbar.js?v=20231122 HTTP/1.1Host: s0.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/mu-plugins/actionbar/actionbar.js?v=20231122 HTTP/1.1Host: s0.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i/favicon.ico HTTP/1.1Host: s1.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=ywH7FaLO6aH19wT&MD=noSDGOKd HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /c.gif?u=https%3A%2F%2Fusqe.bin4tgla.com%2FfpI2Ggql%2F&r=&b=238502921&p=0&rand=0.5834010147506843 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fpI2Ggql/ HTTP/1.1Host: usqe.bin4tgla.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c.gif?u=https%3A%2F%2Fusqe.bin4tgla.com%2FfpI2Ggql%2F&r=&b=238502921&p=0&rand=0.5834010147506843 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://usqe.bin4tgla.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?render=explicit HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://usqe.bin4tgla.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?render=explicit HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: usqe.bin4tgla.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://usqe.bin4tgla.com/fpI2Ggql/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ink5a3lvWlZtaGdPTUdzNXNWNFkrdHc9PSIsInZhbHVlIjoiRWtVK3RlVkExNXRPYkdoY3lXTjNGUGFnVHA0SjFMMXhTMzVpbzlxQ3JzbC9hV0o2a2lwOElUaGJhN2p3ZTJncjNLZ1M2NHdBazBXTUkrQU45c2FJdGNHN3RBSHJtbEZDMVRXT2dYOEVKdmVXbFFBdktPNWoyeXdwckhuaU95cHQiLCJtYWMiOiI5ZGUyMzkxNDc4NzQ2YTczYmI5YjE3ODYwMzMzMWMzNGU3MGY3ZTU2NGYxZmZlYjE4Mzg1MmUzNGY3NjY3MjE0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkdKZTFpa3A0RzhTUEJNaCtwZ1ZUeWc9PSIsInZhbHVlIjoiam5sUXVYVk1Na200QWpnbmdySVMxQk1HdExOcXlFdzhPMFZ1ZDBMZDN4TDRjaC9nanRWaVVRYk5FWU9HSFJvWTBxdHZKUzZGRzJCYkFUOFVUMC9WZXNoTWFaZUQzNjlUZ0s5a2k2OTY4TlRlYTZCOUxSaEE2Rm11d3hhUk1aZU4iLCJtYWMiOiI2Y2Y0ODgwMjlmYThiNWY0Mjc3Y2U4NDcyMmUwZWExZjFjNDQ5Nzk0MWMxOTZmZGU0Mzc4ODE0YmJjZmNkMDkzIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&co=aHR0cHM6Ly91c3FlLmJpbjR0Z2xhLmNvbTo0NDM.&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=5a6ztk5kgw7u HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://usqe.bin4tgla.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&co=aHR0cHM6Ly91c3FlLmJpbjR0Z2xhLmNvbTo0NDM.&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=5a6ztk5kgw7uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/p-7RyvuJU9m0QQmVDJx8SL9t4pWXVpOJSp0296ydJmo.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&co=aHR0cHM6Ly91c3FlLmJpbjR0Z2xhLmNvbTo0NDM.&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=5a6ztk5kgw7uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/p-7RyvuJU9m0QQmVDJx8SL9t4pWXVpOJSp0296ydJmo.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://usqe.bin4tgla.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/reload?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7MXNoyJ98S8vYaKLVqOcyY96RFM577XE7fN75VpW1iO88SKR5BFLUDXQYN6ZT6AAmlO5WeZkMpc217Wa4fJBZT26_qOGNLjCXPfphKnud4CrzjckIdyCYWEqv14VONcvyKT8Ae4OUaDk2THegyHWo61miM2k-HD_c9WTjFQEYHMJcaBeKaAzWmtGr9qkrxck0w5AXU0-5jarhqehysIrtBXSiUYQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7MXNoyJ98S8vYaKLVqOcyY96RFM577XE7fN75VpW1iO88SKR5BFLUDXQYN6ZT6AAmlO5WeZkMpc217Wa4fJBZT26_qOGNLjCXPfphKnud4CrzjckIdyCYWEqv14VONcvyKT8Ae4OUaDk2THegyHWo61miM2k-HD_c9WTjFQEYHMJcaBeKaAzWmtGr9qkrxck0w5AXU0-5jarhqehysIrtBXSiUYQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6dVEIzpM3JHrpCYl9jcz_iqJn4_8jFXNv0yxm-6V4bX-xWihKEepTmtHOMOHVz3RjBTrXT7dN7gYxYTmvM9pch9frD_2Mt3aIGC1iHFdAculPLW-E-pvMwfXqdU-eFFIvfmgYdo6khSBA0SncV71vkgo0b4sCXigzgrEIRJFzMpiO5gqUj7ZosUIYXEi-OK8ItEStpAw4diRUHM1nMSnHfpBwisw&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=6666e44f208ad0c5 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7xha3gxL0LyuWF8xqJSoCy9aQ-CZnuJeBttoz9_4u-0dr2ooWnm-XyId997e5APa7ifIuB7pzFl0Ld1JHgMi727Mh_bXvh33TfwJ0QP4-jBMaOIGMY9nVllrV0ucFNLw_YWa5NAg0HBGl7nBIePGFmWIlko0bVYW4FzRKb_r8YRN5GuA3Fdmj1g-URC-WVZUOlHiPBV-qRB8c5HFucXS6ADUe7iw&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=e16caff0ee415144 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6dVEIzpM3JHrpCYl9jcz_iqJn4_8jFXNv0yxm-6V4bX-xWihKEepTmtHOMOHVz3RjBTrXT7dN7gYxYTmvM9pch9frD_2Mt3aIGC1iHFdAculPLW-E-pvMwfXqdU-eFFIvfmgYdo6khSBA0SncV71vkgo0b4sCXigzgrEIRJFzMpiO5gqUj7ZosUIYXEi-OK8ItEStpAw4diRUHM1nMSnHfpBwisw&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=6666e44f208ad0c5 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA57XaTzOr6lK-Qv7FFr_QBTPg0S8x0jkWwDyC7I6UHEXC_XFxPaNqt8KR5xYQPoeFcfsjB-M6tXRtBbavQjQWJCF7mZN9_aP-wLP44nVLa4RsNQZUeJDb29hxYKY4rlLOPTs_Td0kCcdGPGiv5xvNGkdS21kUFEBG7OcPIeL4i8e4t6Asyt6YxmP6fiTpBCxz4DxQ7Ys1AsZnDHJBqenX9jed7huQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=d54059ff5f6fc7f7 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7xha3gxL0LyuWF8xqJSoCy9aQ-CZnuJeBttoz9_4u-0dr2ooWnm-XyId997e5APa7ifIuB7pzFl0Ld1JHgMi727Mh_bXvh33TfwJ0QP4-jBMaOIGMY9nVllrV0ucFNLw_YWa5NAg0HBGl7nBIePGFmWIlko0bVYW4FzRKb_r8YRN5GuA3Fdmj1g-URC-WVZUOlHiPBV-qRB8c5HFucXS6ADUe7iw&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=e16caff0ee415144 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA57XaTzOr6lK-Qv7FFr_QBTPg0S8x0jkWwDyC7I6UHEXC_XFxPaNqt8KR5xYQPoeFcfsjB-M6tXRtBbavQjQWJCF7mZN9_aP-wLP44nVLa4RsNQZUeJDb29hxYKY4rlLOPTs_Td0kCcdGPGiv5xvNGkdS21kUFEBG7OcPIeL4i8e4t6Asyt6YxmP6fiTpBCxz4DxQ7Ys1AsZnDHJBqenX9jed7huQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=d54059ff5f6fc7f7 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA4bYc0s2zwhr0Dhx3dOazn3Hh4p7uY3CSETn6dA6rvCiWHE9OA-nOmnfN2ANundmWGke1Bjv2xi-GV3TO2LoMbXM_R2zufPfoD0XFD4lwrhK2FVthto7931CtAU3kcdffWKVtfZ2JNZsE0pCei2Leq-gBpTy3a6KgoAUB32sE_lB_-9wzhzHVikGwjcRkW_oG1wzKT1sJC3C7lN64gfM9pbHpzGzQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=8a68f4902f9f4669 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA4bYc0s2zwhr0Dhx3dOazn3Hh4p7uY3CSETn6dA6rvCiWHE9OA-nOmnfN2ANundmWGke1Bjv2xi-GV3TO2LoMbXM_R2zufPfoD0XFD4lwrhK2FVthto7931CtAU3kcdffWKVtfZ2JNZsE0pCei2Leq-gBpTy3a6KgoAUB32sE_lB_-9wzhzHVikGwjcRkW_oG1wzKT1sJC3C7lN64gfM9pbHpzGzQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=8a68f4902f9f4669 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=ywH7FaLO6aH19wT&MD=noSDGOKd HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA4blY5MVPIuxvSqI2F8cJcTKI2jykD8dKcYCKNyJQdUqY-SQpdKOMdYDiVMy4PmaNToi6BkEpkYn5Zl4Gtipty5tV9tppOBZgn-Pgvikm2gLFlilOhjl2gYxwcbr39AqOMgA0M752LSRhzi28wHTsBKKrDYHyZwev37Obyl2ymyAWoy6C_LXFsPc9tyfe9W6qCDaYfwhprtiyWI7IdDeYk-gjLmVg&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=34d5e020329daa00 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA4blY5MVPIuxvSqI2F8cJcTKI2jykD8dKcYCKNyJQdUqY-SQpdKOMdYDiVMy4PmaNToi6BkEpkYn5Zl4Gtipty5tV9tppOBZgn-Pgvikm2gLFlilOhjl2gYxwcbr39AqOMgA0M752LSRhzi28wHTsBKKrDYHyZwev37Obyl2ymyAWoy6C_LXFsPc9tyfe9W6qCDaYfwhprtiyWI7IdDeYk-gjLmVg&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=34d5e020329daa00 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6aKgKXaVx0pzUyPhNpP81tC9vowwRIv_H5QEpw_3-VVjJAix-NPyxXGouAtmE_vTn4S_euGzGphYBBQHDxbQPANlvJA0FKUilBpXe45XLcNk7ElD-2BBdElX3zgpt8KT_nXNv4Nq9utVoF4ywsZvwR_z0gphSUFaSuQjnZENd_jRXJR1Pm2UFXwUh2k-4aITHgyHKtpHhb4bD9uwlpYOW4FhCp_w&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=e2eca1451c1cfc28 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6aKgKXaVx0pzUyPhNpP81tC9vowwRIv_H5QEpw_3-VVjJAix-NPyxXGouAtmE_vTn4S_euGzGphYBBQHDxbQPANlvJA0FKUilBpXe45XLcNk7ElD-2BBdElX3zgpt8KT_nXNv4Nq9utVoF4ywsZvwR_z0gphSUFaSuQjnZENd_jRXJR1Pm2UFXwUh2k-4aITHgyHKtpHhb4bD9uwlpYOW4FhCp_w&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=e2eca1451c1cfc28 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/userverify?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6LY5a_sjoH9yvpmbEh0CtZQlmUakH4UvubxSxHHJkgU0G9bAzr6I0MddOzcJEu1XGBmIC2cV6m0Dxir3cdfDboH-0g8Psw8c0T-mcrf7lkroG7ZwpNHkXk3HnLiiaEN-b8-mhRh2kd6qKZhKZi_wXtMyXqY98dgFWFNcsdHZk9KqUo9Qo36_5HKbaTC9lcL1LM6e10_ZL_O3CJeFLXF6TB_DfgLQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6LY5a_sjoH9yvpmbEh0CtZQlmUakH4UvubxSxHHJkgU0G9bAzr6I0MddOzcJEu1XGBmIC2cV6m0Dxir3cdfDboH-0g8Psw8c0T-mcrf7lkroG7ZwpNHkXk3HnLiiaEN-b8-mhRh2kd6qKZhKZi_wXtMyXqY98dgFWFNcsdHZk9KqUo9Qo36_5HKbaTC9lcL1LM6e10_ZL_O3CJeFLXF6TB_DfgLQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/reload?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6ybvhC6a36EKdcCTGBHKZReYQA4R_kkyWNSJTDAm7m3lFMEhYkCENSDziHiW9sRhbOJ86_Rsz2zmABWs2jn-El121Z6wW8aDnqJ4qjwO5ZcN3u6_Qzb1T_FqjH0O-Yzag-DOjDPnlRhcPtZhGPXV1TKAg9b0B7NcFkz3bKVPSKNagZW5Tfeoh0tPt_RS9jsUxjM_M1IE9oo08LmfUhCYLue86Lrw&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6ybvhC6a36EKdcCTGBHKZReYQA4R_kkyWNSJTDAm7m3lFMEhYkCENSDziHiW9sRhbOJ86_Rsz2zmABWs2jn-El121Z6wW8aDnqJ4qjwO5ZcN3u6_Qzb1T_FqjH0O-Yzag-DOjDPnlRhcPtZhGPXV1TKAg9b0B7NcFkz3bKVPSKNagZW5Tfeoh0tPt_RS9jsUxjM_M1IE9oo08LmfUhCYLue86Lrw&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5CRWb0pqYXQQK9znJ5KV0VwEOa4LwTb8cyN7pOwIZZ04W9ux6A5u-MAbH1xLyDQMREJb298rgjzqYg-SfwWz7xWuHpDGxazw8zRRljMsmI_2zKtxQ_m35rkCI5Lk7f5FhQABxvWvoIdrGF0A4ARXIg27QobrPOi2xAvxvGvMxG3zZi2Qucrr1lJTYtpc5XFS8wOT6E2kdH05v1_mpmO1RBCjs__A&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=70db3a36bb8782c5 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5CRWb0pqYXQQK9znJ5KV0VwEOa4LwTb8cyN7pOwIZZ04W9ux6A5u-MAbH1xLyDQMREJb298rgjzqYg-SfwWz7xWuHpDGxazw8zRRljMsmI_2zKtxQ_m35rkCI5Lk7f5FhQABxvWvoIdrGF0A4ARXIg27QobrPOi2xAvxvGvMxG3zZi2Qucrr1lJTYtpc5XFS8wOT6E2kdH05v1_mpmO1RBCjs__A&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=70db3a36bb8782c5 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5VkcAf__VfTECYjxR1zEjzEeUqVCOpmy-ToMC2oDpihFBDApkF8YSBcGEFkDfjNL2dpJ0UkZxupvRNtyeNT3I-AyHNENAwb2_-DZOzGTlUQhzKcFMf65SiWoFSAE7eERvRg56uYB2WYqJiFCyof5l6Ujg7_TfkOu8WyD8wBDc7sMz5db5AsNDucIwFkZC3Wv7YQcOYnOMgB2ZRVWzf__aR6mJjrA&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=3b23377149f960fd HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7hWBNHMulugtwoVWu7X763ky27tPptOgTfOFgi0ix1mEsIbU1bV0fMrExjgEe-XsEDkSQQ-scQizQ4ie4ZKTRVXCMEJg7q5bRV1gkwixSdbl21ToeD4P9mpA7Laa8XaFr4zFrMcnN40ikXzItuICvb2_osnQeehe4--t1C7gr2i6nMa9QSddKi7xInP1h-SiEKj2cy6oKqzHeLl4B_GLV50U1Rqg&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=bda71fdb839543f2 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5VkcAf__VfTECYjxR1zEjzEeUqVCOpmy-ToMC2oDpihFBDApkF8YSBcGEFkDfjNL2dpJ0UkZxupvRNtyeNT3I-AyHNENAwb2_-DZOzGTlUQhzKcFMf65SiWoFSAE7eERvRg56uYB2WYqJiFCyof5l6Ujg7_TfkOu8WyD8wBDc7sMz5db5AsNDucIwFkZC3Wv7YQcOYnOMgB2ZRVWzf__aR6mJjrA&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=3b23377149f960fd HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7hWBNHMulugtwoVWu7X763ky27tPptOgTfOFgi0ix1mEsIbU1bV0fMrExjgEe-XsEDkSQQ-scQizQ4ie4ZKTRVXCMEJg7q5bRV1gkwixSdbl21ToeD4P9mpA7Laa8XaFr4zFrMcnN40ikXzItuICvb2_osnQeehe4--t1C7gr2i6nMa9QSddKi7xInP1h-SiEKj2cy6oKqzHeLl4B_GLV50U1Rqg&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=bda71fdb839543f2 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5i8qwOuZB2iEwQDIdMHHWCLx-DuxUkeqApRjcEcwOaom8dbnwlDBi1LlrOXwLH5TEg1nTW6DY2EP82MHHV_XtkT-xVrmmSi4TaBKCqrmS785OToDqZC8eHMnTJ0gBeLGZ-3VLhLefrMu_iOeAskLfzs-v_AMWbEnd86JjsFN5vRmcIAtKhS2jJI5Ksj3hLyAIddd9_O15f6l1Uupsya2vGXfDoAQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=3cc9e5c0b37478a1 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5i8qwOuZB2iEwQDIdMHHWCLx-DuxUkeqApRjcEcwOaom8dbnwlDBi1LlrOXwLH5TEg1nTW6DY2EP82MHHV_XtkT-xVrmmSi4TaBKCqrmS785OToDqZC8eHMnTJ0gBeLGZ-3VLhLefrMu_iOeAskLfzs-v_AMWbEnd86JjsFN5vRmcIAtKhS2jJI5Ksj3hLyAIddd9_O15f6l1Uupsya2vGXfDoAQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=3cc9e5c0b37478a1 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/userverify?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /qdpjrzhatduxxtuetbpHeUBGVUCFBHGNDJGJTMHXFMZFJYWFCBGLPUJYUAPTPOGHOIQ HTTP/1.1Host: hib4k6i4e0wuyxupagrlur637pll4b5cys71i1hba1alaqpyfije.unimpociarp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://usqe.bin4tgla.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://usqe.bin4tgla.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /qdpjrzhatduxxtuetbpHeUBGVUCFBHGNDJGJTMHXFMZFJYWFCBGLPUJYUAPTPOGHOIQ HTTP/1.1Host: hib4k6i4e0wuyxupagrlur637pll4b5cys71i1hba1alaqpyfije.unimpociarp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=C0137F6A52DEAFCC0A490D4C%40AdobeOrg&d_nsid=0&ts=1730229081200 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://www.asos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.asos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=C0137F6A52DEAFCC0A490D4C%40AdobeOrg&d_nsid=0&ts=1730229081200 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://www.asos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.asos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=92169019881272936840057734661199256896
Source: global traffic	HTTP traffic detected: GET /id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=C0137F6A52DEAFCC0A490D4C%40AdobeOrg&d_nsid=0&ts=1730229081200 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=92169019881272936840057734661199256896
Source: global traffic	HTTP traffic detected: GET /dest5.html?d_nsid=undefined HTTP/1.1Host: asos.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.asos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=92169019881272936840057734661199256896
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=C0137F6A52DEAFCC0A490D4C%40AdobeOrg&mid=91889772507628273200045547028246444940&ts=1730229083403 HTTP/1.1Host: metrics.asos.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://www.asos.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.asos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: geocountry=US; _abck=14F88662DEAECFC12E5FBD09ED921080~-1~YAAQF/AQAs2QNNOSAQAATIew2QwLKpeecCv+v97MlQZhNB4zNJSrIoxbm41VbKTvv+RzKaSqjUqjvvAM63+avI+Pn+4ye0Up0agJfaW5eNR5+6jzr6ljrC0nrcotLSItqPr8I/QAyO1lnlbqO+ZhX8m5eovDNNS1xAp3takJjXCYswpl3hSR7m/i5otKqh7EIO4457xlWDiLDU4ruUPb6FFDcpjs9FrLl6wBlkCIGS71bVHyBgxXvPoddb5LXtxnB65mK92UpcAN9NnzYofW7ai8Yd88uu/vHdRtPPpGBzBYzBi4VpqUD+Sam5jhEi7zFt8ogiF8MdjeLoArVUyeMRkqVYYZK5/K5cUfURpI/WUbNZ2tUnuxJjZ4z2HK+eIhEjV7cCoFQ/bPc0XzcP4ngMameIhby/fyxWua~-1~-1~-1; bm_sz=C6560B727C2E1BF7EC11CF61B16D1E2E~YAAQF/AQAs6QNNOSAQAATIew2RkiZ/ZFgWnTEcjtF1YaHy4fTiDqA4YcAxn5LnPjd6nAu6Q8tI4u6cQ8aUQpwDx52fWnmHn7LhdnQYo16QT3VxROCl0UacXgIO6TElARdeB3WlPOPtcSTCqfZiioRMdAPSc/e7pRvfJ8Gn5PQfQTKJKIbExIKndW3WhD8WYCqneLiW+SD6digNqWAZXhXB39PnjIiLQZtCsOLnFIPAJpTXop0cW+dff89Q24Q/es+IM8boOQqu3n7toc0jHhG0aXEHo2SHvvOdsVLISJ6tZimh2dhEwu/aI6e0gvNy5uv0WlhzhgynlnlV2lvgg9acPb+jW1f7KuRTVGjhVyV+HGMnJTJj8kAaCzzjv0H0X3Doo=~4404018~4337977; s_pers=%20eVar225%3D1%7C1730230881209%3B%20s_vnum%3D1730433600214%2526vn%253D1%7C1730433600214%3B%20s_invisit%3Dtrue%7C1730230881214%3B%20visitCount%3D1%7C1730230881217%3B; RT="z=1&dm=asos.com&si=6d56e97d-38ce-4cc7-9878-1f9d780233d1&ss=m2utpuu0&sl=0&tt=0&bcn=%2F%2F684dd32e.akstat.io%2F"; AMCVS_C0137F6A52DEAFCC0A490D4C%40AdobeOrg=1; AMCV_C0137F6A52DEAFCC0A490D4C%40AdobeOrg=-1303530583%7CMCMID%7C91889772507628273200045547028246444940%7CMCAAMLH-1730833883%7C6%7CMCAAMB-1730833883%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1730236283s%7CNONE%7CvVersion%7C3.3.0
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=C0137F6A52DEAFCC0A490D4C%40AdobeOrg&mid=91889772507628273200045547028246444940&ts=1730229083403 HTTP/1.1Host: metrics.asos.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: geocountry=US; _abck=14F88662DEAECFC12E5FBD09ED921080~-1~YAAQF/AQAs2QNNOSAQAATIew2QwLKpeecCv+v97MlQZhNB4zNJSrIoxbm41VbKTvv+RzKaSqjUqjvvAM63+avI+Pn+4ye0Up0agJfaW5eNR5+6jzr6ljrC0nrcotLSItqPr8I/QAyO1lnlbqO+ZhX8m5eovDNNS1xAp3takJjXCYswpl3hSR7m/i5otKqh7EIO4457xlWDiLDU4ruUPb6FFDcpjs9FrLl6wBlkCIGS71bVHyBgxXvPoddb5LXtxnB65mK92UpcAN9NnzYofW7ai8Yd88uu/vHdRtPPpGBzBYzBi4VpqUD+Sam5jhEi7zFt8ogiF8MdjeLoArVUyeMRkqVYYZK5/K5cUfURpI/WUbNZ2tUnuxJjZ4z2HK+eIhEjV7cCoFQ/bPc0XzcP4ngMameIhby/fyxWua~-1~-1~-1; bm_sz=C6560B727C2E1BF7EC11CF61B16D1E2E~YAAQF/AQAs6QNNOSAQAATIew2RkiZ/ZFgWnTEcjtF1YaHy4fTiDqA4YcAxn5LnPjd6nAu6Q8tI4u6cQ8aUQpwDx52fWnmHn7LhdnQYo16QT3VxROCl0UacXgIO6TElARdeB3WlPOPtcSTCqfZiioRMdAPSc/e7pRvfJ8Gn5PQfQTKJKIbExIKndW3WhD8WYCqneLiW+SD6digNqWAZXhXB39PnjIiLQZtCsOLnFIPAJpTXop0cW+dff89Q24Q/es+IM8boOQqu3n7toc0jHhG0aXEHo2SHvvOdsVLISJ6tZimh2dhEwu/aI6e0gvNy5uv0WlhzhgynlnlV2lvgg9acPb+jW1f7KuRTVGjhVyV+HGMnJTJj8kAaCzzjv0H0X3Doo=~4404018~4337977; s_pers=%20eVar225%3D1%7C1730230881209%3B%20s_vnum%3D1730433600214%2526vn%253D1%7C1730433600214%3B%20s_invisit%3Dtrue%7C1730230881214%3B%20visitCount%3D1%7C1730230881217%3B; RT="z=1&dm=asos.com&si=6d56e97d-38ce-4cc7-9878-1f9d780233d1&ss=m2utpuu0&sl=0&tt=0&bcn=%2F%2F684dd32e.akstat.io%2F"; AMCVS_C0137F6A52DEAFCC0A490D4C%40AdobeOrg=1; s_ecid=MCMID%7C91889772507628273200045547028246444940; AMCV_C0137F6A52DEAFCC0A490D4C%40AdobeOrg=-1303530583%7CMCMID%7C91889772507628273200045547028246444940%7CMCAAMLH-1730833883%7C6%7CMCAAMB-1730833883%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1730236283s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C3.3.0
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=3.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=C0137F6A52DEAFCC0A490D4C%40AdobeOrg&d_nsid=0&d_mid=91889772507628273200045547028246444940&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&ts=1730229084675 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://www.asos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.asos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=92169019881272936840057734661199256896
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=3.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=C0137F6A52DEAFCC0A490D4C%40AdobeOrg&d_nsid=0&d_mid=91889772507628273200045547028246444940&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&ts=1730229084675 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=92169019881272936840057734661199256896
Source: global traffic	HTTP traffic detected: GET /js/19181552552.js HTTP/1.1Host: cdn.optimizely.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.asos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=411&dpuuid=ZyEzYwAAANsMEgN- HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.asos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=92169019881272936840057734661199256896
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=411&dpuuid=ZyEzYwAAANsMEgN- HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=92169019881272936840057734661199256896; dpm=92169019881272936840057734661199256896
Source: global traffic	HTTP traffic detected: GET /js/19181552552.js HTTP/1.1Host: cdn.optimizely.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_storage/a19065870423.html HTTP/1.1Host: a19065870423.cdn.optimizely.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.asos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1Host: static.cloudflareinsights.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://a19065870423.cdn.optimizely.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://a19065870423.cdn.optimizely.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1Host: static.cloudflareinsights.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /b/ss/asoscomprod/1/JS-2.1.0/s62048325749810?AQB=1&ndh=1&pf=1&t=29%2F9%2F2024%2015%3A11%3A26%202%20240&mid=91889772507628273200045547028246444940&aamlh=6&ce=UTF-8&ns=asos&pageName=desktop%20com%7Chome%20page%7Chome&g=https%3A%2F%2Fwww.asos.com%2F&r=https%3A%2F%2Fusqe.bin4tgla.com%2F&ch=home%20page%20&server=desktop%20com&events=event128%3D-1730229075288%2Cevent121%2Cevent79&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=home&v1=1&c2=home&c3=home&c5=2024-10-29T19%3A11%3A26.738Z&v6=home&c8=home&c11=https%3A%2F%2Fwww.asos.com%2F&v17=New&v19=1280%3A907&v29=1582&v30=-1730229075288&c39=mw%20brand%201%2Cmw%20brand%202%2Cmw%20brand%203%2Cmw%20brand%204%2Cww%20brand%201%2Cww%20brand%202%2Cww%20brand%203%2Cww%20brand%204%2Cshop%20mw%20brands%20cta%2Cshop%20ww%20brands%20cta%2Cfeature%201%2Cfeature%202%2Cfeature%203%2Cfeature%204%2Chero%2Cthe%20biggest%20labels%20title%2Cwomens%20categories%20title%2Cww%20uk%20seo%20links%2Cmens%20categories%20title%2Cmw%20uk%20seo%20links%2C&v60=home&v61=home&v112=gb&v113=gbp&v137=26f843c4e1bf4d7f97df8b22e4336f2c&v225=1&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=907&mcorgid=C0137F6A52DEAFCC0A490D4C%40AdobeOrg&AQE=1 HTTP/1.1Host: metrics.asos.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.asos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: geocountry=US; bm_sz=C6560B727C2E1BF7EC11CF61B16D1E2E~YAAQF/AQAs6QNNOSAQAATIew2RkiZ/ZFgWnTEcjtF1YaHy4fTiDqA4YcAxn5LnPjd6nAu6Q8tI4u6cQ8aUQpwDx52fWnmHn7LhdnQYo16QT3VxROCl0UacXgIO6TElARdeB3WlPOPtcSTCqfZiioRMdAPSc/e7pRvfJ8Gn5PQfQTKJKIbExIKndW3WhD8WYCqneLiW+SD6digNqWAZXhXB39PnjIiLQZtCsOLnFIPAJpTXop0cW+dff89Q24Q/es+IM8boOQqu3n7toc0jHhG0aXEHo2SHvvOdsVLISJ6tZimh2dhEwu/aI6e0gvNy5uv0WlhzhgynlnlV2lvgg9acPb+jW1f7KuRTVGjhVyV+HGMnJTJj8kAaCzzjv0H0X3Doo=~4404018~4337977; RT="z=1&dm=asos.com&si=6d56e97d-38ce-4cc7-9878-1f9d780233d1&ss=m2utpuu0&sl=0&tt=0&bcn=%2F%2F684dd32e.akstat.io%2F"; AMCVS_C0137F6A52DEAFCC0A490D4C%40AdobeOrg=1; s_ecid=MCMID%7C91889772507628273200045547028246444940; keyStoreDataversion=mhabj1f-41; browseCountry=GB; asos-anon12=0192d9b0a9fe75a9922bdd86c9628202; asos-ts121=0192d9b0-a9ff-7a0e-a7ac-a1c084ca85f2; s_pers=%20eVar225%3D1%7C1730230881209%3B%20s_vnum%3D1730433600214%2526vn%253D1%7C1730433600214%3B%20visitCount%3D1%7C1730230881217%3B%20s_invisit%3Dtrue%7C1730230886728%3B%20s_nr%3D1730229086730-New%7C1761765086730%3B%20gpv_p10%3Ddesktop%2520com%257Chome%2520page%257Chome%7C1730230886731%3B%20gpv_p6%3D%2520%7C1730230886734%3B%20gpv_e47%3Dhome%7C1730230886735%3B; _s_fpv=true; s_cc=true; featuresId=9d59d24d-b5c1-4a98-84e1-ca138ab682
Source: global traffic	HTTP traffic detected: GET /b/ss/asoscomprod/1/JS-2.1.0/s62048325749810?AQB=1&ndh=1&pf=1&t=29%2F9%2F2024%2015%3A11%3A26%202%20240&mid=91889772507628273200045547028246444940&aamlh=6&ce=UTF-8&ns=asos&pageName=desktop%20com%7Chome%20page%7Chome&g=https%3A%2F%2Fwww.asos.com%2F&r=https%3A%2F%2Fusqe.bin4tgla.com%2F&ch=home%20page%20&server=desktop%20com&events=event128%3D-1730229075288%2Cevent121%2Cevent79&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=home&v1=1&c2=home&c3=home&c5=2024-10-29T19%3A11%3A26.738Z&v6=home&c8=home&c11=https%3A%2F%2Fwww.asos.com%2F&v17=New&v19=1280%3A907&v29=1582&v30=-1730229075288&c39=mw%20brand%201%2Cmw%20brand%202%2Cmw%20brand%203%2Cmw%20brand%204%2Cww%20brand%201%2Cww%20brand%202%2Cww%20brand%203%2Cww%20brand%204%2Cshop%20mw%20brands%20cta%2Cshop%20ww%20brands%20cta%2Cfeature%201%2Cfeature%202%2Cfeature%203%2Cfeature%204%2Chero%2Cthe%20biggest%20labels%20title%2Cwomens%20categories%20title%2Cww%20uk%20seo%20links%2Cmens%20categories%20title%2Cmw%20uk%20seo%20links%2C&v60=home&v61=home&v112=gb&v113=gbp&v137=26f843c4e1bf4d7f97df8b22e4336f2c&v225=1&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=907&mcorgid=C0137F6A52DEAFCC0A490D4C%40AdobeOrg&AQE=1 HTTP/1.1Host: metrics.asos.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: geocountry=US; bm_sz=C6560B727C2E1BF7EC11CF61B16D1E2E~YAAQF/AQAs6QNNOSAQAATIew2RkiZ/ZFgWnTEcjtF1YaHy4fTiDqA4YcAxn5LnPjd6nAu6Q8tI4u6cQ8aUQpwDx52fWnmHn7LhdnQYo16QT3VxROCl0UacXgIO6TElARdeB3WlPOPtcSTCqfZiioRMdAPSc/e7pRvfJ8Gn5PQfQTKJKIbExIKndW3WhD8WYCqneLiW+SD6digNqWAZXhXB39PnjIiLQZtCsOLnFIPAJpTXop0cW+dff89Q24Q/es+IM8boOQqu3n7toc0jHhG0aXEHo2SHvvOdsVLISJ6tZimh2dhEwu/aI6e0gvNy5uv0WlhzhgynlnlV2lvgg9acPb+jW1f7KuRTVGjhVyV+HGMnJTJj8kAaCzzjv0H0X3Doo=~4404018~4337977; RT="z=1&dm=asos.com&si=6d56e97d-38ce-4cc7-9878-1f9d780233d1&ss=m2utpuu0&sl=0&tt=0&bcn=%2F%2F684dd32e.akstat.io%2F"; AMCVS_C0137F6A52DEAFCC0A490D4C%40AdobeOrg=1; s_ecid=MCMID%7C91889772507628273200045547028246444940; keyStoreDataversion=mhabj1f-41; browseCountry=GB; asos-anon12=0192d9b0a9fe75a9922bdd86c9628202; asos-ts121=0192d9b0-a9ff-7a0e-a7ac-a1c084ca85f2; s_pers=%20eVar225%3D1%7C1730230881209%3B%20s_vnum%3D1730433600214%2526vn%253D1%7C1730433600214%3B%20visitCount%3D1%7C1730230881217%3B%20s_invisit%3Dtrue%7C1730230886728%3B%20s_nr%3D1730229086730-New%7C1761765086730%3B%20gpv_p10%3Ddesktop%2520com%257Chome%2520page%257Chome%7C1730230886731%3B%20gpv_p6%3D%2520%7C1730230886734%3B%20gpv_e47%3Dhome%7C1730230886735%3B; _s_fpv=true; s_cc=true; featuresId=9d59d24d-b5c1-4a98-84e1-ca138ab682e4; asos-b-sdv629=mhabj1f-41; _abck=14F88662DEAECFC12E5FBD09ED921080~-1~YAAQF/AQAmGWNNOSAQAA7Law2Qw0n0/eBYMu+9SwCtiwrex9C7d7XKlT9/WcsrIn0AfDWKxLXOTFu82eEr1EQhHcOr+oNn5TW+QTvjLe4x+YZwOtdoO44atenSB+Yl0rA/zRr2Iyx7z/z3VQWAVPiahmD1878VN

Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: "https://www.facebook.com/ASOS", equals www.facebook.com (Facebook)
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: "sameAs" : [ "https://www.youtube.com/asos", equals www.youtube.com (Youtube)
Source: chromecache_246.1.dr, chromecache_303.1.dr, chromecache_300.1.dr	String found in binary or memory: return b}lD.F="internal.enableAutoEventOnTimer";var Yb=ka(["data-gtm-yt-inspected-"]),nD=["www.youtube.com","www.youtube-nocookie.com"],oD,pD=!1; equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: dartergary.wordpress.com
Source: global traffic	DNS traffic detected: DNS query: s0.wp.com
Source: global traffic	DNS traffic detected: DNS query: s1.wp.com
Source: global traffic	DNS traffic detected: DNS query: s2.wp.com
Source: global traffic	DNS traffic detected: DNS query: fqr44.wordpress.com
Source: global traffic	DNS traffic detected: DNS query: 0.gravatar.com
Source: global traffic	DNS traffic detected: DNS query: stats.wp.com
Source: global traffic	DNS traffic detected: DNS query: fonts.wp.com
Source: global traffic	DNS traffic detected: DNS query: pixel.wp.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: usqe.bin4tgla.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: hib4k6i4e0wuyxupagrlur637pll4b5cys71i1hba1alaqpyfije.unimpociarp.com
Source: global traffic	DNS traffic detected: DNS query: www.asos.com
Source: global traffic	DNS traffic detected: DNS query: content.asos-media.com
Source: global traffic	DNS traffic detected: DNS query: images.asos-media.com
Source: global traffic	DNS traffic detected: DNS query: www.asos-video.com
Source: global traffic	DNS traffic detected: DNS query: assets.asosservices.com
Source: global traffic	DNS traffic detected: DNS query: cdn.optimizely.com
Source: global traffic	DNS traffic detected: DNS query: my.asos.com
Source: global traffic	DNS traffic detected: DNS query: ci.asosservices.com
Source: global traffic	DNS traffic detected: DNS query: res.cloudinary.com
Source: global traffic	DNS traffic detected: DNS query: s2.go-mpulse.net
Source: global traffic	DNS traffic detected: DNS query: dpm.demdex.net
Source: global traffic	DNS traffic detected: DNS query: c.go-mpulse.net
Source: global traffic	DNS traffic detected: DNS query: creativeassets.asosservices.com
Source: global traffic	DNS traffic detected: DNS query: resources.asosservices.com
Source: global traffic	DNS traffic detected: DNS query: asos.demdex.net
Source: global traffic	DNS traffic detected: DNS query: metrics.asos.com
Source: global traffic	DNS traffic detected: DNS query: reporting.go-mpulse.net
Source: global traffic	DNS traffic detected: DNS query: www.asosglobal.com
Source: global traffic	DNS traffic detected: DNS query: cm.everesttech.net
Source: global traffic	DNS traffic detected: DNS query: a19065870423.cdn.optimizely.com
Source: global traffic	DNS traffic detected: DNS query: static.cloudflareinsights.com
Source: global traffic	DNS traffic detected: DNS query: logx.optimizely.com

Source: unknown

HTTP traffic detected: POST /report/v4?s=sMPDIxYmm%2Frw3mK%2BHL72fQptt8lqq7Mtf6Z6LYahGd3TkQRJ8KUB7RswbOowqO1WCGd%2FyVGaqhgixMgzAoX4JMMSOWYS385qLXizPVu1FRLnBIJsiD8jfSe6NeMM4w%3D%3D HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 432Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 29 Oct 2024 19:10:02 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400Age: 10140Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sMPDIxYmm%2Frw3mK%2BHL72fQptt8lqq7Mtf6Z6LYahGd3TkQRJ8KUB7RswbOowqO1WCGd%2FyVGaqhgixMgzAoX4JMMSOWYS385qLXizPVu1FRLnBIJsiD8jfSe6NeMM4w%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-Encodingalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=22828&sent=244&recv=103&lost=0&retrans=0&sent_bytes=286315&recv_bytes=19389&delivery_rate=2104196&cwnd=229&unsent_bytes=0&cid=86849e3f6c99b7dd&ts=791534&x=0"CF-Cache-Status: HITServer: cloudflareCF-RAY: 8da576a10ca92877-DFWserver-timing: cfL4;desc="?proto=TCP&rtt=1313&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2827&recv_bytes=1900&delivery_rate=2002766&cwnd=251&unsent_bytes=0&cid=556e3a53c114fab6&ts=5860&x=0"

Source: chromecache_249.1.dr	String found in binary or memory: http://a9.com/-/spec/opensearch/1.1/
Source: chromecache_185.1.dr	String found in binary or memory: http://schema.org
Source: chromecache_249.1.dr	String found in binary or memory: http://www.mozilla.org/2006/browser/search/
Source: chromecache_300.1.dr	String found in binary or memory: https://ad.doubleclick.net
Source: chromecache_300.1.dr	String found in binary or memory: https://ade.googlesyndication.com
Source: chromecache_300.1.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://app.optimizely.com/js/innie.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com
Source: chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/asos-ui/manifest/windowManifest.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/asos-ui/sdk/bag-sdk-9.0.0.min.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/asos-ui/sdk/saved-items-sdk.iife.48b6fe50.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/asos-ui/web-request/browser.es5.defc2d72.js
Source: chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/fonts/futura-pt/LICENSE.txt
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/fonts/futura-pt/bold.11074381.woff2
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/fonts/futura-pt/bold.11074381.woff2)
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/fonts/futura-pt/book.1bb391ee.woff2
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/fonts/futura-pt/book.1bb391ee.woff2)
Source: chromecache_191.1.dr	String found in binary or memory: https://assets.asosservices.com/fonts/futura-pt/creative.1fc777b4.woff2)
Source: chromecache_191.1.dr	String found in binary or memory: https://assets.asosservices.com/fonts/futura-pt/creativeBold.1f9423cd.woff2)
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://assets.asosservices.com/productpg/pdp.spritesheet-195ad2bf.svg)
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/shared/jquery.742e47af.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/shared/require.7c30e08a.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/shared/uuid.76892287.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/client.newrelicclient.b259fc7924b4379328f1.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/client.sitechrome.b41df99c18eb4328a7b6.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/client.sitechrome.deferred.13c30ac023f768c61047.
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/client.sitechrome.deferred.1897f5341c56d1e99fd5.
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/client.sitechrome.styles.5e1a24317184f1ea8c00.cs
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/client.sitechrome.styles.b9d17db11b52ff8009cc.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/cookieScript.2d2fd467.inlined.js.map
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/newRelicSettingsScript.7ad45646.inlined.js.map
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/nonCriticalStylesheetLoader.2c3638e0.inlined.js.
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/oneTrust/13.0.0-6ca9c0c7-69/scripttemplates/otSD
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/palette.8d34b5bdde.css.map
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/translations.251ba614b8a464ef71b8.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/vendors.7066a9f385c04a3ae6f5.css
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/vendors.d80e45b3529c947b8d3f.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/storesa/images/flags/gb.png
Source: chromecache_246.1.dr, chromecache_303.1.dr, chromecache_300.1.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://cdn-assets-prod.s3.amazonaws.com/js/preview2/19181552552.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://cdn.optimizely.com
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://ci.asosservices.com
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://ci.asosservices.com/core/shared-libs-4.0.15.min.js
Source: chromecache_274.1.dr, chromecache_221.1.dr, chromecache_325.1.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_274.1.dr, chromecache_221.1.dr, chromecache_325.1.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_246.1.dr, chromecache_303.1.dr	String found in binary or memory: https://connect.facebook.net/en_US/fbevents.js
Source: chromecache_185.1.dr	String found in binary or memory: https://content.asos-media.com/-/media/homepages/unisex/generic-hp/june-2024/eng-speaking/titles/202
Source: chromecache_185.1.dr	String found in binary or memory: https://content.asos-media.com/-/media/homepages/unisex/generic-hp/oct-2024/28-brands-update/mw/prom
Source: chromecache_185.1.dr	String found in binary or memory: https://content.asos-media.com/-/media/homepages/unisex/generic-hp/oct-2024/28-brands-update/ww/prom
Source: chromecache_185.1.dr	String found in binary or memory: https://content.asos-media.com/-/media/homepages/unisex/generic-hp/oct-2024/28-uk-brand-campaign/pro
Source: chromecache_185.1.dr	String found in binary or memory: https://content.asos-media.com/-/media/homepages/unisex/generic-hp/oct-2024/28-uk-brand-campaign/ref
Source: chromecache_185.1.dr	String found in binary or memory: https://content.asos-media.com/-/media/images/asos/logo/icon_svg.svg
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://creativeassets.asosservices.com/js/cx-nrelic.js
Source: chromecache_299.1.dr, chromecache_249.1.dr	String found in binary or memory: https://dartergary.wordpress.com
Source: chromecache_299.1.dr	String found in binary or memory: https://dartergary.wordpress.com/
Source: chromecache_249.1.dr	String found in binary or memory: https://dartergary.wordpress.com/?s=
Source: chromecache_299.1.dr	String found in binary or memory: https://dartergary.wordpress.com/comments/feed/
Source: chromecache_249.1.dr	String found in binary or memory: https://dartergary.wordpress.com/favicon.ico
Source: chromecache_299.1.dr	String found in binary or memory: https://dartergary.wordpress.com/feed/
Source: chromecache_299.1.dr, chromecache_249.1.dr	String found in binary or memory: https://dartergary.wordpress.com/osd.xml
Source: chromecache_299.1.dr	String found in binary or memory: https://dartergary.wordpress.com/wp-admin/site-editor.php?postType=wp_template&postId=pub/twent
Source: chromecache_299.1.dr	String found in binary or memory: https://dartergary.wordpress.com/xmlrpc.php?rsd
Source: chromecache_274.1.dr, chromecache_221.1.dr, chromecache_325.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_274.1.dr, chromecache_221.1.dr, chromecache_325.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_274.1.dr, chromecache_221.1.dr, chromecache_325.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_299.1.dr	String found in binary or memory: https://fonts.wp.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuBWYMZ1rib2Bg-4.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://fonts.wp.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyYMZ1rib2Bg-4.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://fonts.wp.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyfMZ1rib2Bg-4.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://fonts.wp.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuFuYMZ1rib2Bg-4.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://fonts.wp.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYMZ1rib2Bg-4.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://fonts.wp.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuI6fMZ1rib2Bg-4.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://fonts.wp.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyeMZ1rib2Bg-4.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://fonts.wp.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfMZ1rib2Bg-4.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://fonts.wp.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuOKfMZ1rib2Bg-4.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://fqr44.wordpress.com/wp-content/uploads/2024/09/pdf-image.png?w=204
Source: chromecache_264.1.dr, chromecache_240.1.dr	String found in binary or memory: https://github.com/uuidjs/uuid#getrandomvalues-not-supported
Source: chromecache_300.1.dr	String found in binary or memory: https://google.com
Source: chromecache_300.1.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://images.asos-media.com
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://marketplace.asos.com
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://my.asos.com
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://my.asos.com/identity/register?ctaref=hp
Source: chromecache_300.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_246.1.dr, chromecache_303.1.dr, chromecache_300.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_299.1.dr	String found in binary or memory: https://pixel.wp.com/b.gif?v=noscript
Source: chromecache_325.1.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_249.1.dr	String found in binary or memory: https://s-ssl.wordpress.com/i/logo/gray-white-transparent-64.png
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://s.go-mpulse.net/boomerang/
Source: chromecache_246.1.dr, chromecache_303.1.dr	String found in binary or memory: https://s.pinimg.com/ct/core.js
Source: chromecache_299.1.dr	String found in binary or memory: https://s0.wp.com/_static/??/wp-content/js/rlt-proxy.js
Source: chromecache_299.1.dr	String found in binary or memory: https://s0.wp.com/i/blank.jpg
Source: chromecache_299.1.dr	String found in binary or memory: https://s0.wp.com/wp-content/blog-plugins/marketing-bar/css/marketing-bar.css?m=1729529312i&cssminif
Source: chromecache_299.1.dr	String found in binary or memory: https://s0.wp.com/wp-content/mu-plugins/actionbar/actionbar.css?v=20241015
Source: chromecache_299.1.dr	String found in binary or memory: https://s0.wp.com/wp-content/mu-plugins/actionbar/actionbar.js?v=20231122
Source: chromecache_299.1.dr	String found in binary or memory: https://s1.wp.com/_static/??-eJzTLy/QTc7PK0nNK9HPLdUtyClNz8wr1i9KTcrJTwcy0/WTi5G5ekCujj52Temp
Source: chromecache_299.1.dr	String found in binary or memory: https://s1.wp.com/_static/??/wp-content/mu-plugins/core-compat/wp-mediaelement.css
Source: chromecache_299.1.dr	String found in binary or memory: https://s1.wp.com/i/favicon.ico
Source: chromecache_299.1.dr	String found in binary or memory: https://s1.wp.com/opensearch.xml
Source: chromecache_299.1.dr	String found in binary or memory: https://s1.wp.com/wp-content/js/mobile-useragent-info.js?m=1609849039i
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://s2.go-mpulse.net/boomerang/
Source: chromecache_299.1.dr	String found in binary or memory: https://s2.wp.com/i/logo/wpcom-gray-white.png
Source: chromecache_299.1.dr	String found in binary or memory: https://s2.wp.com/i/webclip.png
Source: chromecache_299.1.dr	String found in binary or memory: https://s2.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240i
Source: chromecache_299.1.dr	String found in binary or memory: https://s2.wp.com/wp-content/themes/h4/global.css?m=1420737423i&cssminify=yes
Source: chromecache_299.1.dr	String found in binary or memory: https://s2.wp.com/wp-content/themes/pub/twentytwentyfour/assets/fonts/cardo/cardo_italic_400.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://s2.wp.com/wp-content/themes/pub/twentytwentyfour/assets/fonts/cardo/cardo_normal_400.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://s2.wp.com/wp-content/themes/pub/twentytwentyfour/assets/fonts/cardo/cardo_normal_700.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://s2.wp.com/wp-content/themes/pub/twentytwentyfour/assets/fonts/inter/Inter-VariableFont_slnt
Source: chromecache_246.1.dr, chromecache_303.1.dr	String found in binary or memory: https://sc-static.net/scevent.min.js
Source: chromecache_185.1.dr	String found in binary or memory: https://secure.asos.com/
Source: chromecache_294.1.dr	String found in binary or memory: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Source: chromecache_299.1.dr	String found in binary or memory: https://subscribe.wordpress.com
Source: chromecache_299.1.dr	String found in binary or memory: https://subscribe.wordpress.com/
Source: chromecache_325.1.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_274.1.dr, chromecache_221.1.dr, chromecache_325.1.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_274.1.dr, chromecache_221.1.dr, chromecache_325.1.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_274.1.dr, chromecache_221.1.dr, chromecache_325.1.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_246.1.dr, chromecache_303.1.dr, chromecache_300.1.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://twitter.com/ASOS
Source: chromecache_142.1.dr, chromecache_299.1.dr	String found in binary or memory: https://uSqe.bin4tgla.com/fpI2Ggql/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://uk.pinterest.com/asos/
Source: chromecache_299.1.dr	String found in binary or memory: https://wordpress.com/abuse/?report_url=https://dartergary.wordpress.com
Source: chromecache_299.1.dr	String found in binary or memory: https://wordpress.com/log-in?redirect_to=https%3A%2F%2Fdartergary.wordpress.com%2F2024%2F10%2F29%2Fh
Source: chromecache_299.1.dr	String found in binary or memory: https://wordpress.com/post
Source: chromecache_299.1.dr	String found in binary or memory: https://wordpress.com/read/feeds/163712490
Source: chromecache_299.1.dr	String found in binary or memory: https://wordpress.com/start/
Source: chromecache_299.1.dr	String found in binary or memory: https://wordpress.com/start/?ref=marketing_bar
Source: chromecache_299.1.dr	String found in binary or memory: https://wp.me/g8Jvj
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com
Source: chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/accessibility/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/api
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/assets/uilib/content-ui-library-5.0.0-c2f7f9fe-40.css
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/assets/uilib/content-ui-library-5.0.0-c2f7f9fe-40.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/au/
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://www.asos.com/customer-care/product-stock/how-are-products-ranked-on-asos/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/de/
Source: chromecache_141.1.dr, chromecache_190.1.dr	String found in binary or memory: https://www.asos.com/de/entdecken/impressum/
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://www.asos.com/de/kundenservice/produkte-bestand/wie-werden-artikel-auf-asos-aufgelistet/
Source: chromecache_141.1.dr, chromecache_190.1.dr	String found in binary or memory: https://www.asos.com/discover/asos-details/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/discover/our-apps/?ctaref=hp
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/dk/
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://www.asos.com/dk/kundeservice/produkt-lager/hvordan-er-produkter-rangeret-hos-asos/
Source: chromecache_141.1.dr, chromecache_190.1.dr	String found in binary or memory: https://www.asos.com/dk/udforsk/asos-details/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/es/
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://www.asos.com/es/atencion-al-cliente/producto-stock/como-estan-ordenados-los-productos-en-aso
Source: chromecache_141.1.dr, chromecache_190.1.dr	String found in binary or memory: https://www.asos.com/es/descubre/asos-details/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/fr/
Source: chromecache_141.1.dr, chromecache_190.1.dr	String found in binary or memory: https://www.asos.com/fr/decouvrez/asos-details/
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://www.asos.com/fr/service-client/produits-stocks/comment-les-produits-sontils-class
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/it/
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://www.asos.com/it/assistenza-clienti/prodotti-disponibilita/come-vengono-classificati-i-prodot
Source: chromecache_141.1.dr, chromecache_190.1.dr	String found in binary or memory: https://www.asos.com/it/scopri/asos-details/
Source: chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/men/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/men/sale/ctas/price-point-2/cat/?cid=51241#nlid=mw
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/men/sale/ctas/price-point-3/cat/?cid=51242#nlid=mw
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/men/sale/ctas/price-point-4/cat/?cid=51243#nlid=mw
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/nl/
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://www.asos.com/nl/klantenservice/artikelen-voorraad/hoe-worden-artikelen-gerangschikt-op-asos/
Source: chromecache_141.1.dr, chromecache_190.1.dr	String found in binary or memory: https://www.asos.com/nl/ontdek/asos-details/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/payments-and-deliveries/premier-delivery/?ctaref=hp
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/payments-and-deliveries/returns/?country=gb&ctaref=hp
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/pl/
Source: chromecache_141.1.dr, chromecache_190.1.dr	String found in binary or memory: https://www.asos.com/pl/odkryj/asos-details/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/privacy-policy/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/se/
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://www.asos.com/se/kundservice/varor-lagerstatus/hur-rankas-produkterna-pa-asos/
Source: chromecache_141.1.dr, chromecache_190.1.dr	String found in binary or memory: https://www.asos.com/se/upptack/asos-details/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/search/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/terms-and-conditions/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/us/
Source: chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/women/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/women/sale/ctas/price-point-2/cat/?cid=51237#nlid=ww
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/women/sale/ctas/price-point-3/cat/?cid=51238#nlid=ww
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/women/sale/ctas/price-point-4/cat/?cid=51239#nlid=ww
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://www.asos.jp/ja-jp/?utm_source=https://asos.com&utm_medium=redirect&ctaref=globalbanner
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://www.asos.kr/ko-kr/?utm_source=https://asos.com&utm_medium=redirect&ctaref=globalbanner
Source: chromecache_300.1.dr	String found in binary or memory: https://www.google.com
Source: chromecache_274.1.dr, chromecache_186.1.dr, chromecache_221.1.dr, chromecache_316.1.dr, chromecache_325.1.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_300.1.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_300.1.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_246.1.dr, chromecache_303.1.dr, chromecache_300.1.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_300.1.dr	String found in binary or memory: https://www.googletagmanager.com/dclk/ns/v1.js
Source: chromecache_246.1.dr, chromecache_303.1.dr, chromecache_300.1.dr	String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: chromecache_274.1.dr, chromecache_221.1.dr, chromecache_325.1.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__.
Source: chromecache_265.1.dr, chromecache_242.1.dr, chromecache_186.1.dr, chromecache_316.1.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.instagram.com/asos/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.snapchat.com/add/asosfashion
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.tiktok.com/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.youtube.com/asos

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49808 version: TLS 1.2

Source: classification engine

Classification label: mal72.phis.win@25/302@124/28

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1912,i,8132146414401361413,4510033593977308464,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://dartergary.wordpress.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1912,i,8132146414401361413,4510033593977308464,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://dartergary.wordpress.com/"	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Persistence and Installation Behavior

AI detected landing page (webpage, office document or email)

Source: https://dartergary.wordpress.com/	LLM: Page contains button: 'VIEW SECURE DOCUMENT' Source: '1.0.pages.csv'
Source: https://dartergary.wordpress.com/	LLM: Page contains button: 'VIEW SECURE DOCUMENT' Source: '1.1.pages.csv'

AI detected suspicious URL

Source: Email

JoeBoxAI: AI detected suspicious URL: URL: https://usqe.bin4tgla.com/fpI2Ggql/

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.186.68	unknown	United States	15169	GOOGLEUS	false
151.101.130.137	code.jquery.com	United States	54113	FASTLYUS	false
104.16.80.73	unknown	United States	13335	CLOUDFLARENETUS	false
192.0.78.13	unknown	United States	2635	AUTOMATTICUS	false
192.0.78.12	lb.wordpress.com	United States	2635	AUTOMATTICUS	false
34.49.241.189	logx.optimizely.com	United States	2686	ATGS-MMD-ASUS	false
151.101.66.137	unknown	United States	54113	FASTLYUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
142.250.184.228	unknown	United States	15169	GOOGLEUS	false
142.250.184.196	unknown	United States	15169	GOOGLEUS	false
151.101.2.92	s2-cloudinary-pin-sni.map.fastly.net	United States	54113	FASTLYUS	false
54.194.45.227	dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com	United States	16509	AMAZON-02US	false
192.0.73.2	0.gravatar.com	United States	2635	AUTOMATTICUS	false
63.140.62.17	asos.com.ssl.d3.sc.omtrdc.net	United States	15224	OMNITUREUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
192.0.77.32	fonts.wp.com	United States	2635	AUTOMATTICUS	false
104.18.66.57	cdn.optimizely.com	United States	13335	CLOUDFLARENETUS	false
104.21.85.92	usqe.bin4tgla.com	United States	13335	CLOUDFLARENETUS	true
104.16.79.73	static.cloudflareinsights.com	United States	13335	CLOUDFLARENETUS	false
192.0.76.3	stats.wp.com	United States	2635	AUTOMATTICUS	false
52.49.181.118	unknown	United States	16509	AMAZON-02US	false
54.171.192.42	unknown	United States	16509	AMAZON-02US	false
188.114.96.3	hib4k6i4e0wuyxupagrlur637pll4b5cys71i1hba1alaqpyfije.unimpociarp.com	European Union	13335	CLOUDFLARENETUS	false
142.250.186.164	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.4
192.168.2.17
192.168.2.16
192.168.2.18

Contacted Domains

Name	IP	Active
stats.wp.com	192.0.76.3	true
logx.optimizely.com	34.49.241.189	true
a.nel.cloudflare.com	35.190.80.1	true
static.cloudflareinsights.com	104.16.79.73	true
hib4k6i4e0wuyxupagrlur637pll4b5cys71i1hba1alaqpyfije.unimpociarp.com	188.114.96.3	true
0.gravatar.com	192.0.73.2	true
fonts.wp.com	192.0.77.32	true
usqe.bin4tgla.com	104.21.85.92	true
cdn.optimizely.com	104.18.66.57	true
asos.com.ssl.d3.sc.omtrdc.net	63.140.62.17	true
s2.wp.com	192.0.77.32	true
code.jquery.com	151.101.130.137	true
pixel.wp.com	192.0.76.3	true
s2-cloudinary-pin-sni.map.fastly.net	151.101.2.92	true
lb.wordpress.com	192.0.78.12	true
www.google.com	142.250.186.164	true
a19065870423.cdn.optimizely.com	104.18.66.57	true
s0.wp.com	192.0.77.32	true
s1.wp.com	192.0.77.32	true
dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com	54.194.45.227	true
fqr44.wordpress.com	unknown	unknown
images.asos-media.com	unknown	unknown
ci.asosservices.com	unknown	unknown
www.asos.com	unknown	unknown
cm.everesttech.net	unknown	unknown
dartergary.wordpress.com	unknown	unknown
asos.demdex.net	unknown	unknown
metrics.asos.com	unknown	unknown
dpm.demdex.net	unknown	unknown
creativeassets.asosservices.com	unknown	unknown
my.asos.com	unknown	unknown
resources.asosservices.com	unknown	unknown
res.cloudinary.com	unknown	unknown
s2.go-mpulse.net	unknown	unknown
www.asosglobal.com	unknown	unknown
assets.asosservices.com	unknown	unknown
content.asos-media.com	unknown	unknown
www.asos-video.com	unknown	unknown
reporting.go-mpulse.net	unknown	unknown
c.go-mpulse.net	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	false	URL Reputation: safe	unknown
https://0.gravatar.com/js/hovercards/hovercards.min.js?ver=202444448e29c9ec460f70535c7958cd60e9e2980f935c5309d61d08f40d080a876779	false		unknown
https://www.google.com/recaptcha/api2/payload?p=06AFcWeA5CRWb0pqYXQQK9znJ5KV0VwEOa4LwTb8cyN7pOwIZZ04W9ux6A5u-MAbH1xLyDQMREJb298rgjzqYg-SfwWz7xWuHpDGxazw8zRRljMsmI_2zKtxQ_m35rkCI5Lk7f5FhQABxvWvoIdrGF0A4ARXIg27QobrPOi2xAvxvGvMxG3zZi2Qucrr1lJTYtpc5XFS8wOT6E2kdH05v1_mpmO1RBCjs__A&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=70db3a36bb8782c5	false		unknown
https://cdn.optimizely.com/js/19181552552.js	false		unknown
https://s0.wp.com/wp-content/mu-plugins/actionbar/actionbar.css?v=20241015	false		unknown
https://s2.wp.com/i/logo/wpcom-gray-white.png	false		unknown
https://www.google.com/recaptcha/api2/payload?p=06AFcWeA6aKgKXaVx0pzUyPhNpP81tC9vowwRIv_H5QEpw_3-VVjJAix-NPyxXGouAtmE_vTn4S_euGzGphYBBQHDxbQPANlvJA0FKUilBpXe45XLcNk7ElD-2BBdElX3zgpt8KT_nXNv4Nq9utVoF4ywsZvwR_z0gphSUFaSuQjnZENd_jRXJR1Pm2UFXwUh2k-4aITHgyHKtpHhb4bD9uwlpYOW4FhCp_w&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=e2eca1451c1cfc28	false		unknown
https://s2.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1719498190i&ver=6.7-RC1-59308	false		unknown
https://pixel.wp.com/g.gif?blog=238502921&v=wpcom&tz=-4&user_id=0&subd=dartergary&host=dartergary.wordpress.com&ref=&rand=0.82970019227276	false		unknown
https://www.google.com/js/bg/p-7RyvuJU9m0QQmVDJx8SL9t4pWXVpOJSp0296ydJmo.js	false		unknown
https://www.google.com/recaptcha/api2/payload?p=06AFcWeA4blY5MVPIuxvSqI2F8cJcTKI2jykD8dKcYCKNyJQdUqY-SQpdKOMdYDiVMy4PmaNToi6BkEpkYn5Zl4Gtipty5tV9tppOBZgn-Pgvikm2gLFlilOhjl2gYxwcbr39AqOMgA0M752LSRhzi28wHTsBKKrDYHyZwev37Obyl2ymyAWoy6C_LXFsPc9tyfe9W6qCDaYfwhprtiyWI7IdDeYk-gjLmVg&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=34d5e020329daa00	false		unknown
https://www.google.com/recaptcha/api2/payload?p=06AFcWeA7hWBNHMulugtwoVWu7X763ky27tPptOgTfOFgi0ix1mEsIbU1bV0fMrExjgEe-XsEDkSQQ-scQizQ4ie4ZKTRVXCMEJg7q5bRV1gkwixSdbl21ToeD4P9mpA7Laa8XaFr4zFrMcnN40ikXzItuICvb2_osnQeehe4--t1C7gr2i6nMa9QSddKi7xInP1h-SiEKj2cy6oKqzHeLl4B_GLV50U1Rqg&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=bda71fdb839543f2	false		unknown
https://pixel.wp.com/g.gif?crypt=UE40eW5QN0p8M2Y%2FRE1mJVY3bm9aR3VCbS9mWm1pRyZuJS1LX1t5QmRXZzE3RC9rQWZHK1FjbDltdWdaMVFFZTcxUGVHLWR0WTJoODFFSDFKMmdBdysuWmJ6fkpUJXxZPVlCQm1qNSxSYkxYZXV0d1ZYLjE1aVdvYUNlcHlGVl0vNXF%2BVEw2QmdPMUg9NjdbdU05bi4%2FZnomWzdTdHwyV3RtM25VTEE0Sm50bFozWEt5VWJ5UDU4Nk1NQ0E1R3A4VityWnxrYS80QUtiWTkuXXc1NnN5RGtkNGpCY2I9TyxuTFNJXW5FWGtVLEMxK0h%2BLndnQnc%3D&v=wpcom-no-pv&rand=0.16543343148914724	false		unknown
https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=C0137F6A52DEAFCC0A490D4C%40AdobeOrg&d_nsid=0&ts=1730229081200	false		unknown
https://a19065870423.cdn.optimizely.com/client_storage/a19065870423.html	false		unknown
https://s2.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240i	false		unknown
https://a19065870423.cdn.optimizely.com/cdn-cgi/rum?	false		unknown
https://www.google.com/recaptcha/api2/payload?p=06AFcWeA5i8qwOuZB2iEwQDIdMHHWCLx-DuxUkeqApRjcEcwOaom8dbnwlDBi1LlrOXwLH5TEg1nTW6DY2EP82MHHV_XtkT-xVrmmSi4TaBKCqrmS785OToDqZC8eHMnTJ0gBeLGZ-3VLhLefrMu_iOeAskLfzs-v_AMWbEnd86JjsFN5vRmcIAtKhS2jJI5Ksj3hLyAIddd9_O15f6l1Uupsya2vGXfDoAQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=3cc9e5c0b37478a1	false		unknown
https://logx.optimizely.com/v1/events	false	URL Reputation: safe	unknown
https://www.google.com/recaptcha/api2/payload?p=06AFcWeA4bYc0s2zwhr0Dhx3dOazn3Hh4p7uY3CSETn6dA6rvCiWHE9OA-nOmnfN2ANundmWGke1Bjv2xi-GV3TO2LoMbXM_R2zufPfoD0XFD4lwrhK2FVthto7931CtAU3kcdffWKVtfZ2JNZsE0pCei2Leq-gBpTy3a6KgoAUB32sE_lB_-9wzhzHVikGwjcRkW_oG1wzKT1sJC3C7lN64gfM9pbHpzGzQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=8a68f4902f9f4669	false		unknown
https://hib4k6i4e0wuyxupagrlur637pll4b5cys71i1hba1alaqpyfije.unimpociarp.com/qdpjrzhatduxxtuetbpHeUBGVUCFBHGNDJGJTMHXFMZFJYWFCBGLPUJYUAPTPOGHOIQ	false		unknown
https://fonts.wp.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfMZ1rib2Bg-4.woff2	false		unknown
https://metrics.asos.com/b/ss/asoscomprod/1/JS-2.1.0/s62048325749810?AQB=1&ndh=1&pf=1&t=29%2F9%2F2024%2015%3A11%3A26%202%20240&mid=91889772507628273200045547028246444940&aamlh=6&ce=UTF-8&ns=asos&pageName=desktop%20com%7Chome%20page%7Chome&g=https%3A%2F%2Fwww.asos.com%2F&r=https%3A%2F%2Fusqe.bin4tgla.com%2F&ch=home%20page%20&server=desktop%20com&events=event128%3D-1730229075288%2Cevent121%2Cevent79&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=home&v1=1&c2=home&c3=home&c5=2024-10-29T19%3A11%3A26.738Z&v6=home&c8=home&c11=https%3A%2F%2Fwww.asos.com%2F&v17=New&v19=1280%3A907&v29=1582&v30=-1730229075288&c39=mw%20brand%201%2Cmw%20brand%202%2Cmw%20brand%203%2Cmw%20brand%204%2Cww%20brand%201%2Cww%20brand%202%2Cww%20brand%203%2Cww%20brand%204%2Cshop%20mw%20brands%20cta%2Cshop%20ww%20brands%20cta%2Cfeature%201%2Cfeature%202%2Cfeature%203%2Cfeature%204%2Chero%2Cthe%20biggest%20labels%20title%2Cwomens%20categories%20title%2Cww%20uk%20seo%20links%2Cmens%20categories%20title%2Cmw%20uk%20seo%20links%2C&v60=home&v61=home&v112=gb&v113=gbp&v137=26f843c4e1bf4d7f97df8b22e4336f2c&v225=1&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=907&mcorgid=C0137F6A52DEAFCC0A490D4C%40AdobeOrg&AQE=1	false		unknown
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&co=aHR0cHM6Ly91c3FlLmJpbjR0Z2xhLmNvbTo0NDM.&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=5a6ztk5kgw7u	false		unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 18:09:40 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	C77C9A7B82F7DE911F66C9BCA4FF4DBD	76F6DCC6BEA25CD477C923501BB115EF6C382299	E1A99506A7028A15AA8890835392F749EB872C5FEEB7D796AC2C34E56C2EA04E
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 18:09:40 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	D729A69B30D3A860784369C1F2C5AF29	C3C95606D78C3896522722E971450E4042FA5BCA	92B88E522A5EC02410A1592EF67E225737A5EA0916E658460B43E5F4FDC153D3
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	474371F78E8CA1A7DF0A4B36F2E44397	D6804D31D6E71A6557EE8B90009E9C28F48EA163	7392B142157EC3F84E9A11B8349D53F92A382F3D4FE2143F951784A1EF55ED20
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 18:09:40 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	4AD43E3975594582689C54D0868B9ADA	F5F845A9271D03F7FB84A9BC1E82DAE9E61EF754	366D0E88C1EE02DA620E7DE5B5D4C615A6BDB5EC9DEBAA60A610BB1723227C87
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 18:09:40 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	C4EAC35C506B826DEEC2EC93BA99A009	9F3CDD25AAED8741ECFB4F099BFBE138B528DC38	DA25FC0F3C696CB1ACAD6A73F1F52E3069DCCC8E2F3F35124F42ACFE00DE600D
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 18:09:40 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	02B8E9B28158CD0D6A43BE7463244E67	66D7985600C4810A9837B48F32D8833068B899AF	C0A02C067499CABE5A7DF2889F63BC441E649CCCC6E57A4552673A6F5D3DC41D
Chrome Cache Entry: 141	Unicode text, UTF-8 text, with very long lines (65534), with no line terminators	483833CB6162C627DE1845CB475A73B9	82C3FA2F439105AFABC5C4967FD063DCBADAAC1C	641D06A33C26BCB862EFB7273FBDD98BD37927E73AA59D77CD18712053A1622D
Chrome Cache Entry: 142	HTML document, ASCII text, with very long lines (8493), with CRLF line terminators	19773BA5C37CBDD3188D965A0ADB7907	B86238097ED45899BE9427EA14B1CCBD16F455B1	DD18789248673D8BC5201B9996DA44FB075A9F6EBEAD33CD48FD42436F009211
Chrome Cache Entry: 143	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	3B3B7074D0DDCB23F3252C28322A4209	27D894D07D5B998D8237D676A6C7B7D10FD0C192	E45294734EFD85FDC485835B30C844B6F40AF18A9C9B86D150F465880FF01FC0
Chrome Cache Entry: 144	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3	58CFBD85D0631A0C45BBBF5BD5A38212	C286C5893086E2610FE799D453ACF71F90BCB3E9	A840AF3A71FE2B7F2F185D1294F5C342EA310509629C26CBCD2F6EE71AC729CA
Chrome Cache Entry: 145	GIF image data, version 89a, 6 x 5	E4D673A55C5656F19EF81563FB10884C	1F2D8ED221D39329251AD3A6FF1EDB20B7219443	F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
Chrome Cache Entry: 146	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3	BEA11CF813FB2842622154D9F736C768	BB2C2D44052DD1495E794CD3C8E0CFE4BC9B8C42	5B1AE877A66A4D4840C95AB34253A6DA1FF07C58616BA32718DC78E47A90DC75
Chrome Cache Entry: 147	ASCII text, with very long lines (13581), with no line terminators	D1873BD76A3631DA0BEEF1D8ED9F15BA	6924B4BD64513F2A650672F22E7AB12F82E17748	448E29C9EC460F70535C7958CD60E9E2980F935C5309D61D08F40D080A876779
Chrome Cache Entry: 148	ASCII text, with very long lines (18298)	87F3F1784464A56B80F04D1C64FAC841	66ED80D249257F5352375A3F12103538963D7CFD	A7EED1CAFB8953D9B44109950C9C7C48BF6DE295975693894A9D36F7AC9D266A
Chrome Cache Entry: 149	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3	17BBE1D5A582E95F6535CD303BE75A58	B5E2588569EE2AD83D79E08F54A5D66B8C5FE494	173965F7FD3E16B537BE8F01BFCD3C3C571798B948ED30DC087CEF602FFCB511
Chrome Cache Entry: 150	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3	11C2359AAFCF468EC51BFDB6CD9DC298	746BC31D8024EEFCB69B65BDFC772DDBF819F9BE	87F878F4D2B83240BFA4FF8E43270492EA579D477B9079ABC4317B1919946B7A
Chrome Cache Entry: 151	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3	1D47DA8B602583C435B1755B377B6AE2	7304E9C5D55B88EE14EA8062827F2448215CDFBF	B19A9A4C0DEEE1A04413D62A669C2B8FA18C34D1E0219C469CB789E53A69BBA4
Chrome Cache Entry: 152	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x450, components 3	B8019DA24C68E07D1614F15EDC6FAF60	602C6C0EC719765E9170BDF6BBFBEB319F0D7B72	548FFFD05ADC25D285E7FDF0D4D6D1AE2C60EC613A58E8662D3ED75F2BF14257
Chrome Cache Entry: 153	ASCII text, with very long lines (13581), with no line terminators	D1873BD76A3631DA0BEEF1D8ED9F15BA	6924B4BD64513F2A650672F22E7AB12F82E17748	448E29C9EC460F70535C7958CD60E9E2980F935C5309D61D08F40D080A876779
Chrome Cache Entry: 154	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3	E7A62467D102E596F947DC41929FA80F	68357309E9E8CDBD8A202B5BF19BF6ECD9089DC0	EC0CDFF11D0AF6854EF1834862094FBF4C4AE8801D8D1295C6D15C21A330E0EE
Chrome Cache Entry: 155	Unicode text, UTF-8 text, with very long lines (65468), with no line terminators	073F90A0B2456DB0BDA0A8012B4C8455	675F2D5CB993A1F8D15E5A5D80B6CE60C39CA4E1	F01C4B46E70121861FF6877E1F76FE23D6842B5FEB6C24B475E76229CD59D84A
Chrome Cache Entry: 156	ASCII text, with very long lines (26334)	3667B64516B460AE907CE815618207AB	88A4E8491DBCF88BF76486534CAD0BD99192C614	2BDC31421C9AD184399B387B910AF5B7110732E2B3B532FD1EEA1E3ED4CFCF38
Chrome Cache Entry: 157	ASCII text, with very long lines (39065)	4EB0F26BEEA5BC3779D90A27AC8EDB62	7EC8DEBBCDB7882226AF572A55AB5956184E20F7	4EA88C3B946290B7117C0941C91AE01DBD7F294AB8C4C359775371379436AA81
Chrome Cache Entry: 158	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x450, components 3	B8019DA24C68E07D1614F15EDC6FAF60	602C6C0EC719765E9170BDF6BBFBEB319F0D7B72	548FFFD05ADC25D285E7FDF0D4D6D1AE2C60EC613A58E8662D3ED75F2BF14257
Chrome Cache Entry: 159	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	0F2A4639B8A4CB30C76E8333C00D30A6	57E273A270BB864970D747C74B3F0A7C8E515B13	44B988703019CD6BFA86C91840FECF2A42B611B364E3EEA2F4EB63BF62714E98
Chrome Cache Entry: 160	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	E6FBABBCD80570A9DFA0386C25FA2C08	D6B62AE10B83FE728788BCC00ED362847E1DF566	B7731EE671044B5581899B859A98227365A32ADBBBCDDF652BBDBED8E4F0DFDE
Chrome Cache Entry: 161	ASCII text, with no line terminators	AFB69DF47958EB78B4E941270772BD6A	D9FE9A625E906FF25C1F165E7872B1D9C731E78E	874809FB1235F80831B706B9E9B903D80BD5662D036B7712CC76F8C684118878
Chrome Cache Entry: 162	ASCII text, with very long lines (7779), with no line terminators	D95700F8C56224530C0ADE0983ABE567	690FAA8B6EC6F6D1512B8FB9D17F4BBDC432C042	DC0897FD44CCEFE899CD27C2130ADA44AF36F3AC16F51AD599DA7FEDD0E129A0
Chrome Cache Entry: 163	Unicode text, UTF-8 text, with very long lines (4450)	3C8F93FEC24C564BD9DDFDA68827666A	968CA6A78637C83D539D5603BF8FDAFD72C1E4A6	EE6F5A3E3C885FEDD52B015CAB0F1847A86805DCE43723C9F6550D98BC2FCA03
Chrome Cache Entry: 164	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	3E5F5806E1B496D0A85BF8D15CB3AB00	70D14CD37829384584C4A1114D8A2C244795E709	7C9F22AE56B4C78410EEA799E85D1E2CFD46330C55F8C629D5E412852982A295
Chrome Cache Entry: 165	ASCII text, with very long lines (15752)	B976B651932BFD25B9DDB5B7693D88A7	7FCB7CB5C11227F9213B1E08A07D0212209E1432	4E6CE5444C7F396CEF0EB1FA3611034151E485DD06FBE5573A5583E1EEBC98C3
Chrome Cache Entry: 166	Web Open Font Format (Version 2), TrueType, length 91700, version 1.590	2DADBB3C03C1CDF1491621ADCAA9EA84	8773EFEC2A3A7235FE0FB6E700D113D9401CB6AF	BB391EE077B5B90859C5EBC8CD3AC6B5D6D90ADF15AF75E3CF04EE1690B90821
Chrome Cache Entry: 167	ASCII text	FEFAD1DDF3C888F66E430221294FA111	500266193855751FBE2581E48EE570A0AEEFEB8D	9475967B4ED1A722227C1316D6F17795F4363C839A42B4336557528DF89664FE
Chrome Cache Entry: 168	ASCII text, with very long lines (65447)	8FB8FEE4FCC3CC86FF6C724154C49C42	B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4	FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
Chrome Cache Entry: 169	PNG image data, 500 x 500, 8-bit colormap, non-interlaced	5F7B74563BAFAFF6E4CA77BB82D511C5	EBCB367071A682D64A2E6471D553AD1FC1F90CD6	C0E93B5EBF107AF77D9E7D101D186B3B93E9D5AD4FBB6A74E2DEA60173CC04F8
Chrome Cache Entry: 170	ASCII text, with very long lines (56943)	168008A26F9E32C4FC5449BAABBB8924	021F48E00109F931F930042B0CC75732DE23AF16	194B419E7C48A7893691594652358A8F3029B71BC083FCB59DF98811ECEA4994
Chrome Cache Entry: 171	GIF image data, version 89a, 6 x 5	E4D673A55C5656F19EF81563FB10884C	1F2D8ED221D39329251AD3A6FF1EDB20B7219443	F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
Chrome Cache Entry: 172	ASCII text, with very long lines (12788), with no line terminators	EF880BE61458E4E89C9CB9D99D2D300E	C7740F6524CFAB6084682B1CE320B2E5E9C4D4CC	79674B01741C3978417B6B9B4B98D125755E7BB468979D5CD593EAC4B94CDB91
Chrome Cache Entry: 173	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	814C967BCFF1E61CBD2FBCA2ABFA73EB	F4359D25B4529B960150769BC8B297C1BB115A5C	D964E97D2D522765DAA6EC422A62C547F2B5564C8616C9F4BF3D7AFA08C99BE2
Chrome Cache Entry: 174	Unicode text, UTF-8 text, with very long lines (10125)	10F88843A3C699872A9C7EA0036F093D	1A237FE89B282A2528C167DB50289B77A036EAA9	168088186C150D04871D7BC9E98EE9BAE60269F9F45005ABDF7803BBFAAC7245
Chrome Cache Entry: 175	ASCII text, with very long lines (369), with no line terminators	70CD7908A2CC98D079D8E6D79484E95D	0F08CF1458EBF5BD79439DE9A82DF7C30D98287D	9C83B89AB9D2677980617AFACB833A74DA3050A2D3D711176B500D7922E49AB5
Chrome Cache Entry: 176	HTML document, ASCII text	B82B1D80A9A7125C3030FBF9CF76B8F0	8912AC0211D62F273487C4A4F5FC1C07EC459485	E21EF49782C01E7624EB1594DD969753841C96A12D9D6E3F5DEFA61BEC4CF8B3
Chrome Cache Entry: 177	ASCII text, with very long lines (19948), with no line terminators	EC18AF6D41F6F278B6AED3BDABFFA7BC	62C9E2CAB76B888829F3C5335E91C320B22329AE	8A18D13015336BC184819A5A768447462202EF3105EC511BF42ED8304A7ED94F
Chrome Cache Entry: 178	ASCII text, with very long lines (723)	88A2E0A522036C0B87E03552E56629AA	EC9D1157518E753A84DBDE1333A29B34CF776D63	788AFB96F2DA68E8729EC35F3D5E381FAD3482D37C54C2195C7311440EE4C27E
Chrome Cache Entry: 179	ASCII text	FEFAD1DDF3C888F66E430221294FA111	500266193855751FBE2581E48EE570A0AEEFEB8D	9475967B4ED1A722227C1316D6F17795F4363C839A42B4336557528DF89664FE
Chrome Cache Entry: 180	ISO Media, AVIF Image	CCE47E1CA1DF7B1E50E84490634C9C43	450DADF1B1F7B6BC5AD27447EB74DE59716F3E01	9015D2D9293931B46E1809860B5B97996EA1236EBEE3498C4BEB01D7FCB27F80
Chrome Cache Entry: 181	ASCII text, with very long lines (26334)	3667B64516B460AE907CE815618207AB	88A4E8491DBCF88BF76486534CAD0BD99192C614	2BDC31421C9AD184399B387B910AF5B7110732E2B3B532FD1EEA1E3ED4CFCF38
Chrome Cache Entry: 182	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3	17BBE1D5A582E95F6535CD303BE75A58	B5E2588569EE2AD83D79E08F54A5D66B8C5FE494	173965F7FD3E16B537BE8F01BFCD3C3C571798B948ED30DC087CEF602FFCB511
Chrome Cache Entry: 183	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	B4A4AEEF41EE413911BDF53724431511	F84E97D881DD1D90C191103EA1715D5A646D319F	3B672FA58CC2E0A0A21C7AEE6E5D8B9A3CB8BA2C7692BEFB7E69EC29F24B895F
Chrome Cache Entry: 184	HTML document, Unicode text, UTF-8 text, with very long lines (44400)	10D497EBAED7684B01350C94B2173F36	AE63FFA53C6C3B36C97D7AF280037AE9738A43EE	4602879D326AFCA6F961464C1DC2C8199F9EF10A0E1C59546424FCBB64242296
Chrome Cache Entry: 185	HTML document, ASCII text, with very long lines (51253), with CRLF, LF line terminators	E155C85E8DB604CECD8E16B9D10BD18D	0B4FAB5DE6E0CE5E4008DDC117126A560B4BEA2E	235DEFD3B56267A94592495B2AC810E31E744FDCB1ED893C7C70BF7F3B19B51F
Chrome Cache Entry: 186	ASCII text, with very long lines (1436), with no line terminators	6AC1AAC0E4A97806847BEBE09B43BFD8	448435E86E1C1106738999B419EB42E31A6C2033	256A34EF09CBD3706D44C9225BAF1C1C129F9012499554D3E7812D21117F25A3
Chrome Cache Entry: 187	ASCII text, with very long lines (50450)	76F55EE255012A4A449F15A401D952A3	B02E1D4D68EA9210C715C118F00BFAF22C269CCB	037B8F92A29A18ABEB0DCE30FC8CA5B6DC8BF4220383AF63E013C29F8464339C
Chrome Cache Entry: 188	Web Open Font Format (Version 2), TrueType, length 15552, version 1.0	285467176F7FE6BB6A9C6873B3DAD2CC	EA04E4FF5142DDD69307C183DEF721A160E0A64E	5A8C1E7681318CAA29E9F44E8A6E271F6A4067A2703E9916DFD4FE9099241DB7
Chrome Cache Entry: 189	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3	00B393C32DDE96A34D26E19DAB26441D	A8B09C6BE5D0EDBC731ED9D06DF2D645184DC88B	ECE3E8B6F7425915ED406AE6E912105EB2A438AA6C8DA32179D831C17DD62817
Chrome Cache Entry: 190	Unicode text, UTF-8 text, with very long lines (65534), with no line terminators	483833CB6162C627DE1845CB475A73B9	82C3FA2F439105AFABC5C4967FD063DCBADAAC1C	641D06A33C26BCB862EFB7273FBDD98BD37927E73AA59D77CD18712053A1622D
Chrome Cache Entry: 191	ASCII text, with very long lines (738)	D86CE772A6BB358B9987EA88D23B60C8	1325F6E39579E11284D520185A891C56B6DC3EA9	38D3C4B3A6A06E51F13533948D0400423C37C53DDA699A697F15542B8F946D7B
Chrome Cache Entry: 192	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	0F2A4639B8A4CB30C76E8333C00D30A6	57E273A270BB864970D747C74B3F0A7C8E515B13	44B988703019CD6BFA86C91840FECF2A42B611B364E3EEA2F4EB63BF62714E98
Chrome Cache Entry: 193	ASCII text, with very long lines (8426), with no line terminators	F466CB6B256973317C2315741FAD9F49	EA2C62047A1697C19B06BE23871CA839849CB8A3	A6DC271CBDAA05E97C5144483628DF9E30B68326E5B04A5FEF3322AF1C0F22E0
Chrome Cache Entry: 194	SVG Scalable Vector Graphics image	8B80CE17A35BC980EDBCA32704FF6D4B	A0844CB982A1091BE97A175F6A353FFDDF92A597	83431FA4D894678730F7EA8D0FA1CDE613EC26BD059031BFF95530C5D70A1F10
Chrome Cache Entry: 195	ASCII text, with very long lines (65536), with no line terminators	ABDBABD2F2E147F7C92858569FC95BE9	1D981E9CC072BC9D0F6091DED25D4C9BCCD7535A	C337D001B48BCC81F20ABA396A11C291491ED9DB78845E9F98D07985379E1CB9
Chrome Cache Entry: 196	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	3E5F5806E1B496D0A85BF8D15CB3AB00	70D14CD37829384584C4A1114D8A2C244795E709	7C9F22AE56B4C78410EEA799E85D1E2CFD46330C55F8C629D5E412852982A295
Chrome Cache Entry: 197	ASCII text, with very long lines (311), with no line terminators	D29C41F4A6C13F38C2BDEB009C5DCF09	3F3DB604BACF02B91AAA59CF223990B727600045	947D703F577549CBB0B1A4143F3B363EC9C7CF309587D5B12B87F0E64FF99DB4
Chrome Cache Entry: 198	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3	E9EE5AD25C6928A55574A42A3CE1FA01	00C9BC8C1DE93D4279CB25631F89E5D7B04480D7	019EDFCFE79125D1CF41AE3AB7A269DAAE1E756EC27F375CB235EA1C49B0929A
Chrome Cache Entry: 199	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3	C82C26090F319798C7BDB14A510E2CA7	0C4A68834FA028B655347D9A49EA8AD243E6DDDF	491B43BD2483473FDF6C8F0B5A399D5CA88DA154C4DD576BB01C4FCC50BFB12A
Chrome Cache Entry: 200	GIF image data, version 89a, 6 x 5	E4D673A55C5656F19EF81563FB10884C	1F2D8ED221D39329251AD3A6FF1EDB20B7219443	F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
Chrome Cache Entry: 201	ASCII text, with very long lines (3323)	DF96BE962CD71015A6133F236AD6197A	ED042F69FC87A470ECA665D11DB4885D15D11D65	8380B28A36E999536835287BFDE7868608C79DA6A9935F2C0B091DF4CD393001
Chrome Cache Entry: 202	ASCII text, with very long lines (6113), with no line terminators	84D47CA1D55A2794BA71A628BA44C72A	CA68D49F59FE61BDCAA585AD3444D29ACFC6A520	3DDB970BEACA133988D2C7D9DA6883C3B81A5F5635C2A5B72EBF64438058D1C2
Chrome Cache Entry: 203	GIF image data, version 89a, 1 x 1	AD4B0F606E0F8465BC4C4C170B37E1A3	50B30FD5F87C85FE5CBA2635CB83316CA71250D7	CF4724B2F736ED1A0AE6BC28F1EAD963D9CD2C1FD87B6EF32E7799FC1C5C8BDA
Chrome Cache Entry: 204	ASCII text, with very long lines (3339)	BB4C55761E0BF2440C63900CEE1202A7	AD24FD87E5429D8357CC21B31970EDAA4466C5DC	42CB235ECBD9D1D131F379C7C0F6FB0D52F7F643BEA9D9BA1CBA01D3F39D686E
Chrome Cache Entry: 205	Unicode text, UTF-8 text, with very long lines (31976)	88BC94EBC5ED5FF8DD4F6BB388EA203C	780DA4EE83C4570394BE152F6410C302152F86A0	CCB30C86CA83B1B077C2F35F5C1F06EC0B03ED3BFE4EADF1F4E3F20CAAF1FCC8
Chrome Cache Entry: 206	ASCII text, with very long lines (50450)	76F55EE255012A4A449F15A401D952A3	B02E1D4D68EA9210C715C118F00BFAF22C269CCB	037B8F92A29A18ABEB0DCE30FC8CA5B6DC8BF4220383AF63E013C29F8464339C
Chrome Cache Entry: 207	HTML document, ASCII text, with very long lines (51254), with CRLF, LF line terminators	EA3D75B4FC9564F51FD98D520DC7F259	894003F8BE5705AC7E05B4BED240BE5370319C53	F8C081F14A69A365C3181DC7D0B6AD5CEB99AAFA5B6AD936F9627923D4297A10
Chrome Cache Entry: 208	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	814C967BCFF1E61CBD2FBCA2ABFA73EB	F4359D25B4529B960150769BC8B297C1BB115A5C	D964E97D2D522765DAA6EC422A62C547F2B5564C8616C9F4BF3D7AFA08C99BE2
Chrome Cache Entry: 209	Web Open Font Format (Version 2), TrueType, length 100328, version 1.0	C26F515D871B7504C1B1D7B0A78AA756	BE8DFC8708250BB5A53D2804D147B74D9516CEC7	A409B4776AC7E8E623C3963EC8598E77166A2B65A502907E1D3108C177818427
Chrome Cache Entry: 210	ISO Media, AVIF Image	AEA3F60A4572696E9B27683A9AE84E97	9D658FFCA30339020065BB00112DCA08BD6CD40F	8D30479054381B32AB7E1564474346745A6BCDF5FBBDD7110A1B7260A5C9EE0E
Chrome Cache Entry: 211	ASCII text, with very long lines (6113), with no line terminators	84D47CA1D55A2794BA71A628BA44C72A	CA68D49F59FE61BDCAA585AD3444D29ACFC6A520	3DDB970BEACA133988D2C7D9DA6883C3B81A5F5635C2A5B72EBF64438058D1C2
Chrome Cache Entry: 212	ASCII text, with very long lines (65447)	8FB8FEE4FCC3CC86FF6C724154C49C42	B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4	FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
Chrome Cache Entry: 213	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	60C9CC3825ADC832284FD90757C37ADB	9816C325E87F9C139C86C4CA26D364263E6B57CA	4B2575CF62363CAD5DDEBDFB8CA4F8DA40156FFEF1754537E659CD023D806087
Chrome Cache Entry: 214	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	EF9941290C50CD3866E2BA6B793F010D	4736508C795667DCEA21F8D864233031223B7832	1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A
Chrome Cache Entry: 215	ASCII text, with very long lines (3339)	BB4C55761E0BF2440C63900CEE1202A7	AD24FD87E5429D8357CC21B31970EDAA4466C5DC	42CB235ECBD9D1D131F379C7C0F6FB0D52F7F643BEA9D9BA1CBA01D3F39D686E
Chrome Cache Entry: 216	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	E6FBABBCD80570A9DFA0386C25FA2C08	D6B62AE10B83FE728788BCC00ED362847E1DF566	B7731EE671044B5581899B859A98227365A32ADBBBCDDF652BBDBED8E4F0DFDE
Chrome Cache Entry: 217	GIF image data, version 89a, 1 x 1	AD4B0F606E0F8465BC4C4C170B37E1A3	50B30FD5F87C85FE5CBA2635CB83316CA71250D7	CF4724B2F736ED1A0AE6BC28F1EAD963D9CD2C1FD87B6EF32E7799FC1C5C8BDA
Chrome Cache Entry: 218	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3	BEA11CF813FB2842622154D9F736C768	BB2C2D44052DD1495E794CD3C8E0CFE4BC9B8C42	5B1AE877A66A4D4840C95AB34253A6DA1FF07C58616BA32718DC78E47A90DC75
Chrome Cache Entry: 219	GIF image data, version 89a, 6 x 5	E4D673A55C5656F19EF81563FB10884C	1F2D8ED221D39329251AD3A6FF1EDB20B7219443	F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
Chrome Cache Entry: 220	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3	C82C26090F319798C7BDB14A510E2CA7	0C4A68834FA028B655347D9A49EA8AD243E6DDDF	491B43BD2483473FDF6C8F0B5A399D5CA88DA154C4DD576BB01C4FCC50BFB12A
Chrome Cache Entry: 221	ASCII text, with very long lines (701)	88A5FED5C87B1D3704AB225CFBE7A130	D64243C18FBAA356E4ABAE8414CCC4772D64060B	F8E5F5CE9FF44073CFF24BCD3D2B8AA4E67B67891B14FF929FE4743880FDF82E
Chrome Cache Entry: 222	ASCII text, with very long lines (2395), with no line terminators	F2735438C3644F881034553E528AD175	9CB05082628DBDBC6C1574D4EFE4922765BF5EC1	7D24C9900B5EF00D793E5E014A8EC3FB5F7279003B6D24C56172BACDB32DAB4C
Chrome Cache Entry: 223	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	07BF314AAB04047B9E9A959EE6F63DA3	17BEF6602672E2FD9956381E01356245144003E5	55EAF62CB05DA20088DC12B39D7D254D046CB1FD61DDF3AE641F1439EFD0A5EE
Chrome Cache Entry: 224	ASCII text, with very long lines (19948), with no line terminators	EC18AF6D41F6F278B6AED3BDABFFA7BC	62C9E2CAB76B888829F3C5335E91C320B22329AE	8A18D13015336BC184819A5A768447462202EF3105EC511BF42ED8304A7ED94F
Chrome Cache Entry: 225	Unicode text, UTF-8 text, with very long lines (10125)	10F88843A3C699872A9C7EA0036F093D	1A237FE89B282A2528C167DB50289B77A036EAA9	168088186C150D04871D7BC9E98EE9BAE60269F9F45005ABDF7803BBFAAC7245
Chrome Cache Entry: 226	C source, ASCII text, with very long lines (65098)	F1D54743DBCC9A03EB08F14D0DE65DA4	16B96431016B503517462F0797901AD8DAC94481	4E973E1B8E6B798931086CF372B83E40C417E33C0922087DAD0EB2F89FA891AC
Chrome Cache Entry: 227	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3	9DADD5C1965AB4BC2363057E8722D279	97EFCA7F0C164BAC07A8460755F47EFA5872432C	867F06D914DFB413127897B342548F58C0BDC64D4E91DFA72AF2B3E8DA10D313
Chrome Cache Entry: 228	ASCII text, with very long lines (65487)	E3E296E62F9ED48D9690B85B37CF7D2C	57E75BCA4B8F9B6F9DF995A7545C21EC39034B34	0FD839C7A31E4EDC02934504F4588F468F021922519694AB4F821CB483B88E85
Chrome Cache Entry: 229	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	7F0979E9A0C7CCD8B56C28C8EBA3AC03	609FC9759AC7C45DFFE5A5187B291733A4CF801B	EFAEE361B8631ED1213F9795579DB451DA689380A4ACA4A741EBDC6F2F9C6499
Chrome Cache Entry: 230	ASCII text, with very long lines (56943)	168008A26F9E32C4FC5449BAABBB8924	021F48E00109F931F930042B0CC75732DE23AF16	194B419E7C48A7893691594652358A8F3029B71BC083FCB59DF98811ECEA4994
Chrome Cache Entry: 231	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3	C8B1329A6A8C06303C0354F4BCB04950	FDAD60184CE1D32004F0BA83BE2CDE2659AC5F4F	ABE964CCE8F0A4FB0989940BA63162F16FC6F5BF83026B182BCBE7C347A999DE
Chrome Cache Entry: 232	MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel	5A9933E343D1DDB7ED5772E63AF4F578	FE6E2E9B66974F706947E8A7026CBA192559516D	5B658F5A51A2CC169E3C16DC091BBBB7817D244DE0D8559CC05182DC3FDF340D
Chrome Cache Entry: 233	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	C9D346C188F3406F1EDE034E90D5B5C1	2EFC812A53CC7D79C9D64E309C4673D0067C07D1	C89F0F5DCDE39CA9E55FEA4859DE4FB69DDEEF96E935A59229899CACBDC633C6
Chrome Cache Entry: 234	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	3B3B7074D0DDCB23F3252C28322A4209	27D894D07D5B998D8237D676A6C7B7D10FD0C192	E45294734EFD85FDC485835B30C844B6F40AF18A9C9B86D150F465880FF01FC0
Chrome Cache Entry: 235	HTML document, ASCII text, with very long lines (815)	147FD3B00C22BA9C939712E9213C24CA	3B48369B86FA0574F35379AACD1F42CC9C98A52B	70F5B11C1870CF90201A6D5F770CA318A3FA5827C74A8765EDE22B487F7D4532
Chrome Cache Entry: 236	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3	75EF1E9F490A443C61B11C2F30EE5709	55AE89CEE6ADDB717B26DFDB2B25D04F043BF497	4C731783108A5BFDB6E20A2FE24953816B66FE5431D6C20C2C50C7CD30CCE4BA
Chrome Cache Entry: 237	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	88E0F42C9FA4F94AA8BCD54D1685C180	5AD9D47A49B82718BAA3BE88550A0B3350270C42	89C62095126FCA89EA1511CF35B49B8306162946B0C26D6F60C5506C51D85992
Chrome Cache Entry: 238	RIFF (little-endian) data, Web/P image	F05CC8F747EAB90ADFEFE0B716A5E495	E105ED264991B76DF25B9CC32BA8BEDD856C9EA4	3D37E4A8B1D19810A488887036F55BEE2722B3181CC12CDBCCFC091BDB6EE73F
Chrome Cache Entry: 239	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	3DB9E52F0236368C12A29D95BC940531	DEA098ED21582C63B8828A7EA8201F946843F6EC	C13E7E8FC0A40CDBFD2FE608AC748EF21CB6DEFFFABBB61F80BDC90AC4492096
Chrome Cache Entry: 240	ASCII text, with very long lines (1038)	7F3A6A3D7F495B63DCB141D50B82F200	4DDC1B543B837EF71AC8E9E267EE401CD94ECB16	8C14BC742C4B9E6B024585FF5EA867778291163C42D4476206EBD86CC44EAE3E
Chrome Cache Entry: 241	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	EF9941290C50CD3866E2BA6B793F010D	4736508C795667DCEA21F8D864233031223B7832	1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A
Chrome Cache Entry: 242	ASCII text, with no line terminators	9AFB0D35BB088B3036561313BF7CE1F4	C7F3FDE34C537242969FBBD736B5B129611F1694	6E4501CE6F65A1B8671A9D31A8F5AB56DFA4E30AA7A4A971DAA1544AB2EB53C1
Chrome Cache Entry: 243	MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel	5A9933E343D1DDB7ED5772E63AF4F578	FE6E2E9B66974F706947E8A7026CBA192559516D	5B658F5A51A2CC169E3C16DC091BBBB7817D244DE0D8559CC05182DC3FDF340D
Chrome Cache Entry: 244	ASCII text, with very long lines (8426), with no line terminators	F466CB6B256973317C2315741FAD9F49	EA2C62047A1697C19B06BE23871CA839849CB8A3	A6DC271CBDAA05E97C5144483628DF9E30B68326E5B04A5FEF3322AF1C0F22E0
Chrome Cache Entry: 245	ISO Media, AVIF Image	997C0163BA5D492D965BE6BD688714BE	7361B713644EF63DAF61805994E7EA640113F4BF	896ECBCDDA0C1FFFEA4DEB19CCD4FB06C76B63A55F4A76F2D87C29801FC421BC
Chrome Cache Entry: 246	ASCII text, with very long lines (30280)	D359D8FF5F26602E391CBD51847CFF79	7B28373CF3F1074A93C059C176ED58491AC1B11B	C6D5DD0A71DA4D84B4F140DD215D16053F628E75B4E897838D2BEE77F1BE75C1
Chrome Cache Entry: 247	ASCII text, with very long lines (13624)	F9E9660E67C43524C5D32FEFB17A1656	B5188C897C0B0D4EA1321976207664CD6A20FCDC	C89CACD0C31BEFF5767916DCFB82E606A53BF9586B2F95F5112EBE0304DADEF0
Chrome Cache Entry: 248	ISO Media, AVIF Image	FEC42AB01608DDE656A0B02DF2F347F5	4E9B70BC18E242D6CD30C8E5AC24DC677560733B	536ED0FDEF8C9E54090F06F9C4DDE73711707C744D2BD17DC68CE4C641E269C4
Chrome Cache Entry: 249	XML 1.0 document, ASCII text	B1E850085FA300C6C747E6670F4A570E	A7D7ED46EC649135325C82ED5D9CF4154363E134	E98129F4ED197201F61E32E87742CABF792A4D2A50A9A17131CAEC6FCA30EA1D
Chrome Cache Entry: 250	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	3DB9E52F0236368C12A29D95BC940531	DEA098ED21582C63B8828A7EA8201F946843F6EC	C13E7E8FC0A40CDBFD2FE608AC748EF21CB6DEFFFABBB61F80BDC90AC4492096
Chrome Cache Entry: 251	ISO Media, AVIF Image	87CD5A0B5671A7A31D9BD4A8DD749A97	6A383A1E0C6A2FF180EFAF6625BF8A7745EA4B84	97C39E4304E9B5F179D0AB70FF17AD769F1E1B380065652622B6A0255DE5034E
Chrome Cache Entry: 252	ASCII text, with very long lines (17577)	34F15782047F9D678A947BF675E8A3D8	6034D6A3106350EEC176759ECF57C7E8551ADF3F	0C8A9732467A1684679DE0BB5A979468FC31123212AC1F936F7F2CC653E90B29
Chrome Cache Entry: 253	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	07BF314AAB04047B9E9A959EE6F63DA3	17BEF6602672E2FD9956381E01356245144003E5	55EAF62CB05DA20088DC12B39D7D254D046CB1FD61DDF3AE641F1439EFD0A5EE
Chrome Cache Entry: 254	Unicode text, UTF-8 text, with very long lines (37946), with no line terminators	AC93E0F884509FA284C6B4050C14B1C2	65F0342213FEB3BB2FB5262F6E83A9B152983AAD	2421B0D4979D69042E5549D4FF9C1BDADF6B75512C497E5C17381EFC15A6D1B5
Chrome Cache Entry: 255	GIF image data, version 89a, 6 x 5	E4D673A55C5656F19EF81563FB10884C	1F2D8ED221D39329251AD3A6FF1EDB20B7219443	F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
Chrome Cache Entry: 256	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	7F0979E9A0C7CCD8B56C28C8EBA3AC03	609FC9759AC7C45DFFE5A5187B291733A4CF801B	EFAEE361B8631ED1213F9795579DB451DA689380A4ACA4A741EBDC6F2F9C6499
Chrome Cache Entry: 257	Unicode text, UTF-8 text, with very long lines (63485), with no line terminators	4378A9141BD7C4D9124B7BCF03F14E43	DBD10946E798756DDABA5B422DA035CFCBE56CEC	52E8C1449696319E0FE4B379D68FB4A1E11D9AB61EDD85E2D8720ACF7BDF8C2E
Chrome Cache Entry: 258	JSON data	7D492453B534B0D017C13A0D78E1AD4E	D88C99DCCBF5F27CD202F449127694DFD32E06DA	8512D2FCADC1122F150D31E36913D425105DFD1191D54CDBF543BC82A6488AF3
Chrome Cache Entry: 259	data	2AB26B73D9D632AD348EDAA2A002BC1D	AA4CAAC63CD55B9B3E3AA0FF17079804963D1A37	858BF1F48350424972729B8AC1D3A785BA5FF202F0CBCEFEE4D69066D951C3BD
Chrome Cache Entry: 260	Unicode text, UTF-8 text, with very long lines (65468), with no line terminators	073F90A0B2456DB0BDA0A8012B4C8455	675F2D5CB993A1F8D15E5A5D80B6CE60C39CA4E1	F01C4B46E70121861FF6877E1F76FE23D6842B5FEB6C24B475E76229CD59D84A
Chrome Cache Entry: 261	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3	E7A62467D102E596F947DC41929FA80F	68357309E9E8CDBD8A202B5BF19BF6ECD9089DC0	EC0CDFF11D0AF6854EF1834862094FBF4C4AE8801D8D1295C6D15C21A330E0EE
Chrome Cache Entry: 262	Unicode text, UTF-8 text, with very long lines (37946), with no line terminators	AC93E0F884509FA284C6B4050C14B1C2	65F0342213FEB3BB2FB5262F6E83A9B152983AAD	2421B0D4979D69042E5549D4FF9C1BDADF6B75512C497E5C17381EFC15A6D1B5
Chrome Cache Entry: 263	very short file (no magic)	C4CA4238A0B923820DCC509A6F75849B	356A192B7913B04C54574D18C28D46E6395428AB	6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
Chrome Cache Entry: 264	ASCII text, with very long lines (1038)	7F3A6A3D7F495B63DCB141D50B82F200	4DDC1B543B837EF71AC8E9E267EE401CD94ECB16	8C14BC742C4B9E6B024585FF5EA867778291163C42D4476206EBD86CC44EAE3E
Chrome Cache Entry: 265	ASCII text, with no line terminators	9AFB0D35BB088B3036561313BF7CE1F4	C7F3FDE34C537242969FBBD736B5B129611F1694	6E4501CE6F65A1B8671A9D31A8F5AB56DFA4E30AA7A4A971DAA1544AB2EB53C1
Chrome Cache Entry: 266	Unicode text, UTF-8 text, with very long lines (15771), with no line terminators	F4752503860C258FED0EDF5A7D40DCB9	6E9D06488702A945DAF0A2AA03F58E18743E7B50	5F3AE0CFA09B5D615295722CAE05096F88395B4BD8020260D7797CEA5E55B538
Chrome Cache Entry: 267	HTML document, ASCII text, with very long lines (815)	147FD3B00C22BA9C939712E9213C24CA	3B48369B86FA0574F35379AACD1F42CC9C98A52B	70F5B11C1870CF90201A6D5F770CA318A3FA5827C74A8765EDE22B487F7D4532
Chrome Cache Entry: 268	ASCII text, with very long lines (655), with no line terminators	5048B7BF6F335C259CAE5D653D50726E	96F45044F726EEF7C8E7C7F21F6368BF23A2B3F0	B6E4492D3B8358A81B80908B1F84E6BD2F64A7A46D48793AF99D27BF29F4C2E8
Chrome Cache Entry: 269	ASCII text, with very long lines (65536), with no line terminators	47BEA70318B724B1A99A1D571FF58807	B66FFE704AD2FE84DA8211D6351727568FD68B78	11A188A204934185AB5649A1F838FE771C3D84C928BC8286EF999FB5B8DEDA69
Chrome Cache Entry: 270	ASCII text, with very long lines (65468)	1293F68B6D7FAFE872CAB89205B32B23	9EE018E17198F1A7756EB268D81AA1C707BEED2A	9876DD1B9851AE230ECF3E15D6C3B423EA2D259F5A490B55981FEF73A0EE9030
Chrome Cache Entry: 271	JSON data	CEB4BD2950AE755CCCC74A30C4AE0AC3	75DAB7180DCF5A24E5106CA8F77163A44E45E204	598E122FC428000F16BC116FE98849A510904B6F3A5152D740CA004DEB5E6E94
Chrome Cache Entry: 272	JSON data	BF5AA10EBDE60125A2179D960233FE37	F65FE06E09F0A755782A84514A2510038890D4D0	A7B639B0B8FF4EF237034146CEB8D34300864969212FECD5019CBAEB37B611FC
Chrome Cache Entry: 273	Unicode text, UTF-8 text, with very long lines (4450)	3C8F93FEC24C564BD9DDFDA68827666A	968CA6A78637C83D539D5603BF8FDAFD72C1E4A6	EE6F5A3E3C885FEDD52B015CAB0F1847A86805DCE43723C9F6550D98BC2FCA03
Chrome Cache Entry: 274	ASCII text, with very long lines (701)	88A5FED5C87B1D3704AB225CFBE7A130	D64243C18FBAA356E4ABAE8414CCC4772D64060B	F8E5F5CE9FF44073CFF24BCD3D2B8AA4E67B67891B14FF929FE4743880FDF82E
Chrome Cache Entry: 275	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3	E9EE5AD25C6928A55574A42A3CE1FA01	00C9BC8C1DE93D4279CB25631F89E5D7B04480D7	019EDFCFE79125D1CF41AE3AB7A269DAAE1E756EC27F375CB235EA1C49B0929A
Chrome Cache Entry: 276	ASCII text, with very long lines (17577)	34F15782047F9D678A947BF675E8A3D8	6034D6A3106350EEC176759ECF57C7E8551ADF3F	0C8A9732467A1684679DE0BB5A979468FC31123212AC1F936F7F2CC653E90B29
Chrome Cache Entry: 277	Web Open Font Format (Version 2), TrueType, length 80284, version 1.590	C928F3743528E38AB3E452F66DACDDA5	BCB91E0E5546FFCCAEAA67FCF6BBCFB71EC14CF4	1074381C79236111C60C6FDA4FDF71B2B3780D22AA08500784678A2C958FE14F
Chrome Cache Entry: 278	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	B4A4AEEF41EE413911BDF53724431511	F84E97D881DD1D90C191103EA1715D5A646D319F	3B672FA58CC2E0A0A21C7AEE6E5D8B9A3CB8BA2C7692BEFB7E69EC29F24B895F
Chrome Cache Entry: 279	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	C9D346C188F3406F1EDE034E90D5B5C1	2EFC812A53CC7D79C9D64E309C4673D0067C07D1	C89F0F5DCDE39CA9E55FEA4859DE4FB69DDEEF96E935A59229899CACBDC633C6
Chrome Cache Entry: 280	SVG Scalable Vector Graphics image	8B80CE17A35BC980EDBCA32704FF6D4B	A0844CB982A1091BE97A175F6A353FFDDF92A597	83431FA4D894678730F7EA8D0FA1CDE613EC26BD059031BFF95530C5D70A1F10
Chrome Cache Entry: 281	ASCII text, with very long lines (65450)	6256A7BE50E6AFA38D5B3BB7C283B9EA	10E717AE88868FDEC4089EE1805DBD43A3969698	B8B511D485140A7C53B27C79DCFA1E757C3945F48D5CBF3A08193295844DBAC0
Chrome Cache Entry: 282	JSON data	8F726CBF9AAC2EA7CA48C34DD83AB85D	5AB508ABBE155C7A3D8DCBC1ED2E4E6C0F55BA00	E15D88CBF9705AE765C2BD0966D5EB84CD71660EF77BE16A1E0A3528E564EE25
Chrome Cache Entry: 283	ASCII text, with very long lines (655), with no line terminators	5048B7BF6F335C259CAE5D653D50726E	96F45044F726EEF7C8E7C7F21F6368BF23A2B3F0	B6E4492D3B8358A81B80908B1F84E6BD2F64A7A46D48793AF99D27BF29F4C2E8
Chrome Cache Entry: 284	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	89EB6DDFF46C123B5C50319133679DB1	BD2958D629362A7A7EE2AE53314FB3F1AD6FFE4A	D4225FEDA05C04710EC2ACE67EADEDDEB533530B3D43A7D287CE82838D18E224
Chrome Cache Entry: 285	Web Open Font Format (Version 2), TrueType, length 15340, version 1.0	19B7A0ADFDD4F808B53AF7E2CE2AD4E5	81D5D4C7B5035AD10CCE63CF7100295E0C51FDDA	C912A9CE0C3122D4B2B29AD26BFE06B0390D1A5BDAA5D6128692C0BEFD1DFBBD
Chrome Cache Entry: 286	GIF image data, version 89a, 6 x 5	E4D673A55C5656F19EF81563FB10884C	1F2D8ED221D39329251AD3A6FF1EDB20B7219443	F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
Chrome Cache Entry: 287	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	967AD8D31ECFDA30A1074119C56E0BD5	E9E24D19C7BC47406BF1F5679E852C2F0E9FE0BF	E68FD0833CC79262442BA6D28E16CDF9D5C09BD013A12D5D8AE4B60EFCFBAF05
Chrome Cache Entry: 288	ASCII text, with very long lines (13624)	F9E9660E67C43524C5D32FEFB17A1656	B5188C897C0B0D4EA1321976207664CD6A20FCDC	C89CACD0C31BEFF5767916DCFB82E606A53BF9586B2F95F5112EBE0304DADEF0
Chrome Cache Entry: 289	ASCII text, with very long lines (26411)	77AC15A3412FAFAE305B89341B230CB9	B4F5B04037037550E1AE0DFD0934F69D30363477	19AF2EEA404A881A23C39E7F5ADCD0EC43B9F84B96BAAA4862F6CB9444333861
Chrome Cache Entry: 290	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	967AD8D31ECFDA30A1074119C56E0BD5	E9E24D19C7BC47406BF1F5679E852C2F0E9FE0BF	E68FD0833CC79262442BA6D28E16CDF9D5C09BD013A12D5D8AE4B60EFCFBAF05
Chrome Cache Entry: 292	C source, ASCII text, with very long lines (65098)	F1D54743DBCC9A03EB08F14D0DE65DA4	16B96431016B503517462F0797901AD8DAC94481	4E973E1B8E6B798931086CF372B83E40C417E33C0922087DAD0EB2F89FA891AC
Chrome Cache Entry: 294	HTML document, ASCII text, with very long lines (1371)	E1F5CB468F26B9463D09E88A92D21860	B2121AC383F2621A0BCF1DC466B94E37E4DD3899	186A404AF5DC012B5C8C842DE10A2A9D2CDBAEDD4ABCA0B65EA0AA47379853C8
Chrome Cache Entry: 295	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3	11C2359AAFCF468EC51BFDB6CD9DC298	746BC31D8024EEFCB69B65BDFC772DDBF819F9BE	87F878F4D2B83240BFA4FF8E43270492EA579D477B9079ABC4317B1919946B7A
Chrome Cache Entry: 296	ASCII text, with very long lines (15752)	B976B651932BFD25B9DDB5B7693D88A7	7FCB7CB5C11227F9213B1E08A07D0212209E1432	4E6CE5444C7F396CEF0EB1FA3611034151E485DD06FBE5573A5583E1EEBC98C3
Chrome Cache Entry: 297	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	89EB6DDFF46C123B5C50319133679DB1	BD2958D629362A7A7EE2AE53314FB3F1AD6FFE4A	D4225FEDA05C04710EC2ACE67EADEDDEB533530B3D43A7D287CE82838D18E224
Chrome Cache Entry: 298	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3	75EF1E9F490A443C61B11C2F30EE5709	55AE89CEE6ADDB717B26DFDB2B25D04F043BF497	4C731783108A5BFDB6E20A2FE24953816B66FE5431D6C20C2C50C7CD30CCE4BA
Chrome Cache Entry: 299	HTML document, Unicode text, UTF-8 text, with very long lines (29680)	A470AB421ABF650DCFCF394C082810EA	85016A9C690AAB6FADA3F61DE794534AB4D2A42A	EC202ED2B5B168902AEA1209A44B92E83AF524FE5ADAD0B735898A99E7721AA3
Chrome Cache Entry: 300	ASCII text, with very long lines (35234)	359963FCBD3FFF6CAC335E1EB454EF5F	7638A598D39C20C106A9AEE3CDEAC7900D001A33	34F8DFD5165EA9FBCFD2D9029ED792F6D83E5EC2734896213D994645EA0B9E6B
Chrome Cache Entry: 301	very short file (no magic)	C4CA4238A0B923820DCC509A6F75849B	356A192B7913B04C54574D18C28D46E6395428AB	6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
Chrome Cache Entry: 302	ASCII text, with very long lines (65487)	E3E296E62F9ED48D9690B85B37CF7D2C	57E75BCA4B8F9B6F9DF995A7545C21EC39034B34	0FD839C7A31E4EDC02934504F4588F468F021922519694AB4F821CB483B88E85
Chrome Cache Entry: 303	ASCII text, with very long lines (30280)	7579D8466B8196DD61155D88E90E1CBF	EA8DB3BCE56F21DDADAAC9A151C9190E058F36C3	76A1D51898D590E3B41163293AC6F6D0730E7C5461EBD30AD02C5238400E8559
Chrome Cache Entry: 304	ASCII text, with very long lines (65450)	6256A7BE50E6AFA38D5B3BB7C283B9EA	10E717AE88868FDEC4089EE1805DBD43A3969698	B8B511D485140A7C53B27C79DCFA1E757C3945F48D5CBF3A08193295844DBAC0
Chrome Cache Entry: 305	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3	00B393C32DDE96A34D26E19DAB26441D	A8B09C6BE5D0EDBC731ED9D06DF2D645184DC88B	ECE3E8B6F7425915ED406AE6E912105EB2A438AA6C8DA32179D831C17DD62817
Chrome Cache Entry: 306	ASCII text, with no line terminators	A6F131CD11B533CE5F2B06CFD1FD4287	40B95F073BDD8322FD9A633C7ACB665C2EB300C5	86153FC8D33E19C0841E27D73BF95F85B1B0CD9CE61F0494047EC16043F1575C
Chrome Cache Entry: 307	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3	1D47DA8B602583C435B1755B377B6AE2	7304E9C5D55B88EE14EA8062827F2448215CDFBF	B19A9A4C0DEEE1A04413D62A669C2B8FA18C34D1E0219C469CB789E53A69BBA4
Chrome Cache Entry: 308	GIF image data, version 89a, 6 x 5	E4D673A55C5656F19EF81563FB10884C	1F2D8ED221D39329251AD3A6FF1EDB20B7219443	F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
Chrome Cache Entry: 309	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	60C9CC3825ADC832284FD90757C37ADB	9816C325E87F9C139C86C4CA26D364263E6B57CA	4B2575CF62363CAD5DDEBDFB8CA4F8DA40156FFEF1754537E659CD023D806087
Chrome Cache Entry: 310	ASCII text, with very long lines (61743)	E1FED5CB2080507CEC02ABFFD34AEA27	949810F40C57EC63B8A1EC55F12048EDA2BA1C80	ADA7E3010D976A16FC38D2A03C40E315B503C964A8857FD826D5E845084D151E
Chrome Cache Entry: 311	ASCII text, with very long lines (18298)	87F3F1784464A56B80F04D1C64FAC841	66ED80D249257F5352375A3F12103538963D7CFD	A7EED1CAFB8953D9B44109950C9C7C48BF6DE295975693894A9D36F7AC9D266A
Chrome Cache Entry: 312	Unicode text, UTF-8 text, with very long lines (63485), with no line terminators	4378A9141BD7C4D9124B7BCF03F14E43	DBD10946E798756DDABA5B422DA035CFCBE56CEC	52E8C1449696319E0FE4B379D68FB4A1E11D9AB61EDD85E2D8720ACF7BDF8C2E
Chrome Cache Entry: 313	Web Open Font Format (Version 2), TrueType, length 108876, version 1.0	5F10D5A9BA21165359691916D39AF95E	043EC4C42885D63D6301B11E890EA9B9AA88F856	EED2AA9E394C4DC2A764F5F756E759BC9B4A8114BAC97CE75305F8AA7F096F8E
Chrome Cache Entry: 314	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3	9DADD5C1965AB4BC2363057E8722D279	97EFCA7F0C164BAC07A8460755F47EFA5872432C	867F06D914DFB413127897B342548F58C0BDC64D4E91DFA72AF2B3E8DA10D313
Chrome Cache Entry: 315	Unicode text, UTF-8 text, with very long lines (31976)	88BC94EBC5ED5FF8DD4F6BB388EA203C	780DA4EE83C4570394BE152F6410C302152F86A0	CCB30C86CA83B1B077C2F35F5C1F06EC0B03ED3BFE4EADF1F4E3F20CAAF1FCC8
Chrome Cache Entry: 316	ASCII text, with very long lines (1436), with no line terminators	6AC1AAC0E4A97806847BEBE09B43BFD8	448435E86E1C1106738999B419EB42E31A6C2033	256A34EF09CBD3706D44C9225BAF1C1C129F9012499554D3E7812D21117F25A3
Chrome Cache Entry: 317	ASCII text, with very long lines (65468)	1293F68B6D7FAFE872CAB89205B32B23	9EE018E17198F1A7756EB268D81AA1C707BEED2A	9876DD1B9851AE230ECF3E15D6C3B423EA2D259F5A490B55981FEF73A0EE9030
Chrome Cache Entry: 318	ASCII text, with very long lines (26411)	77AC15A3412FAFAE305B89341B230CB9	B4F5B04037037550E1AE0DFD0934F69D30363477	19AF2EEA404A881A23C39E7F5ADCD0EC43B9F84B96BAAA4862F6CB9444333861
Chrome Cache Entry: 319	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3	58CFBD85D0631A0C45BBBF5BD5A38212	C286C5893086E2610FE799D453ACF71F90BCB3E9	A840AF3A71FE2B7F2F185D1294F5C342EA310509629C26CBCD2F6EE71AC729CA
Chrome Cache Entry: 320	GIF image data, version 89a, 6 x 5	E4D673A55C5656F19EF81563FB10884C	1F2D8ED221D39329251AD3A6FF1EDB20B7219443	F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
Chrome Cache Entry: 321	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3	C8B1329A6A8C06303C0354F4BCB04950	FDAD60184CE1D32004F0BA83BE2CDE2659AC5F4F	ABE964CCE8F0A4FB0989940BA63162F16FC6F5BF83026B182BCBE7C347A999DE
Chrome Cache Entry: 322	ASCII text, with very long lines (12788), with no line terminators	EF880BE61458E4E89C9CB9D99D2D300E	C7740F6524CFAB6084682B1CE320B2E5E9C4D4CC	79674B01741C3978417B6B9B4B98D125755E7BB468979D5CD593EAC4B94CDB91
Chrome Cache Entry: 323	Web Open Font Format (Version 2), TrueType, length 15344, version 1.0	5D4AEB4E5F5EF754E307D7FFAEF688BD	06DB651CDF354C64A7383EA9C77024EF4FB4CEF8	3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
Chrome Cache Entry: 324	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	88E0F42C9FA4F94AA8BCD54D1685C180	5AD9D47A49B82718BAA3BE88550A0B3350270C42	89C62095126FCA89EA1511CF35B49B8306162946B0C26D6F60C5506C51D85992
Chrome Cache Entry: 325	ASCII text, with very long lines (701)	88A5FED5C87B1D3704AB225CFBE7A130	D64243C18FBAA356E4ABAE8414CCC4772D64060B	F8E5F5CE9FF44073CFF24BCD3D2B8AA4E67B67891B14FF929FE4743880FDF82E
Chrome Cache Entry: 326	PNG image data, 204 x 192, 8-bit colormap, non-interlaced	D38845F80246510B31BCBFE9DF8EE0B9	2FE692124EACCFEE34CACD485D24B22258BE89EB	93DDFB6481C315F8FC97BA1F99E84453E73589C7D4E509E4AA0D0A2FE581705D
Chrome Cache Entry: 327	PNG image data, 500 x 500, 8-bit colormap, non-interlaced	5F7B74563BAFAFF6E4CA77BB82D511C5	EBCB367071A682D64A2E6471D553AD1FC1F90CD6	C0E93B5EBF107AF77D9E7D101D186B3B93E9D5AD4FBB6A74E2DEA60173CC04F8

Phishing

AI detected phishing page

Source: https://usqe.bin4tgla.com/fpI2Ggql/

Yara detected HtmlPhish44

Source: Yara match

File source: dropped/chromecache_142, type: DROPPED

Phishing site detected (based on shot match)

Source: https://usqe.bin4tgla.com/fpI2Ggql/	Matcher: Template: captcha matched
Source: https://usqe.bin4tgla.com/fpI2Ggql/	Matcher: Template: captcha matched
Source: https://usqe.bin4tgla.com/fpI2Ggql/	Matcher: Template: captcha matched

Phishing site or detected (based on various text indicators)

Source: Chrome DOM: 1.0	OCR Text: Design a site like this with WordPress.cam Get started New Document Received New File Received ! PDF You've received (2) new PDF Documents for your review Please sign & return VIEW SECURE DOCUMENT
Source: Chrome DOM: 1.1	OCR Text: Design a site like this with WordPress.cam Get started New Document Received New File Received ! PDF You've received (2) new PDF Documents for your review Please sign & return VIEW SECURE DOCUMENT Subscribe

HTML page contains hidden javascript code

Source: https://dartergary.wordpress.com/

HTML title does not match URL

Source: https://dartergary.wordpress.com/

HTTP Parser: Title: Site Title does not match URL

Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://usqe.bin4tgla.com/fpI2Ggql/	HTTP Parser: No favicon
Source: https://www.asos.com/	HTTP Parser: No favicon
Source: https://www.asos.com/	HTTP Parser: No favicon
Source: https://www.asos.com/	HTTP Parser: No favicon

Source: https://dartergary.wordpress.com/	HTTP Parser: No <meta name="author".. found
Source: https://dartergary.wordpress.com/	HTTP Parser: No <meta name="author".. found

Source: https://dartergary.wordpress.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://dartergary.wordpress.com/	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49808 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.16:49968 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: dartergary.wordpress.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/blog-plugins/marketing-bar/css/marketing-bar.css?m=1729529312i&cssminify=yes HTTP/1.1Host: s0.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://dartergary.wordpress.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_static/??/wp-content/mu-plugins/core-compat/wp-mediaelement.css,/wp-content/mu-plugins/wpcom-bbpress-premium-themes.css?m=1432920480j&cssminify=yes HTTP/1.1Host: s1.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://dartergary.wordpress.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_static/??-eJzTLy/QTc7PK0nNK9HPLdUtyClNz8wr1i9KTcrJTwcy0/WTi5G5ekCujj52Temp+bo5+cmJJZn5eSgc3bScxMwikFb7XFtDE1NLExMLc0OTLACohS2q&cssminify=yes HTTP/1.1Host: s1.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://dartergary.wordpress.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_static/??/wp-content/js/rlt-proxy.js,/wp-content/mu-plugins/jetpack-plugin/sun/jetpack_vendor/automattic/jetpack-videopress/build/lib/token-bridge.js?m=1724856138j HTTP/1.1Host: s0.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://dartergary.wordpress.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/h4/global.css?m=1420737423i&cssminify=yes HTTP/1.1Host: s2.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://dartergary.wordpress.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/hovercards/hovercards.min.js?ver=202444448e29c9ec460f70535c7958cd60e9e2980f935c5309d61d08f40d080a876779 HTTP/1.1Host: 0.gravatar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2024/09/pdf-image.png?w=204 HTTP/1.1Host: fqr44.wordpress.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240i HTTP/1.1Host: s2.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://dartergary.wordpress.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2024/09/pdf-image.png?w=204 HTTP/1.1Host: fqr44.wordpress.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i/logo/wpcom-gray-white.png HTTP/1.1Host: s2.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/js/mobile-useragent-info.js?m=1609849039i HTTP/1.1Host: s1.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://dartergary.wordpress.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /w.js?67 HTTP/1.1Host: stats.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_static/??/wp-content/js/rlt-proxy.js,/wp-content/mu-plugins/jetpack-plugin/sun/jetpack_vendor/automattic/jetpack-videopress/build/lib/token-bridge.js?m=1724856138j HTTP/1.1Host: s0.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuFuYMZ1rib2Bg-4.woff2 HTTP/1.1Host: fonts.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://dartergary.wordpress.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfMZ1rib2Bg-4.woff2 HTTP/1.1Host: fonts.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://dartergary.wordpress.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/hovercards/hovercards.min.js?ver=202444448e29c9ec460f70535c7958cd60e9e2980f935c5309d61d08f40d080a876779 HTTP/1.1Host: 0.gravatar.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240i HTTP/1.1Host: s2.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i/logo/wpcom-gray-white.png HTTP/1.1Host: s2.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/js/mobile-useragent-info.js?m=1609849039i HTTP/1.1Host: s1.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/blog-plugins/marketing-bar/images/wpcom-mark.svg HTTP/1.1Host: s0.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://s0.wp.com/wp-content/blog-plugins/marketing-bar/css/marketing-bar.css?m=1729529312i&cssminify=yesAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/hovercards/hovercards.min.css?ver=202444448e29c9ec460f70535c7958cd60e9e2980f935c5309d61d08f40d080a876779 HTTP/1.1Host: 0.gravatar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /w.js?67 HTTP/1.1Host: stats.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.7921517821766884 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /g.gif?blog=238502921&v=wpcom&tz=-4&user_id=0&subd=dartergary&host=dartergary.wordpress.com&ref=&rand=0.82970019227276 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /g.gif?crypt=UE40eW5QN0p8M2Y%2FRE1mJVY3bm9aR3VCbS9mWm1pRyZuJS1LX1t5QmRXZzE3RC9rQWZHK1FjbDltdWdaMVFFZTcxUGVHLWR0WTJoODFFSDFKMmdBdysuWmJ6fkpUJXxZPVlCQm1qNSxSYkxYZXV0d1ZYLjE1aVdvYUNlcHlGVl0vNXF%2BVEw2QmdPMUg9NjdbdU05bi4%2FZnomWzdTdHwyV3RtM25VTEE0Sm50bFozWEt5VWJ5UDU4Nk1NQ0E1R3A4VityWnxrYS80QUtiWTkuXXc1NnN5RGtkNGpCY2I9TyxuTFNJXW5FWGtVLEMxK0h%2BLndnQnc%3D&v=wpcom-no-pv&rand=0.16543343148914724 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/wp-emoji-release.min.js?m=1719498190i&ver=6.7-RC1-59308 HTTP/1.1Host: s2.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /t.gif?is_current_user_blog_owner=false&_en=wpcom_marketing_bar_impression&_ui=17YqG79Brj34dSgrHP4bzBgK&_ut=anon&_ts=1730228981995&_tz=4&_lg=en-US&_pf=Win32&_ht=1024&_wd=1280&_sx=0&_sy=0&_dl=https%3A%2F%2Fdartergary.wordpress.com%2F&_dr=&blog_id=238502921&blog_tz=-4&user_lang=en&blog_lang=en&user_id=0&_rt=1730228981996&_=_ HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /osd.xml HTTP/1.1Host: dartergary.wordpress.comConnection: keep-aliveSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/blog-plugins/marketing-bar/images/wpcom-mark.svg HTTP/1.1Host: s0.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /g.gif?blog=238502921&v=wpcom&tz=-4&user_id=0&subd=dartergary&host=dartergary.wordpress.com&ref=&rand=0.82970019227276 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.7921517821766884 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /g.gif?crypt=UE40eW5QN0p8M2Y%2FRE1mJVY3bm9aR3VCbS9mWm1pRyZuJS1LX1t5QmRXZzE3RC9rQWZHK1FjbDltdWdaMVFFZTcxUGVHLWR0WTJoODFFSDFKMmdBdysuWmJ6fkpUJXxZPVlCQm1qNSxSYkxYZXV0d1ZYLjE1aVdvYUNlcHlGVl0vNXF%2BVEw2QmdPMUg9NjdbdU05bi4%2FZnomWzdTdHwyV3RtM25VTEE0Sm50bFozWEt5VWJ5UDU4Nk1NQ0E1R3A4VityWnxrYS80QUtiWTkuXXc1NnN5RGtkNGpCY2I9TyxuTFNJXW5FWGtVLEMxK0h%2BLndnQnc%3D&v=wpcom-no-pv&rand=0.16543343148914724 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /t.gif?is_current_user_blog_owner=false&_en=wpcom_marketing_bar_impression&_ui=17YqG79Brj34dSgrHP4bzBgK&_ut=anon&_ts=1730228981995&_tz=4&_lg=en-US&_pf=Win32&_ht=1024&_wd=1280&_sx=0&_sy=0&_dl=https%3A%2F%2Fdartergary.wordpress.com%2F&_dr=&blog_id=238502921&blog_tz=-4&user_lang=en&blog_lang=en&user_id=0&_rt=1730228981996&_=_ HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/wp-emoji-release.min.js?m=1719498190i&ver=6.7-RC1-59308 HTTP/1.1Host: s2.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/mu-plugins/actionbar/actionbar.css?v=20241015 HTTP/1.1Host: s0.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i/favicon.ico HTTP/1.1Host: s1.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/mu-plugins/actionbar/actionbar.js?v=20231122 HTTP/1.1Host: s0.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/mu-plugins/actionbar/actionbar.js?v=20231122 HTTP/1.1Host: s0.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i/favicon.ico HTTP/1.1Host: s1.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=ywH7FaLO6aH19wT&MD=noSDGOKd HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /c.gif?u=https%3A%2F%2Fusqe.bin4tgla.com%2FfpI2Ggql%2F&r=&b=238502921&p=0&rand=0.5834010147506843 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fpI2Ggql/ HTTP/1.1Host: usqe.bin4tgla.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://dartergary.wordpress.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c.gif?u=https%3A%2F%2Fusqe.bin4tgla.com%2FfpI2Ggql%2F&r=&b=238502921&p=0&rand=0.5834010147506843 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://usqe.bin4tgla.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?render=explicit HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://usqe.bin4tgla.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?render=explicit HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: usqe.bin4tgla.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://usqe.bin4tgla.com/fpI2Ggql/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ink5a3lvWlZtaGdPTUdzNXNWNFkrdHc9PSIsInZhbHVlIjoiRWtVK3RlVkExNXRPYkdoY3lXTjNGUGFnVHA0SjFMMXhTMzVpbzlxQ3JzbC9hV0o2a2lwOElUaGJhN2p3ZTJncjNLZ1M2NHdBazBXTUkrQU45c2FJdGNHN3RBSHJtbEZDMVRXT2dYOEVKdmVXbFFBdktPNWoyeXdwckhuaU95cHQiLCJtYWMiOiI5ZGUyMzkxNDc4NzQ2YTczYmI5YjE3ODYwMzMzMWMzNGU3MGY3ZTU2NGYxZmZlYjE4Mzg1MmUzNGY3NjY3MjE0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkdKZTFpa3A0RzhTUEJNaCtwZ1ZUeWc9PSIsInZhbHVlIjoiam5sUXVYVk1Na200QWpnbmdySVMxQk1HdExOcXlFdzhPMFZ1ZDBMZDN4TDRjaC9nanRWaVVRYk5FWU9HSFJvWTBxdHZKUzZGRzJCYkFUOFVUMC9WZXNoTWFaZUQzNjlUZ0s5a2k2OTY4TlRlYTZCOUxSaEE2Rm11d3hhUk1aZU4iLCJtYWMiOiI2Y2Y0ODgwMjlmYThiNWY0Mjc3Y2U4NDcyMmUwZWExZjFjNDQ5Nzk0MWMxOTZmZGU0Mzc4ODE0YmJjZmNkMDkzIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&co=aHR0cHM6Ly91c3FlLmJpbjR0Z2xhLmNvbTo0NDM.&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=5a6ztk5kgw7u HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://usqe.bin4tgla.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&co=aHR0cHM6Ly91c3FlLmJpbjR0Z2xhLmNvbTo0NDM.&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=5a6ztk5kgw7uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/p-7RyvuJU9m0QQmVDJx8SL9t4pWXVpOJSp0296ydJmo.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&co=aHR0cHM6Ly91c3FlLmJpbjR0Z2xhLmNvbTo0NDM.&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=5a6ztk5kgw7uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/p-7RyvuJU9m0QQmVDJx8SL9t4pWXVpOJSp0296ydJmo.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://usqe.bin4tgla.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/reload?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7MXNoyJ98S8vYaKLVqOcyY96RFM577XE7fN75VpW1iO88SKR5BFLUDXQYN6ZT6AAmlO5WeZkMpc217Wa4fJBZT26_qOGNLjCXPfphKnud4CrzjckIdyCYWEqv14VONcvyKT8Ae4OUaDk2THegyHWo61miM2k-HD_c9WTjFQEYHMJcaBeKaAzWmtGr9qkrxck0w5AXU0-5jarhqehysIrtBXSiUYQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7MXNoyJ98S8vYaKLVqOcyY96RFM577XE7fN75VpW1iO88SKR5BFLUDXQYN6ZT6AAmlO5WeZkMpc217Wa4fJBZT26_qOGNLjCXPfphKnud4CrzjckIdyCYWEqv14VONcvyKT8Ae4OUaDk2THegyHWo61miM2k-HD_c9WTjFQEYHMJcaBeKaAzWmtGr9qkrxck0w5AXU0-5jarhqehysIrtBXSiUYQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6dVEIzpM3JHrpCYl9jcz_iqJn4_8jFXNv0yxm-6V4bX-xWihKEepTmtHOMOHVz3RjBTrXT7dN7gYxYTmvM9pch9frD_2Mt3aIGC1iHFdAculPLW-E-pvMwfXqdU-eFFIvfmgYdo6khSBA0SncV71vkgo0b4sCXigzgrEIRJFzMpiO5gqUj7ZosUIYXEi-OK8ItEStpAw4diRUHM1nMSnHfpBwisw&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=6666e44f208ad0c5 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7xha3gxL0LyuWF8xqJSoCy9aQ-CZnuJeBttoz9_4u-0dr2ooWnm-XyId997e5APa7ifIuB7pzFl0Ld1JHgMi727Mh_bXvh33TfwJ0QP4-jBMaOIGMY9nVllrV0ucFNLw_YWa5NAg0HBGl7nBIePGFmWIlko0bVYW4FzRKb_r8YRN5GuA3Fdmj1g-URC-WVZUOlHiPBV-qRB8c5HFucXS6ADUe7iw&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=e16caff0ee415144 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6dVEIzpM3JHrpCYl9jcz_iqJn4_8jFXNv0yxm-6V4bX-xWihKEepTmtHOMOHVz3RjBTrXT7dN7gYxYTmvM9pch9frD_2Mt3aIGC1iHFdAculPLW-E-pvMwfXqdU-eFFIvfmgYdo6khSBA0SncV71vkgo0b4sCXigzgrEIRJFzMpiO5gqUj7ZosUIYXEi-OK8ItEStpAw4diRUHM1nMSnHfpBwisw&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=6666e44f208ad0c5 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA57XaTzOr6lK-Qv7FFr_QBTPg0S8x0jkWwDyC7I6UHEXC_XFxPaNqt8KR5xYQPoeFcfsjB-M6tXRtBbavQjQWJCF7mZN9_aP-wLP44nVLa4RsNQZUeJDb29hxYKY4rlLOPTs_Td0kCcdGPGiv5xvNGkdS21kUFEBG7OcPIeL4i8e4t6Asyt6YxmP6fiTpBCxz4DxQ7Ys1AsZnDHJBqenX9jed7huQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=d54059ff5f6fc7f7 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7xha3gxL0LyuWF8xqJSoCy9aQ-CZnuJeBttoz9_4u-0dr2ooWnm-XyId997e5APa7ifIuB7pzFl0Ld1JHgMi727Mh_bXvh33TfwJ0QP4-jBMaOIGMY9nVllrV0ucFNLw_YWa5NAg0HBGl7nBIePGFmWIlko0bVYW4FzRKb_r8YRN5GuA3Fdmj1g-URC-WVZUOlHiPBV-qRB8c5HFucXS6ADUe7iw&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=e16caff0ee415144 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA57XaTzOr6lK-Qv7FFr_QBTPg0S8x0jkWwDyC7I6UHEXC_XFxPaNqt8KR5xYQPoeFcfsjB-M6tXRtBbavQjQWJCF7mZN9_aP-wLP44nVLa4RsNQZUeJDb29hxYKY4rlLOPTs_Td0kCcdGPGiv5xvNGkdS21kUFEBG7OcPIeL4i8e4t6Asyt6YxmP6fiTpBCxz4DxQ7Ys1AsZnDHJBqenX9jed7huQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=d54059ff5f6fc7f7 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA4bYc0s2zwhr0Dhx3dOazn3Hh4p7uY3CSETn6dA6rvCiWHE9OA-nOmnfN2ANundmWGke1Bjv2xi-GV3TO2LoMbXM_R2zufPfoD0XFD4lwrhK2FVthto7931CtAU3kcdffWKVtfZ2JNZsE0pCei2Leq-gBpTy3a6KgoAUB32sE_lB_-9wzhzHVikGwjcRkW_oG1wzKT1sJC3C7lN64gfM9pbHpzGzQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=8a68f4902f9f4669 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA4bYc0s2zwhr0Dhx3dOazn3Hh4p7uY3CSETn6dA6rvCiWHE9OA-nOmnfN2ANundmWGke1Bjv2xi-GV3TO2LoMbXM_R2zufPfoD0XFD4lwrhK2FVthto7931CtAU3kcdffWKVtfZ2JNZsE0pCei2Leq-gBpTy3a6KgoAUB32sE_lB_-9wzhzHVikGwjcRkW_oG1wzKT1sJC3C7lN64gfM9pbHpzGzQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=8a68f4902f9f4669 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=ywH7FaLO6aH19wT&MD=noSDGOKd HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA4blY5MVPIuxvSqI2F8cJcTKI2jykD8dKcYCKNyJQdUqY-SQpdKOMdYDiVMy4PmaNToi6BkEpkYn5Zl4Gtipty5tV9tppOBZgn-Pgvikm2gLFlilOhjl2gYxwcbr39AqOMgA0M752LSRhzi28wHTsBKKrDYHyZwev37Obyl2ymyAWoy6C_LXFsPc9tyfe9W6qCDaYfwhprtiyWI7IdDeYk-gjLmVg&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=34d5e020329daa00 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA4blY5MVPIuxvSqI2F8cJcTKI2jykD8dKcYCKNyJQdUqY-SQpdKOMdYDiVMy4PmaNToi6BkEpkYn5Zl4Gtipty5tV9tppOBZgn-Pgvikm2gLFlilOhjl2gYxwcbr39AqOMgA0M752LSRhzi28wHTsBKKrDYHyZwev37Obyl2ymyAWoy6C_LXFsPc9tyfe9W6qCDaYfwhprtiyWI7IdDeYk-gjLmVg&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=34d5e020329daa00 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6aKgKXaVx0pzUyPhNpP81tC9vowwRIv_H5QEpw_3-VVjJAix-NPyxXGouAtmE_vTn4S_euGzGphYBBQHDxbQPANlvJA0FKUilBpXe45XLcNk7ElD-2BBdElX3zgpt8KT_nXNv4Nq9utVoF4ywsZvwR_z0gphSUFaSuQjnZENd_jRXJR1Pm2UFXwUh2k-4aITHgyHKtpHhb4bD9uwlpYOW4FhCp_w&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=e2eca1451c1cfc28 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6aKgKXaVx0pzUyPhNpP81tC9vowwRIv_H5QEpw_3-VVjJAix-NPyxXGouAtmE_vTn4S_euGzGphYBBQHDxbQPANlvJA0FKUilBpXe45XLcNk7ElD-2BBdElX3zgpt8KT_nXNv4Nq9utVoF4ywsZvwR_z0gphSUFaSuQjnZENd_jRXJR1Pm2UFXwUh2k-4aITHgyHKtpHhb4bD9uwlpYOW4FhCp_w&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=e2eca1451c1cfc28 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/userverify?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6LY5a_sjoH9yvpmbEh0CtZQlmUakH4UvubxSxHHJkgU0G9bAzr6I0MddOzcJEu1XGBmIC2cV6m0Dxir3cdfDboH-0g8Psw8c0T-mcrf7lkroG7ZwpNHkXk3HnLiiaEN-b8-mhRh2kd6qKZhKZi_wXtMyXqY98dgFWFNcsdHZk9KqUo9Qo36_5HKbaTC9lcL1LM6e10_ZL_O3CJeFLXF6TB_DfgLQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6LY5a_sjoH9yvpmbEh0CtZQlmUakH4UvubxSxHHJkgU0G9bAzr6I0MddOzcJEu1XGBmIC2cV6m0Dxir3cdfDboH-0g8Psw8c0T-mcrf7lkroG7ZwpNHkXk3HnLiiaEN-b8-mhRh2kd6qKZhKZi_wXtMyXqY98dgFWFNcsdHZk9KqUo9Qo36_5HKbaTC9lcL1LM6e10_ZL_O3CJeFLXF6TB_DfgLQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/reload?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6ybvhC6a36EKdcCTGBHKZReYQA4R_kkyWNSJTDAm7m3lFMEhYkCENSDziHiW9sRhbOJ86_Rsz2zmABWs2jn-El121Z6wW8aDnqJ4qjwO5ZcN3u6_Qzb1T_FqjH0O-Yzag-DOjDPnlRhcPtZhGPXV1TKAg9b0B7NcFkz3bKVPSKNagZW5Tfeoh0tPt_RS9jsUxjM_M1IE9oo08LmfUhCYLue86Lrw&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6ybvhC6a36EKdcCTGBHKZReYQA4R_kkyWNSJTDAm7m3lFMEhYkCENSDziHiW9sRhbOJ86_Rsz2zmABWs2jn-El121Z6wW8aDnqJ4qjwO5ZcN3u6_Qzb1T_FqjH0O-Yzag-DOjDPnlRhcPtZhGPXV1TKAg9b0B7NcFkz3bKVPSKNagZW5Tfeoh0tPt_RS9jsUxjM_M1IE9oo08LmfUhCYLue86Lrw&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5CRWb0pqYXQQK9znJ5KV0VwEOa4LwTb8cyN7pOwIZZ04W9ux6A5u-MAbH1xLyDQMREJb298rgjzqYg-SfwWz7xWuHpDGxazw8zRRljMsmI_2zKtxQ_m35rkCI5Lk7f5FhQABxvWvoIdrGF0A4ARXIg27QobrPOi2xAvxvGvMxG3zZi2Qucrr1lJTYtpc5XFS8wOT6E2kdH05v1_mpmO1RBCjs__A&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=70db3a36bb8782c5 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5CRWb0pqYXQQK9znJ5KV0VwEOa4LwTb8cyN7pOwIZZ04W9ux6A5u-MAbH1xLyDQMREJb298rgjzqYg-SfwWz7xWuHpDGxazw8zRRljMsmI_2zKtxQ_m35rkCI5Lk7f5FhQABxvWvoIdrGF0A4ARXIg27QobrPOi2xAvxvGvMxG3zZi2Qucrr1lJTYtpc5XFS8wOT6E2kdH05v1_mpmO1RBCjs__A&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=70db3a36bb8782c5 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5VkcAf__VfTECYjxR1zEjzEeUqVCOpmy-ToMC2oDpihFBDApkF8YSBcGEFkDfjNL2dpJ0UkZxupvRNtyeNT3I-AyHNENAwb2_-DZOzGTlUQhzKcFMf65SiWoFSAE7eERvRg56uYB2WYqJiFCyof5l6Ujg7_TfkOu8WyD8wBDc7sMz5db5AsNDucIwFkZC3Wv7YQcOYnOMgB2ZRVWzf__aR6mJjrA&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=3b23377149f960fd HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7hWBNHMulugtwoVWu7X763ky27tPptOgTfOFgi0ix1mEsIbU1bV0fMrExjgEe-XsEDkSQQ-scQizQ4ie4ZKTRVXCMEJg7q5bRV1gkwixSdbl21ToeD4P9mpA7Laa8XaFr4zFrMcnN40ikXzItuICvb2_osnQeehe4--t1C7gr2i6nMa9QSddKi7xInP1h-SiEKj2cy6oKqzHeLl4B_GLV50U1Rqg&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=bda71fdb839543f2 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5VkcAf__VfTECYjxR1zEjzEeUqVCOpmy-ToMC2oDpihFBDApkF8YSBcGEFkDfjNL2dpJ0UkZxupvRNtyeNT3I-AyHNENAwb2_-DZOzGTlUQhzKcFMf65SiWoFSAE7eERvRg56uYB2WYqJiFCyof5l6Ujg7_TfkOu8WyD8wBDc7sMz5db5AsNDucIwFkZC3Wv7YQcOYnOMgB2ZRVWzf__aR6mJjrA&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=3b23377149f960fd HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7hWBNHMulugtwoVWu7X763ky27tPptOgTfOFgi0ix1mEsIbU1bV0fMrExjgEe-XsEDkSQQ-scQizQ4ie4ZKTRVXCMEJg7q5bRV1gkwixSdbl21ToeD4P9mpA7Laa8XaFr4zFrMcnN40ikXzItuICvb2_osnQeehe4--t1C7gr2i6nMa9QSddKi7xInP1h-SiEKj2cy6oKqzHeLl4B_GLV50U1Rqg&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=bda71fdb839543f2 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5i8qwOuZB2iEwQDIdMHHWCLx-DuxUkeqApRjcEcwOaom8dbnwlDBi1LlrOXwLH5TEg1nTW6DY2EP82MHHV_XtkT-xVrmmSi4TaBKCqrmS785OToDqZC8eHMnTJ0gBeLGZ-3VLhLefrMu_iOeAskLfzs-v_AMWbEnd86JjsFN5vRmcIAtKhS2jJI5Ksj3hLyAIddd9_O15f6l1Uupsya2vGXfDoAQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=3cc9e5c0b37478a1 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AFAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5i8qwOuZB2iEwQDIdMHHWCLx-DuxUkeqApRjcEcwOaom8dbnwlDBi1LlrOXwLH5TEg1nTW6DY2EP82MHHV_XtkT-xVrmmSi4TaBKCqrmS785OToDqZC8eHMnTJ0gBeLGZ-3VLhLefrMu_iOeAskLfzs-v_AMWbEnd86JjsFN5vRmcIAtKhS2jJI5Ksj3hLyAIddd9_O15f6l1Uupsya2vGXfDoAQ&k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF&id=3cc9e5c0b37478a1 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/userverify?k=6LfT61wqAAAAAOLaMTaK9Ln8bjdWJ8-ahQ3zE9AF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ANOXeZyZWgCKLdw5-kFS0gUANBm5Va1EN26B9hfC56KI4QhhLjdW5njibFBDQAH_dwZx17Q4rEBsJMB-Ste7v8o
Source: global traffic	HTTP traffic detected: GET /qdpjrzhatduxxtuetbpHeUBGVUCFBHGNDJGJTMHXFMZFJYWFCBGLPUJYUAPTPOGHOIQ HTTP/1.1Host: hib4k6i4e0wuyxupagrlur637pll4b5cys71i1hba1alaqpyfije.unimpociarp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://usqe.bin4tgla.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://usqe.bin4tgla.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /qdpjrzhatduxxtuetbpHeUBGVUCFBHGNDJGJTMHXFMZFJYWFCBGLPUJYUAPTPOGHOIQ HTTP/1.1Host: hib4k6i4e0wuyxupagrlur637pll4b5cys71i1hba1alaqpyfije.unimpociarp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=C0137F6A52DEAFCC0A490D4C%40AdobeOrg&d_nsid=0&ts=1730229081200 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://www.asos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.asos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=C0137F6A52DEAFCC0A490D4C%40AdobeOrg&d_nsid=0&ts=1730229081200 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://www.asos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.asos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=92169019881272936840057734661199256896
Source: global traffic	HTTP traffic detected: GET /id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=C0137F6A52DEAFCC0A490D4C%40AdobeOrg&d_nsid=0&ts=1730229081200 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=92169019881272936840057734661199256896
Source: global traffic	HTTP traffic detected: GET /dest5.html?d_nsid=undefined HTTP/1.1Host: asos.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.asos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=92169019881272936840057734661199256896
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=C0137F6A52DEAFCC0A490D4C%40AdobeOrg&mid=91889772507628273200045547028246444940&ts=1730229083403 HTTP/1.1Host: metrics.asos.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://www.asos.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.asos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: geocountry=US; _abck=14F88662DEAECFC12E5FBD09ED921080~-1~YAAQF/AQAs2QNNOSAQAATIew2QwLKpeecCv+v97MlQZhNB4zNJSrIoxbm41VbKTvv+RzKaSqjUqjvvAM63+avI+Pn+4ye0Up0agJfaW5eNR5+6jzr6ljrC0nrcotLSItqPr8I/QAyO1lnlbqO+ZhX8m5eovDNNS1xAp3takJjXCYswpl3hSR7m/i5otKqh7EIO4457xlWDiLDU4ruUPb6FFDcpjs9FrLl6wBlkCIGS71bVHyBgxXvPoddb5LXtxnB65mK92UpcAN9NnzYofW7ai8Yd88uu/vHdRtPPpGBzBYzBi4VpqUD+Sam5jhEi7zFt8ogiF8MdjeLoArVUyeMRkqVYYZK5/K5cUfURpI/WUbNZ2tUnuxJjZ4z2HK+eIhEjV7cCoFQ/bPc0XzcP4ngMameIhby/fyxWua~-1~-1~-1; bm_sz=C6560B727C2E1BF7EC11CF61B16D1E2E~YAAQF/AQAs6QNNOSAQAATIew2RkiZ/ZFgWnTEcjtF1YaHy4fTiDqA4YcAxn5LnPjd6nAu6Q8tI4u6cQ8aUQpwDx52fWnmHn7LhdnQYo16QT3VxROCl0UacXgIO6TElARdeB3WlPOPtcSTCqfZiioRMdAPSc/e7pRvfJ8Gn5PQfQTKJKIbExIKndW3WhD8WYCqneLiW+SD6digNqWAZXhXB39PnjIiLQZtCsOLnFIPAJpTXop0cW+dff89Q24Q/es+IM8boOQqu3n7toc0jHhG0aXEHo2SHvvOdsVLISJ6tZimh2dhEwu/aI6e0gvNy5uv0WlhzhgynlnlV2lvgg9acPb+jW1f7KuRTVGjhVyV+HGMnJTJj8kAaCzzjv0H0X3Doo=~4404018~4337977; s_pers=%20eVar225%3D1%7C1730230881209%3B%20s_vnum%3D1730433600214%2526vn%253D1%7C1730433600214%3B%20s_invisit%3Dtrue%7C1730230881214%3B%20visitCount%3D1%7C1730230881217%3B; RT="z=1&dm=asos.com&si=6d56e97d-38ce-4cc7-9878-1f9d780233d1&ss=m2utpuu0&sl=0&tt=0&bcn=%2F%2F684dd32e.akstat.io%2F"; AMCVS_C0137F6A52DEAFCC0A490D4C%40AdobeOrg=1; AMCV_C0137F6A52DEAFCC0A490D4C%40AdobeOrg=-1303530583%7CMCMID%7C91889772507628273200045547028246444940%7CMCAAMLH-1730833883%7C6%7CMCAAMB-1730833883%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1730236283s%7CNONE%7CvVersion%7C3.3.0
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=C0137F6A52DEAFCC0A490D4C%40AdobeOrg&mid=91889772507628273200045547028246444940&ts=1730229083403 HTTP/1.1Host: metrics.asos.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: geocountry=US; _abck=14F88662DEAECFC12E5FBD09ED921080~-1~YAAQF/AQAs2QNNOSAQAATIew2QwLKpeecCv+v97MlQZhNB4zNJSrIoxbm41VbKTvv+RzKaSqjUqjvvAM63+avI+Pn+4ye0Up0agJfaW5eNR5+6jzr6ljrC0nrcotLSItqPr8I/QAyO1lnlbqO+ZhX8m5eovDNNS1xAp3takJjXCYswpl3hSR7m/i5otKqh7EIO4457xlWDiLDU4ruUPb6FFDcpjs9FrLl6wBlkCIGS71bVHyBgxXvPoddb5LXtxnB65mK92UpcAN9NnzYofW7ai8Yd88uu/vHdRtPPpGBzBYzBi4VpqUD+Sam5jhEi7zFt8ogiF8MdjeLoArVUyeMRkqVYYZK5/K5cUfURpI/WUbNZ2tUnuxJjZ4z2HK+eIhEjV7cCoFQ/bPc0XzcP4ngMameIhby/fyxWua~-1~-1~-1; bm_sz=C6560B727C2E1BF7EC11CF61B16D1E2E~YAAQF/AQAs6QNNOSAQAATIew2RkiZ/ZFgWnTEcjtF1YaHy4fTiDqA4YcAxn5LnPjd6nAu6Q8tI4u6cQ8aUQpwDx52fWnmHn7LhdnQYo16QT3VxROCl0UacXgIO6TElARdeB3WlPOPtcSTCqfZiioRMdAPSc/e7pRvfJ8Gn5PQfQTKJKIbExIKndW3WhD8WYCqneLiW+SD6digNqWAZXhXB39PnjIiLQZtCsOLnFIPAJpTXop0cW+dff89Q24Q/es+IM8boOQqu3n7toc0jHhG0aXEHo2SHvvOdsVLISJ6tZimh2dhEwu/aI6e0gvNy5uv0WlhzhgynlnlV2lvgg9acPb+jW1f7KuRTVGjhVyV+HGMnJTJj8kAaCzzjv0H0X3Doo=~4404018~4337977; s_pers=%20eVar225%3D1%7C1730230881209%3B%20s_vnum%3D1730433600214%2526vn%253D1%7C1730433600214%3B%20s_invisit%3Dtrue%7C1730230881214%3B%20visitCount%3D1%7C1730230881217%3B; RT="z=1&dm=asos.com&si=6d56e97d-38ce-4cc7-9878-1f9d780233d1&ss=m2utpuu0&sl=0&tt=0&bcn=%2F%2F684dd32e.akstat.io%2F"; AMCVS_C0137F6A52DEAFCC0A490D4C%40AdobeOrg=1; s_ecid=MCMID%7C91889772507628273200045547028246444940; AMCV_C0137F6A52DEAFCC0A490D4C%40AdobeOrg=-1303530583%7CMCMID%7C91889772507628273200045547028246444940%7CMCAAMLH-1730833883%7C6%7CMCAAMB-1730833883%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1730236283s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C3.3.0
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=3.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=C0137F6A52DEAFCC0A490D4C%40AdobeOrg&d_nsid=0&d_mid=91889772507628273200045547028246444940&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&ts=1730229084675 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://www.asos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.asos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=92169019881272936840057734661199256896
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=3.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=C0137F6A52DEAFCC0A490D4C%40AdobeOrg&d_nsid=0&d_mid=91889772507628273200045547028246444940&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&ts=1730229084675 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=92169019881272936840057734661199256896
Source: global traffic	HTTP traffic detected: GET /js/19181552552.js HTTP/1.1Host: cdn.optimizely.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.asos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=411&dpuuid=ZyEzYwAAANsMEgN- HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.asos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=92169019881272936840057734661199256896
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=411&dpuuid=ZyEzYwAAANsMEgN- HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=92169019881272936840057734661199256896; dpm=92169019881272936840057734661199256896
Source: global traffic	HTTP traffic detected: GET /js/19181552552.js HTTP/1.1Host: cdn.optimizely.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_storage/a19065870423.html HTTP/1.1Host: a19065870423.cdn.optimizely.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.asos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1Host: static.cloudflareinsights.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://a19065870423.cdn.optimizely.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://a19065870423.cdn.optimizely.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1Host: static.cloudflareinsights.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /b/ss/asoscomprod/1/JS-2.1.0/s62048325749810?AQB=1&ndh=1&pf=1&t=29%2F9%2F2024%2015%3A11%3A26%202%20240&mid=91889772507628273200045547028246444940&aamlh=6&ce=UTF-8&ns=asos&pageName=desktop%20com%7Chome%20page%7Chome&g=https%3A%2F%2Fwww.asos.com%2F&r=https%3A%2F%2Fusqe.bin4tgla.com%2F&ch=home%20page%20&server=desktop%20com&events=event128%3D-1730229075288%2Cevent121%2Cevent79&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=home&v1=1&c2=home&c3=home&c5=2024-10-29T19%3A11%3A26.738Z&v6=home&c8=home&c11=https%3A%2F%2Fwww.asos.com%2F&v17=New&v19=1280%3A907&v29=1582&v30=-1730229075288&c39=mw%20brand%201%2Cmw%20brand%202%2Cmw%20brand%203%2Cmw%20brand%204%2Cww%20brand%201%2Cww%20brand%202%2Cww%20brand%203%2Cww%20brand%204%2Cshop%20mw%20brands%20cta%2Cshop%20ww%20brands%20cta%2Cfeature%201%2Cfeature%202%2Cfeature%203%2Cfeature%204%2Chero%2Cthe%20biggest%20labels%20title%2Cwomens%20categories%20title%2Cww%20uk%20seo%20links%2Cmens%20categories%20title%2Cmw%20uk%20seo%20links%2C&v60=home&v61=home&v112=gb&v113=gbp&v137=26f843c4e1bf4d7f97df8b22e4336f2c&v225=1&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=907&mcorgid=C0137F6A52DEAFCC0A490D4C%40AdobeOrg&AQE=1 HTTP/1.1Host: metrics.asos.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.asos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: geocountry=US; bm_sz=C6560B727C2E1BF7EC11CF61B16D1E2E~YAAQF/AQAs6QNNOSAQAATIew2RkiZ/ZFgWnTEcjtF1YaHy4fTiDqA4YcAxn5LnPjd6nAu6Q8tI4u6cQ8aUQpwDx52fWnmHn7LhdnQYo16QT3VxROCl0UacXgIO6TElARdeB3WlPOPtcSTCqfZiioRMdAPSc/e7pRvfJ8Gn5PQfQTKJKIbExIKndW3WhD8WYCqneLiW+SD6digNqWAZXhXB39PnjIiLQZtCsOLnFIPAJpTXop0cW+dff89Q24Q/es+IM8boOQqu3n7toc0jHhG0aXEHo2SHvvOdsVLISJ6tZimh2dhEwu/aI6e0gvNy5uv0WlhzhgynlnlV2lvgg9acPb+jW1f7KuRTVGjhVyV+HGMnJTJj8kAaCzzjv0H0X3Doo=~4404018~4337977; RT="z=1&dm=asos.com&si=6d56e97d-38ce-4cc7-9878-1f9d780233d1&ss=m2utpuu0&sl=0&tt=0&bcn=%2F%2F684dd32e.akstat.io%2F"; AMCVS_C0137F6A52DEAFCC0A490D4C%40AdobeOrg=1; s_ecid=MCMID%7C91889772507628273200045547028246444940; keyStoreDataversion=mhabj1f-41; browseCountry=GB; asos-anon12=0192d9b0a9fe75a9922bdd86c9628202; asos-ts121=0192d9b0-a9ff-7a0e-a7ac-a1c084ca85f2; s_pers=%20eVar225%3D1%7C1730230881209%3B%20s_vnum%3D1730433600214%2526vn%253D1%7C1730433600214%3B%20visitCount%3D1%7C1730230881217%3B%20s_invisit%3Dtrue%7C1730230886728%3B%20s_nr%3D1730229086730-New%7C1761765086730%3B%20gpv_p10%3Ddesktop%2520com%257Chome%2520page%257Chome%7C1730230886731%3B%20gpv_p6%3D%2520%7C1730230886734%3B%20gpv_e47%3Dhome%7C1730230886735%3B; _s_fpv=true; s_cc=true; featuresId=9d59d24d-b5c1-4a98-84e1-ca138ab682
Source: global traffic	HTTP traffic detected: GET /b/ss/asoscomprod/1/JS-2.1.0/s62048325749810?AQB=1&ndh=1&pf=1&t=29%2F9%2F2024%2015%3A11%3A26%202%20240&mid=91889772507628273200045547028246444940&aamlh=6&ce=UTF-8&ns=asos&pageName=desktop%20com%7Chome%20page%7Chome&g=https%3A%2F%2Fwww.asos.com%2F&r=https%3A%2F%2Fusqe.bin4tgla.com%2F&ch=home%20page%20&server=desktop%20com&events=event128%3D-1730229075288%2Cevent121%2Cevent79&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=home&v1=1&c2=home&c3=home&c5=2024-10-29T19%3A11%3A26.738Z&v6=home&c8=home&c11=https%3A%2F%2Fwww.asos.com%2F&v17=New&v19=1280%3A907&v29=1582&v30=-1730229075288&c39=mw%20brand%201%2Cmw%20brand%202%2Cmw%20brand%203%2Cmw%20brand%204%2Cww%20brand%201%2Cww%20brand%202%2Cww%20brand%203%2Cww%20brand%204%2Cshop%20mw%20brands%20cta%2Cshop%20ww%20brands%20cta%2Cfeature%201%2Cfeature%202%2Cfeature%203%2Cfeature%204%2Chero%2Cthe%20biggest%20labels%20title%2Cwomens%20categories%20title%2Cww%20uk%20seo%20links%2Cmens%20categories%20title%2Cmw%20uk%20seo%20links%2C&v60=home&v61=home&v112=gb&v113=gbp&v137=26f843c4e1bf4d7f97df8b22e4336f2c&v225=1&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=907&mcorgid=C0137F6A52DEAFCC0A490D4C%40AdobeOrg&AQE=1 HTTP/1.1Host: metrics.asos.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: geocountry=US; bm_sz=C6560B727C2E1BF7EC11CF61B16D1E2E~YAAQF/AQAs6QNNOSAQAATIew2RkiZ/ZFgWnTEcjtF1YaHy4fTiDqA4YcAxn5LnPjd6nAu6Q8tI4u6cQ8aUQpwDx52fWnmHn7LhdnQYo16QT3VxROCl0UacXgIO6TElARdeB3WlPOPtcSTCqfZiioRMdAPSc/e7pRvfJ8Gn5PQfQTKJKIbExIKndW3WhD8WYCqneLiW+SD6digNqWAZXhXB39PnjIiLQZtCsOLnFIPAJpTXop0cW+dff89Q24Q/es+IM8boOQqu3n7toc0jHhG0aXEHo2SHvvOdsVLISJ6tZimh2dhEwu/aI6e0gvNy5uv0WlhzhgynlnlV2lvgg9acPb+jW1f7KuRTVGjhVyV+HGMnJTJj8kAaCzzjv0H0X3Doo=~4404018~4337977; RT="z=1&dm=asos.com&si=6d56e97d-38ce-4cc7-9878-1f9d780233d1&ss=m2utpuu0&sl=0&tt=0&bcn=%2F%2F684dd32e.akstat.io%2F"; AMCVS_C0137F6A52DEAFCC0A490D4C%40AdobeOrg=1; s_ecid=MCMID%7C91889772507628273200045547028246444940; keyStoreDataversion=mhabj1f-41; browseCountry=GB; asos-anon12=0192d9b0a9fe75a9922bdd86c9628202; asos-ts121=0192d9b0-a9ff-7a0e-a7ac-a1c084ca85f2; s_pers=%20eVar225%3D1%7C1730230881209%3B%20s_vnum%3D1730433600214%2526vn%253D1%7C1730433600214%3B%20visitCount%3D1%7C1730230881217%3B%20s_invisit%3Dtrue%7C1730230886728%3B%20s_nr%3D1730229086730-New%7C1761765086730%3B%20gpv_p10%3Ddesktop%2520com%257Chome%2520page%257Chome%7C1730230886731%3B%20gpv_p6%3D%2520%7C1730230886734%3B%20gpv_e47%3Dhome%7C1730230886735%3B; _s_fpv=true; s_cc=true; featuresId=9d59d24d-b5c1-4a98-84e1-ca138ab682e4; asos-b-sdv629=mhabj1f-41; _abck=14F88662DEAECFC12E5FBD09ED921080~-1~YAAQF/AQAmGWNNOSAQAA7Law2Qw0n0/eBYMu+9SwCtiwrex9C7d7XKlT9/WcsrIn0AfDWKxLXOTFu82eEr1EQhHcOr+oNn5TW+QTvjLe4x+YZwOtdoO44atenSB+Yl0rA/zRr2Iyx7z/z3VQWAVPiahmD1878VN

Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: "https://www.facebook.com/ASOS", equals www.facebook.com (Facebook)
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: "sameAs" : [ "https://www.youtube.com/asos", equals www.youtube.com (Youtube)
Source: chromecache_246.1.dr, chromecache_303.1.dr, chromecache_300.1.dr	String found in binary or memory: return b}lD.F="internal.enableAutoEventOnTimer";var Yb=ka(["data-gtm-yt-inspected-"]),nD=["www.youtube.com","www.youtube-nocookie.com"],oD,pD=!1; equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: dartergary.wordpress.com
Source: global traffic	DNS traffic detected: DNS query: s0.wp.com
Source: global traffic	DNS traffic detected: DNS query: s1.wp.com
Source: global traffic	DNS traffic detected: DNS query: s2.wp.com
Source: global traffic	DNS traffic detected: DNS query: fqr44.wordpress.com
Source: global traffic	DNS traffic detected: DNS query: 0.gravatar.com
Source: global traffic	DNS traffic detected: DNS query: stats.wp.com
Source: global traffic	DNS traffic detected: DNS query: fonts.wp.com
Source: global traffic	DNS traffic detected: DNS query: pixel.wp.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: usqe.bin4tgla.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: hib4k6i4e0wuyxupagrlur637pll4b5cys71i1hba1alaqpyfije.unimpociarp.com
Source: global traffic	DNS traffic detected: DNS query: www.asos.com
Source: global traffic	DNS traffic detected: DNS query: content.asos-media.com
Source: global traffic	DNS traffic detected: DNS query: images.asos-media.com
Source: global traffic	DNS traffic detected: DNS query: www.asos-video.com
Source: global traffic	DNS traffic detected: DNS query: assets.asosservices.com
Source: global traffic	DNS traffic detected: DNS query: cdn.optimizely.com
Source: global traffic	DNS traffic detected: DNS query: my.asos.com
Source: global traffic	DNS traffic detected: DNS query: ci.asosservices.com
Source: global traffic	DNS traffic detected: DNS query: res.cloudinary.com
Source: global traffic	DNS traffic detected: DNS query: s2.go-mpulse.net
Source: global traffic	DNS traffic detected: DNS query: dpm.demdex.net
Source: global traffic	DNS traffic detected: DNS query: c.go-mpulse.net
Source: global traffic	DNS traffic detected: DNS query: creativeassets.asosservices.com
Source: global traffic	DNS traffic detected: DNS query: resources.asosservices.com
Source: global traffic	DNS traffic detected: DNS query: asos.demdex.net
Source: global traffic	DNS traffic detected: DNS query: metrics.asos.com
Source: global traffic	DNS traffic detected: DNS query: reporting.go-mpulse.net
Source: global traffic	DNS traffic detected: DNS query: www.asosglobal.com
Source: global traffic	DNS traffic detected: DNS query: cm.everesttech.net
Source: global traffic	DNS traffic detected: DNS query: a19065870423.cdn.optimizely.com
Source: global traffic	DNS traffic detected: DNS query: static.cloudflareinsights.com
Source: global traffic	DNS traffic detected: DNS query: logx.optimizely.com

Source: unknown

Source: global traffic

Source: chromecache_249.1.dr	String found in binary or memory: http://a9.com/-/spec/opensearch/1.1/
Source: chromecache_185.1.dr	String found in binary or memory: http://schema.org
Source: chromecache_249.1.dr	String found in binary or memory: http://www.mozilla.org/2006/browser/search/
Source: chromecache_300.1.dr	String found in binary or memory: https://ad.doubleclick.net
Source: chromecache_300.1.dr	String found in binary or memory: https://ade.googlesyndication.com
Source: chromecache_300.1.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://app.optimizely.com/js/innie.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com
Source: chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/asos-ui/manifest/windowManifest.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/asos-ui/sdk/bag-sdk-9.0.0.min.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/asos-ui/sdk/saved-items-sdk.iife.48b6fe50.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/asos-ui/web-request/browser.es5.defc2d72.js
Source: chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/fonts/futura-pt/LICENSE.txt
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/fonts/futura-pt/bold.11074381.woff2
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/fonts/futura-pt/bold.11074381.woff2)
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/fonts/futura-pt/book.1bb391ee.woff2
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/fonts/futura-pt/book.1bb391ee.woff2)
Source: chromecache_191.1.dr	String found in binary or memory: https://assets.asosservices.com/fonts/futura-pt/creative.1fc777b4.woff2)
Source: chromecache_191.1.dr	String found in binary or memory: https://assets.asosservices.com/fonts/futura-pt/creativeBold.1f9423cd.woff2)
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://assets.asosservices.com/productpg/pdp.spritesheet-195ad2bf.svg)
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/shared/jquery.742e47af.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/shared/require.7c30e08a.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/shared/uuid.76892287.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/client.newrelicclient.b259fc7924b4379328f1.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/client.sitechrome.b41df99c18eb4328a7b6.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/client.sitechrome.deferred.13c30ac023f768c61047.
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/client.sitechrome.deferred.1897f5341c56d1e99fd5.
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/client.sitechrome.styles.5e1a24317184f1ea8c00.cs
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/client.sitechrome.styles.b9d17db11b52ff8009cc.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/cookieScript.2d2fd467.inlined.js.map
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/newRelicSettingsScript.7ad45646.inlined.js.map
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/nonCriticalStylesheetLoader.2c3638e0.inlined.js.
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/oneTrust/13.0.0-6ca9c0c7-69/scripttemplates/otSD
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/palette.8d34b5bdde.css.map
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/translations.251ba614b8a464ef71b8.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/vendors.7066a9f385c04a3ae6f5.css
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/sitechromepublisher/vendors.d80e45b3529c947b8d3f.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://assets.asosservices.com/storesa/images/flags/gb.png
Source: chromecache_246.1.dr, chromecache_303.1.dr, chromecache_300.1.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://cdn-assets-prod.s3.amazonaws.com/js/preview2/19181552552.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://cdn.optimizely.com
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://ci.asosservices.com
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://ci.asosservices.com/core/shared-libs-4.0.15.min.js
Source: chromecache_274.1.dr, chromecache_221.1.dr, chromecache_325.1.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_274.1.dr, chromecache_221.1.dr, chromecache_325.1.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_246.1.dr, chromecache_303.1.dr	String found in binary or memory: https://connect.facebook.net/en_US/fbevents.js
Source: chromecache_185.1.dr	String found in binary or memory: https://content.asos-media.com/-/media/homepages/unisex/generic-hp/june-2024/eng-speaking/titles/202
Source: chromecache_185.1.dr	String found in binary or memory: https://content.asos-media.com/-/media/homepages/unisex/generic-hp/oct-2024/28-brands-update/mw/prom
Source: chromecache_185.1.dr	String found in binary or memory: https://content.asos-media.com/-/media/homepages/unisex/generic-hp/oct-2024/28-brands-update/ww/prom
Source: chromecache_185.1.dr	String found in binary or memory: https://content.asos-media.com/-/media/homepages/unisex/generic-hp/oct-2024/28-uk-brand-campaign/pro
Source: chromecache_185.1.dr	String found in binary or memory: https://content.asos-media.com/-/media/homepages/unisex/generic-hp/oct-2024/28-uk-brand-campaign/ref
Source: chromecache_185.1.dr	String found in binary or memory: https://content.asos-media.com/-/media/images/asos/logo/icon_svg.svg
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://creativeassets.asosservices.com/js/cx-nrelic.js
Source: chromecache_299.1.dr, chromecache_249.1.dr	String found in binary or memory: https://dartergary.wordpress.com
Source: chromecache_299.1.dr	String found in binary or memory: https://dartergary.wordpress.com/
Source: chromecache_249.1.dr	String found in binary or memory: https://dartergary.wordpress.com/?s=
Source: chromecache_299.1.dr	String found in binary or memory: https://dartergary.wordpress.com/comments/feed/
Source: chromecache_249.1.dr	String found in binary or memory: https://dartergary.wordpress.com/favicon.ico
Source: chromecache_299.1.dr	String found in binary or memory: https://dartergary.wordpress.com/feed/
Source: chromecache_299.1.dr, chromecache_249.1.dr	String found in binary or memory: https://dartergary.wordpress.com/osd.xml
Source: chromecache_299.1.dr	String found in binary or memory: https://dartergary.wordpress.com/wp-admin/site-editor.php?postType=wp_template&postId=pub/twent
Source: chromecache_299.1.dr	String found in binary or memory: https://dartergary.wordpress.com/xmlrpc.php?rsd
Source: chromecache_274.1.dr, chromecache_221.1.dr, chromecache_325.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_274.1.dr, chromecache_221.1.dr, chromecache_325.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_274.1.dr, chromecache_221.1.dr, chromecache_325.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_299.1.dr	String found in binary or memory: https://fonts.wp.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuBWYMZ1rib2Bg-4.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://fonts.wp.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyYMZ1rib2Bg-4.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://fonts.wp.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyfMZ1rib2Bg-4.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://fonts.wp.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuFuYMZ1rib2Bg-4.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://fonts.wp.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYMZ1rib2Bg-4.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://fonts.wp.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuI6fMZ1rib2Bg-4.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://fonts.wp.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyeMZ1rib2Bg-4.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://fonts.wp.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfMZ1rib2Bg-4.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://fonts.wp.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuOKfMZ1rib2Bg-4.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://fqr44.wordpress.com/wp-content/uploads/2024/09/pdf-image.png?w=204
Source: chromecache_264.1.dr, chromecache_240.1.dr	String found in binary or memory: https://github.com/uuidjs/uuid#getrandomvalues-not-supported
Source: chromecache_300.1.dr	String found in binary or memory: https://google.com
Source: chromecache_300.1.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://images.asos-media.com
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://marketplace.asos.com
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://my.asos.com
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://my.asos.com/identity/register?ctaref=hp
Source: chromecache_300.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_246.1.dr, chromecache_303.1.dr, chromecache_300.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_299.1.dr	String found in binary or memory: https://pixel.wp.com/b.gif?v=noscript
Source: chromecache_325.1.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_249.1.dr	String found in binary or memory: https://s-ssl.wordpress.com/i/logo/gray-white-transparent-64.png
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://s.go-mpulse.net/boomerang/
Source: chromecache_246.1.dr, chromecache_303.1.dr	String found in binary or memory: https://s.pinimg.com/ct/core.js
Source: chromecache_299.1.dr	String found in binary or memory: https://s0.wp.com/_static/??/wp-content/js/rlt-proxy.js
Source: chromecache_299.1.dr	String found in binary or memory: https://s0.wp.com/i/blank.jpg
Source: chromecache_299.1.dr	String found in binary or memory: https://s0.wp.com/wp-content/blog-plugins/marketing-bar/css/marketing-bar.css?m=1729529312i&cssminif
Source: chromecache_299.1.dr	String found in binary or memory: https://s0.wp.com/wp-content/mu-plugins/actionbar/actionbar.css?v=20241015
Source: chromecache_299.1.dr	String found in binary or memory: https://s0.wp.com/wp-content/mu-plugins/actionbar/actionbar.js?v=20231122
Source: chromecache_299.1.dr	String found in binary or memory: https://s1.wp.com/_static/??-eJzTLy/QTc7PK0nNK9HPLdUtyClNz8wr1i9KTcrJTwcy0/WTi5G5ekCujj52Temp
Source: chromecache_299.1.dr	String found in binary or memory: https://s1.wp.com/_static/??/wp-content/mu-plugins/core-compat/wp-mediaelement.css
Source: chromecache_299.1.dr	String found in binary or memory: https://s1.wp.com/i/favicon.ico
Source: chromecache_299.1.dr	String found in binary or memory: https://s1.wp.com/opensearch.xml
Source: chromecache_299.1.dr	String found in binary or memory: https://s1.wp.com/wp-content/js/mobile-useragent-info.js?m=1609849039i
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://s2.go-mpulse.net/boomerang/
Source: chromecache_299.1.dr	String found in binary or memory: https://s2.wp.com/i/logo/wpcom-gray-white.png
Source: chromecache_299.1.dr	String found in binary or memory: https://s2.wp.com/i/webclip.png
Source: chromecache_299.1.dr	String found in binary or memory: https://s2.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240i
Source: chromecache_299.1.dr	String found in binary or memory: https://s2.wp.com/wp-content/themes/h4/global.css?m=1420737423i&cssminify=yes
Source: chromecache_299.1.dr	String found in binary or memory: https://s2.wp.com/wp-content/themes/pub/twentytwentyfour/assets/fonts/cardo/cardo_italic_400.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://s2.wp.com/wp-content/themes/pub/twentytwentyfour/assets/fonts/cardo/cardo_normal_400.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://s2.wp.com/wp-content/themes/pub/twentytwentyfour/assets/fonts/cardo/cardo_normal_700.woff2
Source: chromecache_299.1.dr	String found in binary or memory: https://s2.wp.com/wp-content/themes/pub/twentytwentyfour/assets/fonts/inter/Inter-VariableFont_slnt
Source: chromecache_246.1.dr, chromecache_303.1.dr	String found in binary or memory: https://sc-static.net/scevent.min.js
Source: chromecache_185.1.dr	String found in binary or memory: https://secure.asos.com/
Source: chromecache_294.1.dr	String found in binary or memory: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Source: chromecache_299.1.dr	String found in binary or memory: https://subscribe.wordpress.com
Source: chromecache_299.1.dr	String found in binary or memory: https://subscribe.wordpress.com/
Source: chromecache_325.1.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_274.1.dr, chromecache_221.1.dr, chromecache_325.1.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_274.1.dr, chromecache_221.1.dr, chromecache_325.1.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_274.1.dr, chromecache_221.1.dr, chromecache_325.1.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_246.1.dr, chromecache_303.1.dr, chromecache_300.1.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://twitter.com/ASOS
Source: chromecache_142.1.dr, chromecache_299.1.dr	String found in binary or memory: https://uSqe.bin4tgla.com/fpI2Ggql/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://uk.pinterest.com/asos/
Source: chromecache_299.1.dr	String found in binary or memory: https://wordpress.com/abuse/?report_url=https://dartergary.wordpress.com
Source: chromecache_299.1.dr	String found in binary or memory: https://wordpress.com/log-in?redirect_to=https%3A%2F%2Fdartergary.wordpress.com%2F2024%2F10%2F29%2Fh
Source: chromecache_299.1.dr	String found in binary or memory: https://wordpress.com/post
Source: chromecache_299.1.dr	String found in binary or memory: https://wordpress.com/read/feeds/163712490
Source: chromecache_299.1.dr	String found in binary or memory: https://wordpress.com/start/
Source: chromecache_299.1.dr	String found in binary or memory: https://wordpress.com/start/?ref=marketing_bar
Source: chromecache_299.1.dr	String found in binary or memory: https://wp.me/g8Jvj
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com
Source: chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/accessibility/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/api
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/assets/uilib/content-ui-library-5.0.0-c2f7f9fe-40.css
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/assets/uilib/content-ui-library-5.0.0-c2f7f9fe-40.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/au/
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://www.asos.com/customer-care/product-stock/how-are-products-ranked-on-asos/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/de/
Source: chromecache_141.1.dr, chromecache_190.1.dr	String found in binary or memory: https://www.asos.com/de/entdecken/impressum/
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://www.asos.com/de/kundenservice/produkte-bestand/wie-werden-artikel-auf-asos-aufgelistet/
Source: chromecache_141.1.dr, chromecache_190.1.dr	String found in binary or memory: https://www.asos.com/discover/asos-details/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/discover/our-apps/?ctaref=hp
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/dk/
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://www.asos.com/dk/kundeservice/produkt-lager/hvordan-er-produkter-rangeret-hos-asos/
Source: chromecache_141.1.dr, chromecache_190.1.dr	String found in binary or memory: https://www.asos.com/dk/udforsk/asos-details/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/es/
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://www.asos.com/es/atencion-al-cliente/producto-stock/como-estan-ordenados-los-productos-en-aso
Source: chromecache_141.1.dr, chromecache_190.1.dr	String found in binary or memory: https://www.asos.com/es/descubre/asos-details/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/fr/
Source: chromecache_141.1.dr, chromecache_190.1.dr	String found in binary or memory: https://www.asos.com/fr/decouvrez/asos-details/
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://www.asos.com/fr/service-client/produits-stocks/comment-les-produits-sontils-class
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/it/
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://www.asos.com/it/assistenza-clienti/prodotti-disponibilita/come-vengono-classificati-i-prodot
Source: chromecache_141.1.dr, chromecache_190.1.dr	String found in binary or memory: https://www.asos.com/it/scopri/asos-details/
Source: chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/men/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/men/sale/ctas/price-point-2/cat/?cid=51241#nlid=mw
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/men/sale/ctas/price-point-3/cat/?cid=51242#nlid=mw
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/men/sale/ctas/price-point-4/cat/?cid=51243#nlid=mw
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/nl/
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://www.asos.com/nl/klantenservice/artikelen-voorraad/hoe-worden-artikelen-gerangschikt-op-asos/
Source: chromecache_141.1.dr, chromecache_190.1.dr	String found in binary or memory: https://www.asos.com/nl/ontdek/asos-details/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/payments-and-deliveries/premier-delivery/?ctaref=hp
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/payments-and-deliveries/returns/?country=gb&ctaref=hp
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/pl/
Source: chromecache_141.1.dr, chromecache_190.1.dr	String found in binary or memory: https://www.asos.com/pl/odkryj/asos-details/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/privacy-policy/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/se/
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://www.asos.com/se/kundservice/varor-lagerstatus/hur-rankas-produkterna-pa-asos/
Source: chromecache_141.1.dr, chromecache_190.1.dr	String found in binary or memory: https://www.asos.com/se/upptack/asos-details/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/search/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/terms-and-conditions/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/us/
Source: chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/women/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/women/sale/ctas/price-point-2/cat/?cid=51237#nlid=ww
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/women/sale/ctas/price-point-3/cat/?cid=51238#nlid=ww
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.asos.com/women/sale/ctas/price-point-4/cat/?cid=51239#nlid=ww
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://www.asos.jp/ja-jp/?utm_source=https://asos.com&utm_medium=redirect&ctaref=globalbanner
Source: chromecache_270.1.dr, chromecache_317.1.dr	String found in binary or memory: https://www.asos.kr/ko-kr/?utm_source=https://asos.com&utm_medium=redirect&ctaref=globalbanner
Source: chromecache_300.1.dr	String found in binary or memory: https://www.google.com
Source: chromecache_274.1.dr, chromecache_186.1.dr, chromecache_221.1.dr, chromecache_316.1.dr, chromecache_325.1.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_300.1.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_300.1.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_246.1.dr, chromecache_303.1.dr, chromecache_300.1.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_300.1.dr	String found in binary or memory: https://www.googletagmanager.com/dclk/ns/v1.js
Source: chromecache_246.1.dr, chromecache_303.1.dr, chromecache_300.1.dr	String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: chromecache_274.1.dr, chromecache_221.1.dr, chromecache_325.1.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__.
Source: chromecache_265.1.dr, chromecache_242.1.dr, chromecache_186.1.dr, chromecache_316.1.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.instagram.com/asos/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.snapchat.com/add/asosfashion
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.tiktok.com/
Source: chromecache_207.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.youtube.com/asos

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49808 version: TLS 1.2

Source: classification engine

Classification label: mal72.phis.win@25/302@124/28

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1912,i,8132146414401361413,4510033593977308464,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://dartergary.wordpress.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1912,i,8132146414401361413,4510033593977308464,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://dartergary.wordpress.com/"	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Persistence and Installation Behavior

AI detected landing page (webpage, office document or email)

Source: https://dartergary.wordpress.com/	LLM: Page contains button: 'VIEW SECURE DOCUMENT' Source: '1.0.pages.csv'
Source: https://dartergary.wordpress.com/	LLM: Page contains button: 'VIEW SECURE DOCUMENT' Source: '1.1.pages.csv'

AI detected suspicious URL

Source: Email

JoeBoxAI: AI detected suspicious URL: URL: https://usqe.bin4tgla.com/fpI2Ggql/

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

ID:	1544892
Product:	CloudBasic
Start time:	20:09:09
Start date:	29.10.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://dartergary.wordpress.com/

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Persistence and Installation Behavior

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://dartergary.wordpress.com/

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Persistence and Installation Behavior

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://dartergary.wordpress.com/