Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
http://yahoo.com

Overview

General Information

Sample URL:http://yahoo.com
Analysis ID:1391072
Infos:

Detection

Score:2
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Creates files inside the system directory
HTML body with high number of embedded images detected
HTTP GET or POST without a user agent
Stores files to the Windows start menu directory

Classification

  • System is w10x64_ra
  • chrome.exe (PID: 5676 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://yahoo.com/ MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
    • chrome.exe (PID: 2828 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1944,i,2245610854117281835,11172128742347380148,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
  • cleanup
No configs have been found
No yara matches
No Sigma rule has matched
No Snort rule has matched

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://www.google.com/search?q=cnn&oq=cnn&gs_lcrp=EgZjaHJvbWUqEAgAEAAYgwEY4wIYsQMYgAQyEAgAEAAYgwEY4wIYsQMYgAQyEwgBEC4YgwEYxwEYsQMY0QMYgAQyDQgCEAAYgwEYsQMYgAQyDQgDEAAYgwEYsQMYgAQyDQgEEAAYgwEYsQMYgAQyDQgFEAAYgwEYsQMYgAQyDQgGEAAYgwEYsQMYgAQyEAgHEAAYgwEYsQMYgAQYigUyDQgIEC4YgwEYsQMYgATSAQkxOTIxajBqMTWoAgCwAgA&sourceid=chrome&ie=UTF-8HTTP Parser: Total embedded image size: 48172
Source: https://www.google.com/search?q=cnn&oq=cnn&gs_lcrp=EgZjaHJvbWUqEAgAEAAYgwEY4wIYsQMYgAQyEAgAEAAYgwEY4wIYsQMYgAQyEwgBEC4YgwEYxwEYsQMY0QMYgAQyDQgCEAAYgwEYsQMYgAQyDQgDEAAYgwEYsQMYgAQyDQgEEAAYgwEYsQMYgAQyDQgFEAAYgwEYsQMYgAQyDQgGEAAYgwEYsQMYgAQyEAgHEAAYgwEYsQMYgAQYigUyDQgIEC4YgwEYsQMYgATSAQkxOTIxajBqMTWoAgCwAgA&sourceid=chrome&ie=UTF-8HTTP Parser: No favicon
Source: https://www.google.com/search?q=cnn&oq=cnn&gs_lcrp=EgZjaHJvbWUqEAgAEAAYgwEY4wIYsQMYgAQyEAgAEAAYgwEY4wIYsQMYgAQyEwgBEC4YgwEYxwEYsQMY0QMYgAQyDQgCEAAYgwEYsQMYgAQyDQgDEAAYgwEYsQMYgAQyDQgEEAAYgwEYsQMYgAQyDQgFEAAYgwEYsQMYgAQyDQgGEAAYgwEYsQMYgAQyEAgHEAAYgwEYsQMYgAQYigUyDQgIEC4YgwEYsQMYgATSAQkxOTIxajBqMTWoAgCwAgA&sourceid=chrome&ie=UTF-8HTTP Parser: No favicon
Source: https://www.google.com/search?q=cnn&oq=cnn&gs_lcrp=EgZjaHJvbWUqEAgAEAAYgwEY4wIYsQMYgAQyEAgAEAAYgwEY4wIYsQMYgAQyEwgBEC4YgwEYxwEYsQMY0QMYgAQyDQgCEAAYgwEYsQMYgAQyDQgDEAAYgwEYsQMYgAQyDQgEEAAYgwEYsQMYgAQyDQgFEAAYgwEYsQMYgAQyDQgGEAAYgwEYsQMYgAQyEAgHEAAYgwEYsQMYgAQYigUyDQgIEC4YgwEYsQMYgATSAQkxOTIxajBqMTWoAgCwAgA&sourceid=chrome&ie=UTF-8HTTP Parser: No favicon
Source: https://www.youtube.com/embed/?enablejsapi=1&rel=0&autoplay=0&playsinline=1&expflag=embeds_enable_muted_autoplay%3Atrue&fs=1HTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.17:49712 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.33.136.127:443 -> 192.168.2.17:49735 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.33.136.127:443 -> 192.168.2.17:49736 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.17:49957 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.28.12:443 -> 192.168.2.17:49964 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49965 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.21.200:443 -> 192.168.2.17:49966 version: TLS 1.2
Source: Binary string: _.Pdb=[0,_.I];_.fn[157211294]=_.Pdb; source: chromecache_282.1.dr
Source: Binary string: _.wDb=_.J("wMVsKe");_.xDb=_.J("muRNBf");_.yDb=_.J("WyFUae");_.zDb=_.J("T0EDCc");_.ADb=_.J("B0W4vc");_.BDb=_.J("JZy5mb");_.CDb=_.J("oXYVhf");_.DDb=_.J("UMUdI");_.EDb=_.J("d1Ff8d");_.FDb=_.J("q2gB8d");_.GDb=_.J("qqLTO");_.HDb=_.J("JqIC6");_.IDb=_.J("DXvF6c");_.JDb=_.J("AcRqn");_.KDb=_.J("ctfArf");_.LDb=_.J("eFeKU");_.MDb=_.J("uhNWP");_.NDb=_.J("vtt2Hf");_.ODb=_.J("yb4UXd");_.PDb=_.J("LJGUof");_.QDb=_.J("K5xx1c");_.RDb=_.J("CDsptd");_.SDb=_.J("FJQNc");_.TDb=_.J("mw2ubd");_.UDb=_.J("asjK6b");_.VDb=_.J("ncx6u"); source: chromecache_282.1.dr
Source: Binary string: var Sdb=function(a){this.Ia=_.n(a)};_.E(Sdb,_.p);Sdb.prototype.Zb=function(){return _.Pe(this,1)};Sdb.prototype.Xb=function(a){return _.Le(this,1,a)};Sdb.prototype.Ef=function(){return _.bf(this,1)};Sdb.prototype.getLanguage=function(){return _.Pe(this,2)};_.Tdb=[0,_.I,-2];var Udb=[0,_.gk,-2];var Vdb=function(a){this.Ia=_.n(a)};_.E(Vdb,_.p);_.k=Vdb.prototype;_.k.getName=function(){return _.r(this,Sdb,1)};_.k.zg=function(a){return _.Tb(this,Sdb,1,a)};_.k.Nh=function(){return _.uh(this,Sdb,1)};_.k.getUrl=function(){return _.C(this,2)};_.k.Nc=function(){return _.bf(this,2)};_.k.oe=function(){return _.Si(this,2)};_.k.qr=function(){return _.C(this,3)};_.k.aba=function(){return _.Si(this,6)};var Wdb=[0,_.Lr,_.I,-1,_.Ek,_.H,_.I,Udb,_.I];_.Xdb=function(a){this.Ia=_.n(a)};_.E(_.Xdb,_.p);_.Xdb.prototype.Fj=function(a,b){return _.Eh(this,5,Vdb,a,b)};_.Xdb.wb=[1,2,3,4,5];_.Ydb=[0,_.xk,Wdb,-4];_.Zdb=[0,_.gk,_.Ak,-3,1,_.Ak,_.Qj,_.Lr];_.$db=function(a){this.Ia=_.n(a)};_.E(_.$db,_.p);_.$db.prototype.getTitle=function(){return _.r(this,Sdb,1)};_.$db.prototype.setTitle=function(a){return _.Tb(this,Sdb,1,a)};_.$db.prototype.Gd=function(){return _.uh(this,Sdb,1)};_.$db.wb=[3];_.aeb=[0,_.Lr,1,_.xk,_.Lr,_.Lr,-4];var beb=[0,2,_.I,_.Fk,_.Lr,_.gk];_.ceb=function(a){this.Ia=_.n(a)};_.E(_.ceb,_.p);_.ceb.prototype.gNa=function(){return _.Wi(this,3)};_.ceb.wb=[4];_.deb=[0,_.Ek,-2,_.Fk,_.Ek,beb,_.Ek,_.Zdb,-1];_.Ceb=[0,_.Qj,-2];_.Deb=[0,2,_.Oj,-1,_.Ek];_.Eeb=[0,_.Qj,-2];_.Feb=[0,_.Deb,_.Ceb,_.Eeb,[0,_.Qdb,_.Qj,_.Lr,-1],_.I];_.Geb=[0,_.Pdb,_.Kr,[0,_.I],_.Qdb,2,_.Tdb];_.Heb=[0,_.I,_.Ek];_.Ieb=[0,_.I,_.Rdb,_.I,_.Qj];_.Jeb=[0,_.Qj,-3,[0,_.Ek],_.Ek]; source: chromecache_282.1.dr
Source: Binary string: _.h.jAb=function(){return _.xg(this,fUc,4,_.BE)};_.h.Nuc=function(){return _.nk(this,fUc,4,_.BE)};_.h.Gmb=function(){return _.xg(this,nUc,5,_.BE)};_.h.h7b=function(){return _.nk(this,nUc,5,_.BE)};_.h.Jmb=function(){return _.xg(this,yUc,6,_.BE)};_.h.Imb=function(){return _.nk(this,yUc,6,_.BE)};_.h.pDb=function(){return _.xg(this,zUc,18,_.BE)};_.h.Wuc=function(){return _.nk(this,zUc,18,_.BE)};_.h.QBb=function(){return _.xg(this,kUc,7,_.BE)};_.h.Ruc=function(){return _.nk(this,kUc,7,_.BE)}; source: chromecache_156.1.dr
Source: Binary string: _.NSa.prototype.oa=_.ba(48,function(a,b){if(!isNaN(a.Xh().toString()))return _.Vq(a);var c=b.then(function(d){return d.oa});c.Sh(function(){});_.KPa(this.Ba,a,c);QKb(this,a,b);return _.Vq(a)});_.Rdb.prototype.oa=_.ba(47,function(a){var b=a.Xh().toString();if(!_.Pdb.has(b))return _.Vq(a);var c=_.Od("xbwyCc");if(c.uc()){b=new TKb;var d=new SKb;c=KKb(_.Bo(c));d=_.jd(d,_.Zd,1,c);b=_.jd(b,SKb,1,d)}else b=null;return _.Vq(b?_.wOa(a,UKb,b):a)}); source: chromecache_172.1.dr
Source: Binary string: m()})};_.k.Pdb=function(){return!!this.Uob&&!!this.cacheKey&&_.gVf(_.CK(this.Uob,this.cacheKey))};_.k.attach=function(){if(this.Ku&&this.Pdb())return this.Ku.onReady=function(){return!0},_.pv(this.Uob,this.Ku),!0;this.Ku?this.Uob?this.cacheKey?_.cd(Error("Dk"),{level:0,Ue:{src:"prog"}}):_.cd(Error("Ek"),{level:0,Ue:{src:"prog"}}):_.cd(Error("Fk"),{level:0,Ue:{src:"prog"}}):_.cd(Error("Gk"),{level:0,Ue:{src:"prog"}});return!1};_.k.hDc=function(){};_.cnh=function(a){return new lph(a)}; source: chromecache_234.1.dr
Source: Binary string: _.gn],2,_.ox,[0,_.xk,_.Kr,_.Ek,_.xk,_.Kr,_.Kr],[0,_.Oj,1,[0,_.Oj]],[0,_.Ek],[0,_.Ek],[0,_.Ek,-1],1,_.xk,[-500,[0,_.I,-1,_.Ek],-2,_.Ek,_.I,_.gk,_.Oj,_.H,_.gn,1,_.xk,[0,_.I,3,_.I],-1,_.gn,_.Wj,_.Qj,2,_.nk,_.I,480,_.ps],XZb,[0,_.Qj,_.xk,_.Kr],_.xk,NZb,_.o_b,[0,3,c_b,7,[0,_.xk,[0,_.gk,_.I,_.Ek,b_b]],_.I,-3],1,_.xk,[0,_.gn,_.I,_.dk,-1,_.I],_.HZb,_.Pdb,_.JZb,2,_.xk,_.zZb,[-500,_.xk,_.Kr,498,_.ps],1,[0,_.xk,_.Kr,_.Zgb,_.xk,[0,_.tZb,_.Fk,_.Ek,_.Fk],_.H,_.xk,[0,_.Ek,-1,_.xk,_.a_b,_.xk,_.AZb,_.H,_.xk,[0,_.xk, source: chromecache_282.1.dr
Source: Binary string: _.k.fetch=function(a,b,c,d,e,f,g,h,l,m,q,t){var w=void 0===t?{}:t;t=void 0===w.wG?!1:w.wG;var A=void 0===w.fX?!1:w.fX;w=void 0===w.tEa?!1:w.tEa;!e&&f&&_.rFb(_.CK(a,f));this.Uob=a;a=_.SOb(a,{trigger:d,v8a:b,Sma:c});this.Ku={context:a.context,trigger:d,kf:a.kf,xx:f?new _.ov(f):void 0,XFc:h,onReady:l,wG:t,Zua:g,fX:A,tEa:w};this.cacheKey=f;(d=this.Pdb())&&q&&q();this.Jnc&&_.Pd().Cc("arccp",d?"hit":"miss").Cc("ctx",_.IEb(b)).Cc("ck",this.cacheKey).log();return _.pv(this.Uob,this.Ku).then(function(B){B&& source: chromecache_234.1.dr
Source: Binary string: _.ct=[-22,cdb,_.I,_.G,-2,_.I,1,_.J,_.Sl,_.J,_.on,_.G,_.Sl,_.Us,_.Sl,-1,adb,_.G,-1,bdb,_.I,_.Ns];var ddb=[0,_.I,-2];_.dt=function(a){this.Ja=_.r(a)};_.E(_.dt,_.u);_.dt.prototype.xl=function(){return _.xg(this,_.Fs,1,_.edb)};_.et=function(a,b){return _.pk(a,1,_.edb,b)};_.dt.prototype.rl=function(){return _.F(this,3)};_.ft=function(a,b){return _.Cg(a,3,b)};_.dt.prototype.LN=function(){return _.w(this,_.ln,4)};_.gt=function(a,b){return _.jd(a,_.ln,4,b)};_.dt.prototype.oH=_.aa(78);_.fdb=_.yd(_.dt);_.edb=[1,2];_.dt.prototype.ub="tWM50b";_.ht=[0,_.edb,_.lm,_.Pbb,_.lm,ddb,_.I,_.$xa,_.I,_.ct];_.gdb=function(a){this.Ja=_.r(a)};_.E(_.gdb,_.u);_.gdb.prototype.ub="JAZN7b";_.hdb=_.kd(53,_.gdb);_.An[53]=[0,_.ht];_.idb=_.Lb("KiJXPe",[_.ro]);_.jdb=_.Lb("MnVV2d",[_.$Xa]);_.kdb=_.Lb("qMBFFe",[_.sq,_.Vr,_.jdb,_.ks]);_.ldb=_.Lb("obXUHb",[_.rq]);_.mdb=_.Lb("ZY1qId",[_.ls]);_.ndb=_.Lb("yZ6y8b",[_.ks]);_.odb=_.Lb("GFOKxb",[_.YNa,_.ks,_.ndb,_.ko,_.fo,_.tq]);_.pdb=_.Lb("XqGYP",[_.jo,_.ks,_.fo,_.tq]);_.qdb=_.Lb("msnw6d",[_.io,_.M1a]);_.rdb=_.Lb("PbykO",[_.qdb]);Dd("Dyxbvd","UcPpxf");_.sdb=_.Hd("D9bBbf","SSYTHe");Dd("N3wSKe","D9bBbf");_.tdb=_.Lb("N3wSKe",[_.sdb]);_.udb=_.Lb("h0VRMd",[_.sq]);_.vdb=_.Lb("Dyxbvd",[_.tdb,_.udb,_.lo]);Dd("VYtC3","a7UL0d");_.wdb=_.Hd("yPRXZ","cledte");_.qq("VYtC3",[_.tdb,_.wdb,_.PXa]);_.xdb=_.Lb("gDvwme",[]);_.Hd("UcPpxf","usEHxb");_.Hd("eJ8TNb","NZA7o");Dd("cj77d","UFIE3d");Dd("cj77d","D9bBbf");_.ydb=_.Lb("cj77d",[_.sdb]);Dd("njtQ4e","AZiwVe");_.zdb=_.Lb("njtQ4e",[]);_.Adb=_.Lb("jcrbyc",[_.Lj,_.Rr,_.ks,_.wq,_.to,_.tq,_.m8a]);_.Bdb=_.Lb("MyQ7Bc",[]);_.Cdb=_.Lb("UMMWcd",[_.Lj]);_.Ddb=_.Lb("l8gQyd",[_.Cdb,_.uo,_.Vr]);_.Edb=_.Lb("lLcI2e",[_.Ddb,_.qcb]);Dd("zQzcXe","kKuqm");_.Fdb=_.Lb("zQzcXe",[]);_.Gdb=_.Hd("kKuqm","qavrXe",void 0,_.Fdb);_.Hdb=_.Lb("E0Oau",[_.ls,_.Gdb]);_.Idb=_.Lb("GhG1be",[_.tq,_.Vr,_.Os]);Dd("O9YmMc","YKNGNe");_.Jdb=_.Lb("O9YmMc",[_.oo,_.wf,_.e8a,_.ydb]);Dd("dPOyed","bsStqd");Dd("dPOyed","C4OoBd");_.Kdb=_.Lb("dPOyed",[_.Lj,_.ydb,_.tdb,_.ks,_.wf,_.Idb,_.Os,_.ro,_.e8a,_.tq,_.YXa,_.Vr,_.acb,_.fo,_.wq,_.B8a]);Dd("qYM7","bsStqd");Dd("qYM7","C4OoBd");_.Ldb=_.Lb("qYM7",[_.ydb,_.ks,_.Idb,_.tq,_.es]);_.Mdb=_.Lb("xeQOzf",[]);_.Ndb=_.Lb("bx0RAb",[]);_.Hd("a7UL0d","ExKZCb");_.Odb=_.Lb("sOPgV",[_.udb]);_.Pdb=new Set(["RQBMgb","l81VOe","by3N8b"]);var Qdb=[0,_.Tm,_.G];_.Um[271230360]=[0,Qdb,_.mm];_.Rdb=function(){};_.Rdb.prototype.oa=_.aa(47);Dd("L919Z","INd5kb");_.Sdb=_.Lb("L919Z",[]);Dd("y0wzC","VF0nLb");Dd("y0wzC","eJ8TNb");_.Tdb=_.Lb("al77M",[]);_.Udb=_.Lb("y0wzC",[_.Lj,_.tdb,_.xq,_.ks,_.wf,_.ko,_.e8a,_.udb,_.Tdb,_.fo,_.wq]);_.Vdb=_.Lb("n6ATMd",[_.sq]);Dd("rc2wr","v6RcBb");_.Wdb=_.Lb("rc2wr",[_.Lj,_.ko,_.wq,_.Vdb]);Dd("MEmnGe","j37baf");Dd("MEmnGe","NO84gd");_.Xdb=_.Lb("szFNKc",[]);_.Ydb=_.Lb("MEmnGe",[_.Xdb,_.tq]);_.Zdb=_.Lb("MKZkSe",[_.rq]);_.$db=_.Lb("E3GYad",[_.Os,_.fo]);_.aeb=_.Lb("Th8rzf",[_.$db]);_.beb=_.Lb("W6Kcxb",[_.rq]);_.ceb=_.Lb("gOXlC",[]);_.deb=_.Lb("bHWBTc",[_.rq]);_.eeb=_.Lb("oI12Kb",[_.n8a,_.ls,_.ro,_.d8a,_.e8a,_.wq]);_.feb
Source: Binary string: Agb:a[593],aaa:a[594],Bgb:a[595],Cgb:a[596],oad:a[597],Dgb:a[598],qad:a[599],axa:a[600],rad:a[601],tad:a[602],baa:a[603],gSb:a[604],hSb:a[605],Egb:a[606],bxa:a[607],Fgb:a[608],cxa:a[609],Ggb:a[610],Hgb:a[611],Igb:a[612],uad:a[613],Jgb:a[614],dxa:a[615],Kgb:a[616],Lgb:a[617],vad:a[618],wad:function(){return new _.PDb.Ird(a[619])},iSb:a[620],xad:a[621],yad:a[622],Mgb:a[623],zad:a[624],Aad:a[625],jSb:a[626],kSb:a[627],Bad:a[628],Cad:a[629],Dad:a[630],Ead:a[631],caa:a[632],Rgb:a[633],gxa:a[634],daa:a[635], source: chromecache_172.1.dr
Source: global trafficHTTP traffic detected: GET /ab HTTP/1.1Host: evoke-windowsservices-tas.msedge.netCache-Control: no-store, no-cacheX-PHOTOS-CALLERID: 9NMPJ99VJBWVX-EVOKE-RING: X-WINNEXT-RING: PublicX-WINNEXT-TELEMETRYLEVEL: BasicX-WINNEXT-OSVERSION: 10.0.19045.0X-WINNEXT-APPVERSION: 1.23082.131.0X-WINNEXT-PLATFORM: DesktopX-WINNEXT-CANTAILOR: FalseX-MSEDGE-CLIENTID: {c1afbad7-f7da-40f2-92f9-8846a91d69bd}X-WINNEXT-PUBDEVICEID: dbfen2nYS7HW6ON4OdOknKxxv2CCI5LJBTojzDztjwI=If-None-Match: 2056388360_-1434155563Accept-Encoding: gzip, deflate, br
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 23.33.136.127
Source: unknownTCP traffic detected without corresponding DNS query: 23.33.136.127
Source: unknownTCP traffic detected without corresponding DNS query: 23.33.136.127
Source: unknownTCP traffic detected without corresponding DNS query: 23.33.136.127
Source: unknownTCP traffic detected without corresponding DNS query: 23.33.136.127
Source: unknownTCP traffic detected without corresponding DNS query: 23.33.136.127
Source: unknownTCP traffic detected without corresponding DNS query: 23.33.136.127
Source: unknownTCP traffic detected without corresponding DNS query: 23.33.136.127
Source: unknownTCP traffic detected without corresponding DNS query: 23.33.136.127
Source: unknownTCP traffic detected without corresponding DNS query: 23.33.136.127
Source: unknownTCP traffic detected without corresponding DNS query: 23.33.136.127
Source: unknownTCP traffic detected without corresponding DNS query: 23.33.136.127
Source: unknownTCP traffic detected without corresponding DNS query: 23.33.136.127
Source: unknownTCP traffic detected without corresponding DNS query: 23.33.136.127
Source: unknownTCP traffic detected without corresponding DNS query: 23.33.136.127
Source: unknownTCP traffic detected without corresponding DNS query: 23.33.136.127
Source: unknownTCP traffic detected without corresponding DNS query: 23.33.136.127
Source: unknownTCP traffic detected without corresponding DNS query: 23.33.136.127
Source: unknownTCP traffic detected without corresponding DNS query: 23.33.136.127
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: global trafficHTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=117.0.5938.149&lang=en-US&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26brand%3DONGR%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmiedaX-Goog-Update-Updater: chromecrx-117.0.5938.149Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: yahoo.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: www.yahoo.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /consent?brandType=nonEu&gcrumb=XYjUJ0o&done=https%3A%2F%2Fwww.yahoo.com%2F HTTP/1.1Host: guce.yahoo.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: GUCS=AV2I1CdK
Source: global trafficHTTP traffic detected: GET /v2/collectConsent?sessionId=1_cc-session_11c3ad3a-3799-4351-bf4a-9dcb91b739c5 HTTP/1.1Host: consent.yahoo.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: GUCS=AV2I1CdK
Source: global trafficHTTP traffic detected: GET /oa/build/css/site-ltr-26631334.css HTTP/1.1Host: s.yimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://consent.yahoo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /oa/build/images/ro-RO-new-home_4cbe66f233b77e0a.png HTTP/1.1Host: s.yimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://s.yimg.com/oa/build/css/site-ltr-26631334.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /rz/p/yahoo_frontpage_en-US_s_f_p_bestfit_frontpage.png HTTP/1.1Host: s.yimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://consent.yahoo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /rz/p/yahoo_frontpage_en-US_s_f_w_bestfit_frontpage.png HTTP/1.1Host: s.yimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://consent.yahoo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /oa/build/js/site-bb293a33.js HTTP/1.1Host: s.yimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://consent.yahoo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /oa/build/images/help-circle-solid-black_f68609a66d5b78e7.svg HTTP/1.1Host: s.yimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://s.yimg.com/oa/build/css/site-ltr-26631334.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /static/images/close.svg HTTP/1.1Host: consent.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://consent.yahoo.com/v2/collectConsent?sessionId=1_cc-session_11c3ad3a-3799-4351-bf4a-9dcb91b739c5Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: GUCS=AV2I1CdK
Source: global trafficHTTP traffic detected: GET /beacon?tag=TCF2&step=Layer1-View&brandDomain=www.yahoo.com&brandBid=&userType=nonreg&sdk=false&tos=ro-RO&country=RO&sessionId=1_cc-session_11c3ad3a-3799-4351-bf4a-9dcb91b739c5 HTTP/1.1Host: consent.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://consent.yahoo.com/v2/collectConsent?sessionId=1_cc-session_11c3ad3a-3799-4351-bf4a-9dcb91b739c5Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: GUCS=AV2I1CdK
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=OLXfR65T3HLGEFK&MD=hfymTOGD HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /rz/p/yahoo_frontpage_en-US_s_f_p_bestfit_frontpage.png HTTP/1.1Host: s.yimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /rz/p/yahoo_frontpage_en-US_s_f_w_bestfit_frontpage.png HTTP/1.1Host: s.yimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /oa/build/images/help-circle-solid-black_f68609a66d5b78e7.svg HTTP/1.1Host: s.yimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /oa/build/images/ro-RO-new-home_4cbe66f233b77e0a.png HTTP/1.1Host: s.yimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /oa/build/images/favicons/yahoo.png HTTP/1.1Host: s.yimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://consent.yahoo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /static/images/close.svg HTTP/1.1Host: consent.yahoo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: GUCS=AV2I1CdK
Source: global trafficHTTP traffic detected: GET /oa/build/images/favicons/yahoo.png HTTP/1.1Host: s.yimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCNy9zQEIksrNAQi5ys0BCLbLzQEI6dLNAQiK080BCMHUzQEIz9bNAQjj1s0BCI7XzQEIp9jNAQi62M0BCPnA1BUYuL/NARj2yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=X9Z9GC2VZ5PTUFlYUNdhKnJP24TRGpGqZqKFL9Pw-Ezk_duysZ_VzzYNGWyHcs80O3scFIEGWC4ejePhlgeAzI7DW28lCxtFqnZqwLPsW3aG59Guvp647PtH9EGoiqhxBjO7Es0rJ7PDVhdGCfedVrlCik0Vmojg2gUg6Tqi0JI
Source: global trafficHTTP traffic detected: GET /async/ddljson?async=ntp:2 HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=X9Z9GC2VZ5PTUFlYUNdhKnJP24TRGpGqZqKFL9Pw-Ezk_duysZ_VzzYNGWyHcs80O3scFIEGWC4ejePhlgeAzI7DW28lCxtFqnZqwLPsW3aG59Guvp647PtH9EGoiqhxBjO7Es0rJ7PDVhdGCfedVrlCik0Vmojg2gUg6Tqi0JI
Source: global trafficHTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCNy9zQEIksrNAQi5ys0BCLbLzQEI6dLNAQiK080BCMHUzQEIz9bNAQjj1s0BCI7XzQEIp9jNAQi62M0BCPnA1BUYuL/NARj2yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=X9Z9GC2VZ5PTUFlYUNdhKnJP24TRGpGqZqKFL9Pw-Ezk_duysZ_VzzYNGWyHcs80O3scFIEGWC4ejePhlgeAzI7DW28lCxtFqnZqwLPsW3aG59Guvp647PtH9EGoiqhxBjO7Es0rJ7PDVhdGCfedVrlCik0Vmojg2gUg6Tqi0JI
Source: global trafficHTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=X9Z9GC2VZ5PTUFlYUNdhKnJP24TRGpGqZqKFL9Pw-Ezk_duysZ_VzzYNGWyHcs80O3scFIEGWC4ejePhlgeAzI7DW28lCxtFqnZqwLPsW3aG59Guvp647PtH9EGoiqhxBjO7Es0rJ7PDVhdGCfedVrlCik0Vmojg2gUg6Tqi0JI
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCNy9zQEIksrNAQi5ys0BCLbLzQEI6dLNAQiK080BCMHUzQEIz9bNAQjj1s0BCI7XzQEIp9jNAQi62M0BCPnA1BUYuL/NARj2yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=X9Z9GC2VZ5PTUFlYUNdhKnJP24TRGpGqZqKFL9Pw-Ezk_duysZ_VzzYNGWyHcs80O3scFIEGWC4ejePhlgeAzI7DW28lCxtFqnZqwLPsW3aG59Guvp647PtH9EGoiqhxBjO7Es0rJ7PDVhdGCfedVrlCik0Vmojg2gUg6Tqi0JI
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=15&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCNy9zQEIksrNAQi5ys0BCLbLzQEI6dLNAQiK080BCMHUzQEIz9bNAQjj1s0BCI7XzQEIp9jNAQi62M0BCPnA1BUYuL/NARj2yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=X9Z9GC2VZ5PTUFlYUNdhKnJP24TRGpGqZqKFL9Pw-Ezk_duysZ_VzzYNGWyHcs80O3scFIEGWC4ejePhlgeAzI7DW28lCxtFqnZqwLPsW3aG59Guvp647PtH9EGoiqhxBjO7Es0rJ7PDVhdGCfedVrlCik0Vmojg2gUg6Tqi0JI
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=cn&oit=1&pgcl=15&gs_rn=42&psi=Oy4yg8d6EV6rPF5F&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCNy9zQEIksrNAQi5ys0BCLbLzQEI6dLNAQiK080BCMHUzQEIz9bNAQjj1s0BCI7XzQEIp9jNAQi62M0BCPnA1BUYuL/NARj2yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=X9Z9GC2VZ5PTUFlYUNdhKnJP24TRGpGqZqKFL9Pw-Ezk_duysZ_VzzYNGWyHcs80O3scFIEGWC4ejePhlgeAzI7DW28lCxtFqnZqwLPsW3aG59Guvp647PtH9EGoiqhxBjO7Es0rJ7PDVhdGCfedVrlCik0Vmojg2gUg6Tqi0JI
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=cnn&oit=1&pgcl=15&gs_rn=42&psi=Oy4yg8d6EV6rPF5F&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCNy9zQEIksrNAQi5ys0BCLbLzQEI6dLNAQiK080BCMHUzQEIz9bNAQjj1s0BCI7XzQEIp9jNAQi62M0BCPnA1BUYuL/NARj2yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=X9Z9GC2VZ5PTUFlYUNdhKnJP24TRGpGqZqKFL9Pw-Ezk_duysZ_VzzYNGWyHcs80O3scFIEGWC4ejePhlgeAzI7DW28lCxtFqnZqwLPsW3aG59Guvp647PtH9EGoiqhxBjO7Es0rJ7PDVhdGCfedVrlCik0Vmojg2gUg6Tqi0JI
Source: global trafficHTTP traffic detected: GET /search?q=cnn&oq=cnn&gs_lcrp=EgZjaHJvbWUqEAgAEAAYgwEY4wIYsQMYgAQyEAgAEAAYgwEY4wIYsQMYgAQyEwgBEC4YgwEYxwEYsQMY0QMYgAQyDQgCEAAYgwEYsQMYgAQyDQgDEAAYgwEYsQMYgAQyDQgEEAAYgwEYsQMYgAQyDQgFEAAYgwEYsQMYgAQyDQgGEAAYgwEYsQMYgAQyEAgHEAAYgwEYsQMYgAQYigUyDQgIEC4YgwEYsQMYgATSAQkxOTIxajBqMTWoAgCwAgA&sourceid=chrome&ie=UTF-8 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCNy9zQEIksrNAQi5ys0BCLbLzQEI6dLNAQiK080BCMHUzQEIz9bNAQjj1s0BCI7XzQEIp9jNAQi62M0BCPnA1BUYuL/NARj2yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=X9Z9GC2VZ5PTUFlYUNdhKnJP24TRGpGqZqKFL9Pw-Ezk_duysZ_VzzYNGWyHcs80O3scFIEGWC4ejePhlgeAzI7DW28lCxtFqnZqwLPsW3aG59Guvp647PtH9EGoiqhxBjO7Es0rJ7PDVhdGCfedVrlCik0Vmojg2gUg6Tqi0JI
Source: global trafficHTTP traffic detected: GET /images/branding/googlelogo/2x/googlelogo_color_92x30dp.png HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.149"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.149", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.149"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCNy9zQEIksrNAQi5ys0BCLbLzQEI6dLNAQiK080BCMHUzQEIz9bNAQjj1s0BCI7XzQEIp9jNAQi62M0BCPnA1BUYuL/NARj2yc0BGOuNpRc=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-02-12-19; AEC=Ae3NU9NQK0nV7fR7zMOdnDGJhgvfhHG4DW6XoEzbXcSPr19FtHnsSfjwOw; NID=511=jhIME_4nGopMNUt_QPSIZiio3h1iH8wXugZn3QTw6omF0affPmAQ8zP9Sc3HRPpGQVZj8QLyj6Hwpjh65GsZUXuaJe5p_4vsMe-GkWI7AoFWXT1BeEfnVWsbDjPLkkKeLzu5q4Y23pgc7x5q-DzJ9VcDbUvHFp6hqwNx-I_nh1s
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: www.cnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/searchbox/desktop_searchbox_sprites318_hr.webp HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.149"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.149", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.149"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCNy9zQEIksrNAQi5ys0BCLbLzQEI6dLNAQiK080BCMHUzQEIz9bNAQjj1s0BCI7XzQEIp9jNAQi62M0BCPnA1BUYuL/NARj2yc0BGOuNpRc=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/search?q=cnn&oq=cnn&gs_lcrp=EgZjaHJvbWUqEAgAEAAYgwEY4wIYsQMYgAQyEAgAEAAYgwEY4wIYsQMYgAQyEwgBEC4YgwEYxwEYsQMY0QMYgAQyDQgCEAAYgwEYsQMYgAQyDQgDEAAYgwEYsQMYgAQyDQgEEAAYgwEYsQMYgAQyDQgFEAAYgwEYsQMYgAQyDQgGEAAYgwEYsQMYgAQyEAgHEAAYgwEYsQMYgAQYigUyDQgIEC4YgwEYsQMYgATSAQkxOTIxajBqMTWoAgCwAgA&sourceid=chrome&ie=UTF-8Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-02-12-19; AEC=Ae3NU9NQK0nV7fR7zMOdnDGJhgvfhHG4DW6XoEzbXcSPr19FtHnsSfjwOw; NID=511=jhIME_4nGopMNUt_QPSIZiio3h1iH8wXugZn3QTw6omF0affPmAQ8zP9Sc3HRPpGQVZj8QLyj6Hwpjh65GsZUXuaJe5p_4vsMe-GkWI7AoFWXT1BeEfnVWsbDjPLkkKeLzu5q4Y23pgc7x5q-DzJ9VcDbUvHFp6hqwNx-I_nh1s
Source: global trafficHTTP traffic detected: GET /xjs/_/js/k=xjs.s.en_US.ZuP3XPuzFnc.O/am=ACAAACoQAAAAAAAAAAAAAACAAAAAACHQNRMOAdgAAfAlAEACCAEQgBVYKAgQATAAIAj4_CcAAAAAABMQGADCBZBCcBAAADABVQDZAR8AAACAYD9ADCDwgIAAQDCQH6AQeABBgBIgAAAAgDwAzwNwkMICAAAAAAAAAAAAEECCIByQfkEABAAAAAAAAAAAAABSaWLlYQCA/d=1/ed=1/dg=2/br=1/rs=ACT90oE1QhQ8ET97So13gpisPYm8Ntc5GA/ee=AfeaP:TkrAjf;Afksuc:wMx0R;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;Dkk6ge:wJqrrd;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;Erl4fe:FloWmf,FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KeeMUb:HiPxjc;KpRAue:Tia57b;LBgRLc:XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe,KG2eXe;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;PqHfGe:im2cZe;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZMvdv:PHFPjb;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;fWLTFc:TVBJbf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;hLUtwc:KB8OKd;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qGV2uc:HHi04c;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uknmt:GkPrzb;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;xbe2wc:uRMPBc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=attn,cdos,gwc,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.149"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.149", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.149"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec
Source: global trafficHTTP traffic detected: GET /verify/ADyTd2H0bxr2kSLKE7_c0k3FjIeeUTPKvpEo9AaJtglfMjwWb0ncYiGOcnx5TI0XZkUf7SsHUBJ2vYUoYfRvKI8r6P-VNHb1HPRHJZ2xnnllyRcr6ds6Ww HTTP/1.1Host: id.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCNy9zQEIksrNAQi5ys0BCLbLzQEI6dLNAQiK080BCMHUzQEIz9bNAQjj1s0BCI7XzQEIp9jNAQi62M0BCPnA1BUYuL/NARj2yc0BGOuNpRc=Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-02-12-19; AEC=Ae3NU9NQK0nV7fR7zMOdnDGJhgvfhHG4DW6XoEzbXcSPr19FtHnsSfjwOw; NID=511=jhIME_4nGopMNUt_QPSIZiio3h1iH8wXugZn3QTw6omF0affPmAQ8zP9Sc3HRPpGQVZj8QLyj6Hwpjh65GsZUXuaJe5p_4vsMe-GkWI7AoFWXT1BeEfnVWsbDjPLkkKeLzu5q4Y23pgc7x5q-DzJ9VcDbUvHFp6hqwNx-I_nh1s
Source: global trafficHTTP traffic detected: GET /images/branding/googlelogo/2x/googlelogo_color_92x30dp.png HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-02-12-19; AEC=Ae3NU9NQK0nV7fR7zMOdnDGJhgvfhHG4DW6XoEzbXcSPr19FtHnsSfjwOw; NID=511=jhIME_4nGopMNUt_QPSIZiio3h1iH8wXugZn3QTw6omF0affPmAQ8zP9Sc3HRPpGQVZj8QLyj6Hwpjh65GsZUXuaJe5p_4vsMe-GkWI7AoFWXT1BeEfnVWsbDjPLkkKeLzu5q4Y23pgc7x5q-DzJ9VcDbUvHFp6hqwNx-I_nh1s
Source: global trafficHTTP traffic detected: GET /images/searchbox/desktop_searchbox_sprites318_hr.webp HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-02-12-19; AEC=Ae3NU9NQK0nV7fR7zMOdnDGJhgvfhHG4DW6XoEzbXcSPr19FtHnsSfjwOw; NID=511=jhIME_4nGopMNUt_QPSIZiio3h1iH8wXugZn3QTw6omF0affPmAQ8zP9Sc3HRPpGQVZj8QLyj6Hwpjh65GsZUXuaJe5p_4vsMe-GkWI7AoFWXT1BeEfnVWsbDjPLkkKeLzu5q4Y23pgc7x5q-DzJ9VcDbUvHFp6hqwNx-I_nh1s
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: edition.cnn.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: countryCode=RO; stateCode=B; geoData=bucharest|B|021211|RO|EU|200|broadband|44.460|26.130|-1
Source: global trafficHTTP traffic detected: GET /js/chartbeat_mab.js HTTP/1.1Host: static.chartbeat.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://edition.cnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /compressiontest/gzip.html HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.5938.149"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-wow64: ?0sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.149", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.149"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCNy9zQEIksrNAQi5ys0BCLbLzQEI6dLNAQiK080BCMHUzQEIz9bNAQjj1s0BCI7XzQEIp9jNAQi62M0BCPnA1BUYuL/NARj2yc0BGOuNpRc=Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-02-12-19; AEC=Ae3NU9NQK0nV7fR7zMOdnDGJhgvfhHG4DW6XoEzbXcSPr19FtHnsSfjwOw; NID=511=ekoCYYeRiEqLsj4374XYxdT-sFk8B_9WQ9FoDlowRJO7886NgJnAqXp667rF509WgqP9ZHAnPwNY43U4WFnT-TUn0vW-306VZ8KCe6V7exX28VcEvB4c2ec_rfqiMlcxowsyAAVV2WHhyQMdIqmzS_EPMXO7QxjMFLkrDVK7glbbK6FT0M_gDuj_KnP0VTHbJ5oy; GZ=Z=0
Source: global trafficHTTP traffic detected: GET /api/v1/images/stellar/prod/2024-02-10t215045z-165335017-rc2wz5aizgti-rtrmadp-3-usa-election-trump.jpeg?c=16x9&q=h_720,w_1280,c_fill HTTP/1.1Host: media.cnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://edition.cnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: countryCode=RO; stateCode=B; geoData=bucharest|B|021211|RO|EU|200|broadband|44.460|26.130|-1; FastAB=0=2997,1=6021,2=3000,3=6082,4=4503,5=3636,6=1477,7=4272,8=5705,9=3014,10=9016,11=1865,12=9671,13=8040,14=6224,15=1852,16=1461,17=8519,18=6605,19=5958
Source: global trafficHTTP traffic detected: GET /vi/b6AuqJ6aoDw/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3lU5Sy2QEq9MSvl1ILZBErYR-oqhQ HTTP/1.1Host: i.ytimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCNy9zQEIksrNAQi5ys0BCLbLzQEI6dLNAQiK080BCMHUzQEIz9bNAQjj1s0BCI7XzQEIp9jNAQi62M0BCPnA1BUYuL/NARj2yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /api/v1/images/stellar/prod/untitled-2-20240212160207996.jpg?c=16x9&q=h_720,w_1280,c_fill HTTP/1.1Host: media.cnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://edition.cnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: countryCode=RO; stateCode=B; geoData=bucharest|B|021211|RO|EU|200|broadband|44.460|26.130|-1; FastAB=0=2997,1=6021,2=3000,3=6082,4=4503,5=3636,6=1477,7=4272,8=5705,9=3014,10=9016,11=1865,12=9671,13=8040,14=6224,15=1852,16=1461,17=8519,18=6605,19=5958
Source: global trafficHTTP traffic detected: GET /api/v1/images/stellar/prod/ap24042830125939.jpg?c=16x9&q=h_720,w_1280,c_fill HTTP/1.1Host: media.cnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://edition.cnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: countryCode=RO; stateCode=B; geoData=bucharest|B|021211|RO|EU|200|broadband|44.460|26.130|-1; FastAB=0=2997,1=6021,2=3000,3=6082,4=4503,5=3636,6=1477,7=4272,8=5705,9=3014,10=9016,11=1865,12=9671,13=8040,14=6224,15=1852,16=1461,17=8519,18=6605,19=5958
Source: global trafficHTTP traffic detected: GET /api/v1/images/stellar/prod/cnn-fast-master-1920x1080-a.png?c=16x9&q=w_850,c_fill HTTP/1.1Host: media.cnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://edition.cnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: countryCode=RO; stateCode=B; geoData=bucharest|B|021211|RO|EU|200|broadband|44.460|26.130|-1; FastAB=0=2997,1=6021,2=3000,3=6082,4=4503,5=3636,6=1477,7=4272,8=5705,9=3014,10=9016,11=1865,12=9671,13=8040,14=6224,15=1852,16=1461,17=8519,18=6605,19=5958
Source: global trafficHTTP traffic detected: GET /api/v1/images/stellar/prod/ap24042806482612-2.jpg?c=16x9&q=h_438,w_780,c_fill HTTP/1.1Host: media.cnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://edition.cnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: countryCode=RO; stateCode=B; geoData=bucharest|B|021211|RO|EU|200|broadband|44.460|26.130|-1; FastAB=0=2997,1=6021,2=3000,3=6082,4=4503,5=3636,6=1477,7=4272,8=5705,9=3014,10=9016,11=1865,12=9671,13=8040,14=6224,15=1852,16=1461,17=8519,18=6605,19=5958
Source: global trafficHTTP traffic detected: GET /api/v1/images/stellar/prod/gettyimages-2004235815.jpeg?c=16x9&q=h_438,w_780,c_fill HTTP/1.1Host: media.cnn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://edition.cnn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: countryCode=RO; stateCode=B; geoData=bucharest|B|021211|RO|EU|200|broadband|44.460|26.130|-1; FastAB=0=2997,1=6021,2=3000,3=6082,4=4503,5=3636,6=1477,7=4272,8=5705,9=3014,10=9016,11=1865,12=9671,13=8040,14=6224,15=1852,16=1461,17=8519,18=6605,19=5958
Source: global trafficHTTP traffic detected: GET /complete/search?q&cp=0&client=gws-wiz-serp&xssi=t&gs_pcrt=2&hl=en&authuser=0&pq=cnn&psi=aW_KZeeWNpifwN4PkMqrwAs.1707765610550&dpr=1&ofp=GNPhsuKo-5PVuAEY_4v61fv0lbG_ARiU2auNh_mP-tMBGIW0wKqB353V_QEYlLeC-amM1ovDAQ&nolsbt=1 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.149"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.149", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.149"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCNy9zQEIksrNAQi5ys0BCLbLzQEI6dLNAQiK080BCMHUzQEIz9bNAQjj1s0BCI7XzQEIp9jNAQi62M0BCPnA1BUYuL/NARj2yc0BGOuNpRc=Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-02-12-19; AEC=Ae3NU9NQK0nV7fR7zMOdnDGJhgvfhHG4DW6XoEzbXcSPr19FtHnsSfjwOw; NID=511=ekoCYYeRiEqLsj4374XYxdT-sFk8B_9WQ9FoDlowRJO7886NgJnAqXp667rF509WgqP9ZHAnPwNY43U4WFnT-TUn0vW-306VZ8KCe6V7exX28VcEvB4c2ec_rfqiMlcxowsyAAVV2WHhyQMdIqmzS_EPMXO7QxjMFLkrDVK7glbbK6FT0M_gDuj_KnP0VTHbJ5oy
Source: global trafficHTTP traffic detected: GET /complete/search?q=cnn&cp=0&client=desktop-gws-wiz-on-focus-serp&xssi=t&gs_pcrt=3&hl=en&authuser=0&pq=cnn&psi=aW_KZeeWNpifwN4PkMqrwAs.1707765610550&dpr=1&ofp=EAEY0-Gy4qj7k9W4ARj_i_rV-_SVsb8BGJTZq42H-Y_60wEYhbTAqoHfndX9ARiUt4L5qYzWi8MBMn8KCAoGY25uIDEwCgoKCGNubiBsaXZlCgoKCG5iYyBuZXdzChkKF2JyZWFraW5nIG5ld3MgaGVhZGxpbmVzCgoKCGZveCBuZXdzChMKEWNubiBicmVha2luZyBuZXdzCgwKCm1zbmJjIG5ld3MKDwoNY25uIC0geW91dHViZRBH HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.149"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.149", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.149"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCNy9zQEIksrNAQi5ys0BCLbLzQEI6dLNAQiK080BCMHUzQEIz9bNAQjj1s0BCI7XzQEIp9jNAQi62M0BCPnA1BUYuL/NARj2yc0BGOuNpRc=Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-02-12-19; AEC=Ae3NU9NQK0nV7fR7zMOdnDGJhgvfhHG4DW6XoEzbXcSPr19FtHnsSfjwOw; NID=511=ekoCYYeRiEqLsj4374XYxdT-sFk8B_9WQ9FoDlowRJO7886NgJnAqXp667rF509WgqP9ZHAnPwNY43U4WFnT-TUn0vW-306VZ8KCe6V7exX28VcEvB4c2ec_rfqiMlcxowsyAAVV2WHhyQMdIqmzS_EPMXO7QxjMFLkrDVK7glbbK6FT0M_gDuj_KnP0VTHbJ5oy
Source: global trafficHTTP traffic detected: GET /xjs/_/js/md=1/k=xjs.s.en_US.ZuP3XPuzFnc.O/ck=xjs.s.CJcHntGzYV0.L.W.O/am=ACAAACoQAAAAAAAAAAAAAACAAAAAACHQNRMOAdgAAfAlAEACCAEQgBVYKAgQATAAIAj4_CcAAAAAABMQGADCBZBCcBAAADABVQDZAR8AAACAYD9ADCDwgIAAQDCQH6AQeABBgBIgAAAAgDwAzwNwkMICAAAAAAAAAAAAEECCIByQfkEABAAAAAAAAAAAAABSaWLlYQCA/rs=ACT90oFqXqs_NNHh_FiaH98wJdrm3rp22g HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.149"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.149", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.149"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlaHLAQiFoM0BCNy9zQEIksrNAQi5ys0BCLbLzQEI6dLNAQiK080BCMHUzQEIz9bNAQjj1s0BCI7XzQEIp9jNAQi62M0BCPnA1BUYuL/NARj2yc0BGOuNpRc=Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-02-12-19; AEC=Ae3NU9NQK0nV7fR7zMOdnDGJhgvfhHG4DW6XoEzbXcSPr19FtHnsSfjwOw; NID=511=ekoCYYeRiEqLsj4374XYxdT-sFk8B_9WQ9FoDlowRJO7886NgJnAqXp667rF509WgqP9ZHAnPwNY43U4WFnT-TUn0vW-306VZ8KCe6V7exX28VcEvB4c2ec_rfqiMlcxowsyAAVV2WHhyQMdIqmzS_EPMXO7QxjMFLkrDVK7glbbK6FT0M_gDuj_KnP0VTHbJ5oy
Source: global trafficHTTP traffic detected: GET /xjs/_/js/k=xjs.s.en_US.ZuP3XPuzFnc.O/ck=xjs.s.CJcHntGzYV0.L.W.O/am=ACAAACoQAAAAAAAAAAAAAACAAAAAACHQNRMOAdgAAfAlAEACCAEQgBVYKAgQATAAIAj4_CcAAAAAABMQGADCBZBCcBAAADABVQDZAR8AAACAYD9ADCDwgIAAQDCQH6AQeABBgBIgAAAAgDwAzwNwkMICAAAAAAAAAAAAEECCIByQfkEABAAAAAAAAAAAAABSaWLlYQCA/d=1/exm=SNUn3,attn,cEt90b,cdos,csi,d,dtl0hd,eHDfl,gwc,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/excm=A9AtR,ABxRVc,AD6AIb,Adehte,B0xr7b,CTwd8,CWOfE,CX5LId,CdOg1,D1J6He,D2DTEf,DwnPgd,FSpvmf,FmnE6b,FuQWyc,GLGZs,GXyz1,Ghqpae,JxE93,KiXlnd,MRb7nf,Mxvwsd,NsEUGe,Oa7Qpb,Ok4XMd,PE728b,PoJj8d,PvSBGf,Q6cvgf,QNvmne,RJDOBc,RSlfle,SLDaee,SfrWY,SiRWre,TO0csb,TnXlGd,Trirbc,TurKxc,U3Ovcc,U6nlJe,UQpTU,VZLyBe,WH3Khc,Wx0Z2d,WxJ6g,XDlt7d,XHo6qe,XTkmZd,XbupY,Xk0c,XkocRe,Yltq7c,YuNOCb,ZGLUZ,ZrXR8b,Zudxcb,a3cZoc,aQFQFe,adn7N,ak946,bXyZdf,cKV22c,du3Q4e,eTv59e,fNMhz,fplQxc,gXm5Le,hfJ9hb,htkoae,iAQA6,j0qO9b,jJtSzc,jkRPje,kCkfUb,kOSi0d,mM1I8d,oS3sbd,oXRDzc,pIseB,pOYYce,pPanAd,pQk1fc,pqUxUc,qngJBf,r24bR,rL2AR,t2MLwc,tOQULd,tlA71,tzTB5,vJPFse,vbjdXc,vhpQNc,wKa2Bd,y25qZb,yChgtb,yfH2Bd,yn9Ffd,ypVg7e,zjNhL,zoFt6e/ed=1/dg=2/br=1/ujg=1/rs=ACT90oFqXqs_NNHh_FiaH98wJdrm3rp22g/ee=AfeaP:TkrAjf;Afksuc:wMx0R;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;Dkk6ge:wJqrrd;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KeeMUb:HiPxjc;KpRAue:Tia57b;LBgRLc:XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;PqHfGe:im2cZe;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:Z