Windows Analysis Report
You've Been Sent A Secure Document.eml

Overview

General Information

Sample name:	You've Been Sent A Secure Document.eml
Analysis ID:	1417055
MD5:	af84a5a64f8c0d60e48a82807c2ae9fb
SHA1:	21040e18398edc7f2b3432c63a3741c8b6a06177
SHA256:	1391f4ae40afa1ba8c7f2e22e0514c65f58bf483553423362143f09d02b9bc1c
Infos:

Detection

HTMLPhisher

Score:	64
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected HtmlPhish54

HTML page contains suspicious iframes

Phishing site detected (based on logo match)

Phishing site or detected (based on various text indicators)

Suspicious MSG / EML detected (based on various text indicators)

Connects to many different domains

Creates a window with clipboard capturing capabilities

Found iframes

HTML body contains low number of good links

HTML page contains hidden URLs or javascript code

HTML page contains obfuscate script src

IP address seen in connection with other malware

JA3 SSL client fingerprint seen in connection with other malware

Phishing site detected (based on OCR NLP Model)

Queries the volume information (name, serial number etc) of a device

Sigma detected: Office Autorun Keys Modification

Sigma detected: Office Macro File Download

Stores files to the Windows start menu directory

Tries to load missing DLLs

Classification

Signatures

Phishing

Yara detected HtmlPhish54

Source: Yara match	File source: 6.12.pages.csv, type: HTML
Source: Yara match	File source: 7.13.pages.csv, type: HTML
Source: Yara match	File source: 7.15.pages.csv, type: HTML

HTML page contains suspicious iframes

Source: https://8993b1c6.c7aeb996ba99e08645130852.workers.dev/

HTTP Parser: position:fixed;top:0;left:0;bottom:0;right:0;width:100%;height:100%;border:none;margin:0;padding:0;overflow:hidden;z-index:999999

Phishing site detected (based on logo match)

Matcher: Template: microsoft matched

Phishing site or detected (based on various text indicators)

Source: Chrome DOM: 0.4	OCR Text: Prezi Log In Get started You have received a new document The message was sent securely to protect sensitive information included in the correspondence. Date Received - 08/28/2024 Reference Number - SP0005848912 Number of Pages = 2 Pages Status Code = Successful Use receiving email to access and verify documents. Privacy Preferences This website uses ccn.kies and other tracking technologies to enhance user experience and to analyze Do Not Sell or Share My Personal Information #rformance and traffic on our website. We also share information your use of our site with our social media, advertising and analytics partners. If we have detected an opt-out preference signal then it will be honored Further information about privacy and cookies are available in our
Source: Chrome DOM: 0.5	OCR Text: Prezi Log In Get started You have received a new document The message was sent securely to protect sensitive information included in the correspondence. Date Received - 08/28/2024 Reference Number - SP0005848912 Number of Pages = 2 Pages Status Code = Successful Use receiving email to access and verify documents. O

Suspicious MSG / EML detected (based on various text indicators)

Source: MSG / EML

OCR Text: This message was sent securely using ZiX@ You have been sent a secure document. Click below to be directed to download your document. VIEW COMPLETED DOCUMENT Let me know if you have any questions. ichole Henson Handrail & Warranty Southern Staircase 6025 Shiloh Road, Suite E Alpharetta, GA 30005 c: (678) 674-6634 nhenson southernstaircase.com

Found iframes

Source: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLa	HTTP Parser: Iframe src: //www.googletagmanager.com/ns.html?id=GTM-MQ6FG2
Source: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLa	HTTP Parser: Iframe src: //www.googletagmanager.com/ns.html?id=GTM-MQ6FG2
Source: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLa	HTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/AW-958692981?random=1711634882084&cv=11&fst=1711634882084&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be43p0z86358348za201&gcd=13r3r3l3l5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&hn=www.googleadservices.com&frm=0&tiba=Secure%20Document%20by%20Matthew%20Swift%20on%20Prezi%20Design&npa=0&pscdl=noapi&auid=2095783995.1711634881&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse
Source: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLa	HTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/1001687149?random=1711634882116&cv=11&fst=1711634882116&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be43p0v892644071z86358348za201&gcd=13r3r3l3l5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&label=b1TSCIv8tAUQ7ZDS3QM&hn=www.googleadservices.com&frm=0&tiba=Secure%20Document%20by%20Matthew%20Swift%20on%20Prezi%20Design&npa=0&pscdl=noapi&auid=2095783995.1711634881&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse
Source: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLa	HTTP Parser: Iframe src: //www.googletagmanager.com/ns.html?id=GTM-MQ6FG2
Source: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLa	HTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/AW-958692981?random=1711634882084&cv=11&fst=1711634882084&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be43p0z86358348za201&gcd=13r3r3l3l5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&hn=www.googleadservices.com&frm=0&tiba=Secure%20Document%20by%20Matthew%20Swift%20on%20Prezi%20Design&npa=0&pscdl=noapi&auid=2095783995.1711634881&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse
Source: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLa	HTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/1001687149?random=1711634882116&cv=11&fst=1711634882116&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be43p0v892644071z86358348za201&gcd=13r3r3l3l5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&label=b1TSCIv8tAUQ7ZDS3QM&hn=www.googleadservices.com&frm=0&tiba=Secure%20Document%20by%20Matthew%20Swift%20on%20Prezi%20Design&npa=0&pscdl=noapi&auid=2095783995.1711634881&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse
Source: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLa	HTTP Parser: Iframe src: //www.googletagmanager.com/ns.html?id=GTM-MQ6FG2
Source: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLa	HTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/AW-958692981?random=1711634882084&cv=11&fst=1711634882084&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be43p0z86358348za201&gcd=13r3r3l3l5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&hn=www.googleadservices.com&frm=0&tiba=Secure%20Document%20by%20Matthew%20Swift%20on%20Prezi%20Design&npa=0&pscdl=noapi&auid=2095783995.1711634881&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse
Source: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLa	HTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/1001687149?random=1711634882116&cv=11&fst=1711634882116&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be43p0v892644071z86358348za201&gcd=13r3r3l3l5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&label=b1TSCIv8tAUQ7ZDS3QM&hn=www.googleadservices.com&frm=0&tiba=Secure%20Document%20by%20Matthew%20Swift%20on%20Prezi%20Design&npa=0&pscdl=noapi&auid=2095783995.1711634881&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse
Source: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC&sso_reload=true	HTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx
Source: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC&sso_reload=true	HTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx

HTML body contains low number of good links

Source: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC&sso_reload=true

HTTP Parser: Number of links: 0

HTML page contains hidden URLs or javascript code

Source: https://8993b1c6.c7aeb996ba99e08645130852.workers.dev/

HTTP Parser: Base64 decoded: {"url":"https://walrusarnerica.com","domain":"walrusarnerica.com","key":"2blvrGzEdNqj","qrc":null,"iat":1711634914,"exp":1711635034}

HTML page contains obfuscate script src

Source: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3d	HTTP Parser: Script src: data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX
Source: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3d	HTTP Parser: Script src: data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX
Source: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3d	HTTP Parser: Script src: data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX

Phishing site detected (based on OCR NLP Model)

Source: MSG / EML	ML Model on OCR Text: Matched 99.7% probability on "This message was sent securely using ZiX@ You have been sent a secure document. Click below to be directed to download your document. VIEW COMPLETED DOCUMENT Let me know if you have any questions. ichole Henson Handrail & Warranty Southern Staircase 6025 Shiloh Road, Suite E Alpharetta, GA 30005 c: (678) 674-6634 nhenson southernstaircase.com "
Source: Chrome DOM: 0.5	ML Model on OCR Text: Matched 90.2% probability on "Prezi Log In Get started You have received a new document The message was sent securely to protect sensitive information included in the correspondence. Date Received - 08/28/2024 Reference Number - SP0005848912 Number of Pages = 2 Pages Status Code = Successful Use receiving email to access and verify documents. O "

HTTP Parser: <input type="password" .../> found

Source: https://td.doubleclick.net/td/rul/1001687149?random=1711634882116&cv=11&fst=1711634882116&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be43p0v892644071z86358348za201&gcd=13r3r3l3l5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&label=b1TSCIv8tAUQ7ZDS3QM&hn=www.googleadservices.com&frm=0&tiba=Secure%20Document%20by%20Matthew%20Swift%20on%20Prezi%20Design&npa=0&pscdl=noapi&auid=2095783995.1711634881&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse	HTTP Parser: No favicon
Source: https://8993b1c6.c7aeb996ba99e08645130852.workers.dev/	HTTP Parser: No favicon
Source: https://8993b1c6.c7aeb996ba99e08645130852.workers.dev/	HTTP Parser: No favicon
Source: https://8993b1c6.c7aeb996ba99e08645130852.workers.dev/	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i7zxk/0x4AAAAAAAViFPeHH3z19NbO/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i7zxk/0x4AAAAAAAViFPeHH3z19NbO/auto/normal	HTTP Parser: No favicon
Source: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC	HTTP Parser: No favicon
Source: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC&sso_reload=true	HTTP Parser: No favicon
Source: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC&sso_reload=true	HTTP Parser: No favicon

Source: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLa	HTTP Parser: No <meta name="author".. found
Source: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLa	HTTP Parser: No <meta name="author".. found
Source: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLa	HTTP Parser: No <meta name="author".. found
Source: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLa	HTTP Parser: No <meta name="author".. found
Source: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC&sso_reload=true	HTTP Parser: No <meta name="author".. found

Source: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLa	HTTP Parser: No <meta name="copyright".. found
Source: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLa	HTTP Parser: No <meta name="copyright".. found
Source: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLa	HTTP Parser: No <meta name="copyright".. found
Source: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLa	HTTP Parser: No <meta name="copyright".. found
Source: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC&sso_reload=true	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 20.190.190.193:443 -> 192.168.2.16:49702 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49707 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49902 version: TLS 1.2

Connects to many different domains

Source: unknown

Network traffic detected: DNS query count 40

IP address seen in connection with other malware

Source: Joe Sandbox View	IP Address: 104.19.155.83 104.19.155.83
Source: Joe Sandbox View	IP Address: 18.165.83.3 18.165.83.3
Source: Joe Sandbox View	IP Address: 20.190.151.6 20.190.151.6
Source: Joe Sandbox View	IP Address: 104.18.32.137 104.18.32.137
Source: Joe Sandbox View	IP Address: 104.22.56.142 104.22.56.142

JA3 SSL client fingerprint seen in connection with other malware

Source: Joe Sandbox View

JA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4

Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.190.193
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.190.193
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.190.193
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.190.193
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.190.193
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.190.193
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.190.193
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.190.193
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.190.193
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.190.193
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.190.193
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.190.193
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknown	TCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknown	TCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknown	TCP traffic detected without corresponding DNS query: 72.21.81.240

Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=2WzpRg9RsT+R7+Y&MD=+3tDNdrn HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /i/view/pR8cOHi26DZvZnMnybLa HTTP/1.1Host: prezi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/otSDKStub.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets-versioned/prezipage-versioned/4972-84c2790/CACHE/css/output.c551df2d7090.css HTTP/1.1Host: assets.prezicdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets-versioned/prezipage-versioned/4972-84c2790/CACHE/css/output.acf7fd5f9f6d.css HTTP/1.1Host: assets.prezicdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets-versioned/prezipage-versioned/4972-84c2790/CACHE/css/output.280f7abba376.css HTTP/1.1Host: assets.prezicdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets-versioned/prezipage-versioned/4972-84c2790/common/img/icons/Close.svg HTTP/1.1Host: assets.prezicdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets-versioned/prezipage-versioned/4972-84c2790/CACHE/css/output.f03e6a92b501.css HTTP/1.1Host: assets.prezicdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /t.js HTTP/1.1Host: prezi-analytics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets-versioned/prezipage-versioned/4972-84c2790/CACHE/js/output.2f5423f2c6f7.js HTTP/1.1Host: assets.prezicdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/babb4261-7c8b-4e0d-9b99-ce4e6e126a13/babb4261-7c8b-4e0d-9b99-ce4e6e126a13.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://prezi.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets-versioned/prezipage-versioned/4972-84c2790/CACHE/js/output.a8e10b28c6d5.js HTTP/1.1Host: assets.prezicdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/facebook-icon.svg HTTP/1.1Host: assets.prezicdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/twitter-icon.svg HTTP/1.1Host: assets.prezicdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /design-view-page/design-view-page.0.1.669/design-view-page.js HTTP/1.1Host: package-bundles.prezi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __putma=9489f764-ed0c-11ee-8366-4eb2dc9db458; csrftoken=Qp4TQoQrnBHljlETJBhuwjuF1xQbEqUc
Source: global traffic	HTTP traffic detected: GET /assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/linkedin-icon.svg HTTP/1.1Host: assets.prezicdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets-versioned/prezipage-versioned/4972-84c2790/common/img/icons/Close.svg HTTP/1.1Host: assets.prezicdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /frontend-packages/react@17.0.0/umd/react.production.min.js HTTP/1.1Host: assets1.prezicdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /frontend-packages/react-dom@17.0.0/umd/react-dom.production.min.js HTTP/1.1Host: assets1.prezicdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets-versioned/prezipage-versioned/4972-84c2790/common/img/logo/prezi-logo-white.svg HTTP/1.1Host: assets.prezicdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/CACHE/css/output.acf7fd5f9f6d.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /common/fonts/raleway-semibold.woff2 HTTP/1.1Host: assets1.prezicdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://prezi.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://assets.prezicdn.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /common/fonts/raleway-bold.woff2 HTTP/1.1Host: assets1.prezicdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://prezi.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://assets.prezicdn.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /common/fonts/raleway-medium.woff2 HTTP/1.1Host: assets1.prezicdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://prezi.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://assets.prezicdn.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/facebook-icon.svg HTTP/1.1Host: assets.prezicdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/twitter-icon.svg HTTP/1.1Host: assets.prezicdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/babb4261-7c8b-4e0d-9b99-ce4e6e126a13/babb4261-7c8b-4e0d-9b99-ce4e6e126a13.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"accept: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://prezi.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/linkedin-icon.svg HTTP/1.1Host: assets.prezicdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets-versioned/prezipage-versioned/4972-84c2790/common/img/logo/prezi-logo-white.svg HTTP/1.1Host: assets.prezicdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/otBannerSdk.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /common/fonts/raleway-regular.woff2 HTTP/1.1Host: assets1.prezicdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://prezi.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://assets.prezicdn.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /prezigram/viewer.js HTTP/1.1Host: cdn.jifo.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://prezi.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /t2 HTTP/1.1Host: prezi-analytics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /frontend-packages/viewer-container/heart_icon.svg HTTP/1.1Host: d2pj2twnjx3fya.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /frontend-packages/viewer-container/share_icon.svg HTTP/1.1Host: d2pj2twnjx3fya.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /frontend-packages/viewer-container/embed.svg HTTP/1.1Host: d2pj2twnjx3fya.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /frontend-packages/viewer-container/report_icon.svg HTTP/1.1Host: d2pj2twnjx3fya.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/babb4261-7c8b-4e0d-9b99-ce4e6e126a13/39849568-3e88-4ee4-8165-fcb0c856021e/en.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://prezi.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /t2 HTTP/1.1Host: prezi-analytics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets-versioned/prezipage-versioned/4972-84c2790/common/img/favicon.ico?v=2 HTTP/1.1Host: assets.prezicdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: prezi.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __putma=9489f764-ed0c-11ee-8366-4eb2dc9db458; csrftoken=Qp4TQoQrnBHljlETJBhuwjuF1xQbEqUc; glassbox-session-id=eyJzZXNzaW9uX2lkIjoiMjMzOTlkNDktOGNlMS00YjI3LWE2OGMtZjE5NjBiMzg4MDhhIn0=
Source: global traffic	HTTP traffic detected: GET /frontend-packages/viewer-container/share_icon.svg HTTP/1.1Host: d2pj2twnjx3fya.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /frontend-packages/viewer-container/heart_icon.svg HTTP/1.1Host: d2pj2twnjx3fya.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /frontend-packages/viewer-container/embed.svg HTTP/1.1Host: d2pj2twnjx3fya.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /frontend-packages/viewer-container/report_icon.svg HTTP/1.1Host: d2pj2twnjx3fya.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/dist/viewer-9c30345a13e32e20f73a-prezigram.js HTTP/1.1Host: cdn.jifo.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://prezi.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://cdn.jifo.co/prezigram/viewer.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets-versioned/prezipage-versioned/4972-84c2790/common/img/favicon.ico?v=2 HTTP/1.1Host: assets.prezicdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/babb4261-7c8b-4e0d-9b99-ce4e6e126a13/39849568-3e88-4ee4-8165-fcb0c856021e/en.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/otGPP.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: prezi.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __putma=9489f764-ed0c-11ee-8366-4eb2dc9db458; csrftoken=Qp4TQoQrnBHljlETJBhuwjuF1xQbEqUc; glassbox-session-id=eyJzZXNzaW9uX2lkIjoiMjMzOTlkNDktOGNlMS00YjI3LWE2OGMtZjE5NjBiMzg4MDhhIn0=
Source: global traffic	HTTP traffic detected: GET /api/v1/featureswitches/ HTTP/1.1Host: prezi.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __putma=9489f764-ed0c-11ee-8366-4eb2dc9db458; csrftoken=Qp4TQoQrnBHljlETJBhuwjuF1xQbEqUc; glassbox-session-id=eyJzZXNzaW9uX2lkIjoiMjMzOTlkNDktOGNlMS00YjI3LWE2OGMtZjE5NjBiMzg4MDhhIn0=
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/assets/otFlat.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://prezi.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/assets/v2/otPcCenter.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://prezi.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/assets/otCookieSettingsButton.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://prezi.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://prezi.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /en_US/fbevents.js HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /20307117.js HTTP/1.1Host: js.hs-scripts.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /libtrc/unip/1013987/tfa.js HTTP/1.1Host: cdn.taboola.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/assets/otFlat.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/assets/otCookieSettingsButton.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/assets/v2/otPcCenter.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/ot_guard_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://prezi.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/landing?gcs=G111&gcd=13r3r3l3l5&rnd=1861409893.1711634881&url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&dma=0&npa=0&gtm=45He43p0h1n71MQ6FG2v6358348za200&auid=2095783995.1711634881 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlKHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /topics_api HTTP/1.1Host: psb.taboola.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://prezi.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /analytics/1711634700000/20307117.js HTTP/1.1Host: js.hs-analytics.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v2/20307117/banner.js HTTP/1.1Host: js.hs-banner.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/ot_company_logo.png HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/powered_by_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /signals/config/291059134405770?v=2.9.151&r=stable&domain=prezi.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104 HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1013987/trc/3/json?tim=1711634881859&data=%7B%22id%22%3A190%2C%22ii%22%3A%22%2Fi%2Fview%2Fpr8cohi26dzvznmnybla%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1711634881848%2C%22cv%22%3A%2220240321-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dprezi-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22cbp%22%3A%22OneTrust%22%2C%22cbpv%22%3A%221%22%2C%22cbcd%22%3A%22%2CC0001%2CC0003%2CSSPD_BG%2CC0002%2CC0004%2C%22%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1711634881857%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa%22%2C%22tos%22%3A4%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i HTTP/1.1Host: trc.taboola.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/ot_guard_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/AW-958692981?random=1711634882084&cv=11&fst=1711634882084&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be43p0z86358348za201&gcd=13r3r3l3l5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&hn=www.googleadservices.com&frm=0&tiba=Secure%20Document%20by%20Matthew%20Swift%20on%20Prezi%20Design&npa=0&pscdl=noapi&auid=2095783995.1711634881&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlKHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/1001687149?random=1711634882116&cv=11&fst=1711634882116&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be43p0v892644071z86358348za201&gcd=13r3r3l3l5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&label=b1TSCIv8tAUQ7ZDS3QM&hn=www.googleadservices.com&frm=0&tiba=Secure%20Document%20by%20Matthew%20Swift%20on%20Prezi%20Design&npa=0&pscdl=noapi&auid=2095783995.1711634881&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlKHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/AW-958692981/?random=1711634882084&cv=11&fst=1711634882084&bg=ffffff&guid=ON&async=1&gtm=45be43p0z86358348za201&gcd=13r3r3l3l5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&hn=www.googleadservices.com&frm=0&tiba=Secure%20Document%20by%20Matthew%20Swift%20on%20Prezi%20Design&npa=0&pscdl=noapi&auid=2095783995.1711634881&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlKHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /api/v2/prezigram/getProjectContent?viewlinkId=pR8cOHi26DZvZnMnybLa&appVersion=a85a008f49176f15ba67d69d5423c8f41d5d80cd HTTP/1.1Host: prezi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLaAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __putma=9489f764-ed0c-11ee-8366-4eb2dc9db458; csrftoken=Qp4TQoQrnBHljlETJBhuwjuF1xQbEqUc; glassbox-session-id=eyJzZXNzaW9uX2lkIjoiMjMzOTlkNDktOGNlMS00YjI3LWE2OGMtZjE5NjBiMzg4MDhhIn0=; OTGPPConsent=DBABLA~BVQqAAAACgA.QA; _gcl_au=1.1.2095783995.1711634881; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Mar+28+2024+15%3A08%3A01+GMT%2B0100+(Central+European+Standard+Time)&version=202311.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&GPPCookiesCount=1&groups=C0001%3A1%2CC0003%3A1%2CSSPD_BG%3A1%2CC0002%3A1%2CC0004%3A1; _gid=GA1.2.572371416.1711634882; _gat_UA-2156578-3=1; _ga_N6JQLWRW1C=GS1.1.1711634882.1.0.1711634882.60.0.0; _ga=GA1.1.331924544.1711634882
Source: global traffic	HTTP traffic detected: GET /topics_api HTTP/1.1Host: psb.taboola.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/1001687149/?random=1711634882116&cv=11&fst=1711634882116&bg=ffffff&guid=ON&async=1&gtm=45be43p0v892644071z86358348za201&gcd=13r3r3l3l5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&label=b1TSCIv8tAUQ7ZDS3QM&hn=www.googleadservices.com&frm=0&tiba=Secure%20Document%20by%20Matthew%20Swift%20on%20Prezi%20Design&npa=0&pscdl=noapi&auid=2095783995.1711634881&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlKHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /logos/static/powered_by_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/ot_company_logo.png HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4197038910&v=1.1&a=20307117&pu=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&t=Secure+Document+by+Matthew+Swift+on+Prezi+Design&cts=1711634882497&vi=260bd16f2522b2093ee80312df7bc543&nc=true&ce=false&cc=0 HTTP/1.1Host: track.hubspot.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/cds-pips.js HTTP/1.1Host: cdn.taboola.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: t_gid=c3438892-e13a-4f00-a3ac-73aedb642a2b-tuctcfeff43; t_pt_gid=c3438892-e13a-4f00-a3ac-73aedb642a2b-tuctcfeff43; receive-cookie-deprecation=1
Source: global traffic	HTTP traffic detected: GET /scripts/eid.es5.js HTTP/1.1Host: cdn.taboola.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: t_gid=c3438892-e13a-4f00-a3ac-73aedb642a2b-tuctcfeff43; t_pt_gid=c3438892-e13a-4f00-a3ac-73aedb642a2b-tuctcfeff43; receive-cookie-deprecation=1
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/AW-958692981/?random=1711634882084&cv=11&fst=1711634400000&bg=ffffff&guid=ON&async=1&gtm=45be43p0z86358348za201&gcd=13r3r3l3l5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&frm=0&tiba=Secure%20Document%20by%20Matthew%20Swift%20on%20Prezi%20Design&npa=0&data=ads_data_redaction%3Dfalse&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqCzbpt8RH-whwEgiedhhzkQsAXMh4bejQ4DOfUB6nuAcN45JF&random=59350646&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlKHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=LtGInZ4I4WDrCvCHQBVMHOy4a-sqzpSrMO-Rwr8ezStTz_kfoi2bri7uGdXfNvskAEO_Tj5Jkwl0XSN-qA6MYiGShcDB_vNQOl1bpl3aua7gMrDRvWsHLpAuFBlBnNxTMeen95XElzx3r4myG8p8sgSHdx4NBawYGaI5oFn_dZ8
Source: global traffic	HTTP traffic detected: GET /api/v2/prezigram/getProjectContent?viewlinkId=pR8cOHi26DZvZnMnybLa&appVersion=a85a008f49176f15ba67d69d5423c8f41d5d80cd HTTP/1.1Host: prezi.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __putma=9489f764-ed0c-11ee-8366-4eb2dc9db458; csrftoken=Qp4TQoQrnBHljlETJBhuwjuF1xQbEqUc; glassbox-session-id=eyJzZXNzaW9uX2lkIjoiMjMzOTlkNDktOGNlMS00YjI3LWE2OGMtZjE5NjBiMzg4MDhhIn0=; OTGPPConsent=DBABLA~BVQqAAAACgA.QA; _gcl_au=1.1.2095783995.1711634881; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Mar+28+2024+15%3A08%3A01+GMT%2B0100+(Central+European+Standard+Time)&version=202311.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&GPPCookiesCount=1&groups=C0001%3A1%2CC0003%3A1%2CSSPD_BG%3A1%2CC0002%3A1%2CC0004%3A1; _gid=GA1.2.572371416.1711634882; _gat_UA-2156578-3=1; _ga_N6JQLWRW1C=GS1.1.1711634882.1.0.1711634882.60.0.0; _ga=GA1.1.331924544.1711634882; _uetsid=96fd6250ed0c11ee8cc3d5e29b0c487c; _uetvid=96fda030ed0c11ee84576132fc53bbf7; __hstc=108475037.260bd16f2522b2093ee80312df7bc543.1711634882493.1711634882493.1711634882493.1; hubspotutk=260bd16f2522b2093ee80312df7bc543; __hssrc=1; __hssc=108475037.1.1711634882494; _fbp=fb.1.1711634882815.126934393
Source: global traffic	HTTP traffic detected: GET /api/v2/fonts/stylesheet/?fontFamily=CooperHewitt HTTP/1.1Host: prezi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLaAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __putma=9489f764-ed0c-11ee-8366-4eb2dc9db458; csrftoken=Qp4TQoQrnBHljlETJBhuwjuF1xQbEqUc; glassbox-session-id=eyJzZXNzaW9uX2lkIjoiMjMzOTlkNDktOGNlMS00YjI3LWE2OGMtZjE5NjBiMzg4MDhhIn0=; OTGPPConsent=DBABLA~BVQqAAAACgA.QA; _gcl_au=1.1.2095783995.1711634881; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Mar+28+2024+15%3A08%3A01+GMT%2B0100+(Central+European+Standard+Time)&version=202311.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&GPPCookiesCount=1&groups=C0001%3A1%2CC0003%3A1%2CSSPD_BG%3A1%2CC0002%3A1%2CC0004%3A1; _gid=GA1.2.572371416.1711634882; _gat_UA-2156578-3=1; _ga_N6JQLWRW1C=GS1.1.1711634882.1.0.1711634882.60.0.0; _ga=GA1.1.331924544.1711634882; _uetsid=96fd6250ed0c11ee8cc3d5e29b0c487c; _uetvid=96fda030ed0c11ee84576132fc53bbf7; __hstc=108475037.260bd16f2522b2093ee80312df7bc543.1711634882493.1711634882493.1711634882493.1; hubspotutk=260bd16f2522b2093ee80312df7bc543; __hssrc=1; __hssc=108475037.1.1711634882494; _fbp=fb.1.1711634882815.126934393
Source: global traffic	HTTP traffic detected: GET /j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2156578-3&cid=331924544.1711634882&jid=534201109&gjid=386031998&_gid=572371416.1711634882&_u=YEBAAAAAAAAAAC~&z=1368921522 HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlKHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlQ86AJ-R-pivzKQRuSaaa8lzvlFD1nTmsQzRmKWtKXBSXVFug36YE4dbxt
Source: global traffic	HTTP traffic detected: GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2156578-3&cid=331924544.1711634882&jid=534201109&_u=YEBAAAAAAAAAAC~&z=103489921 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlKHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=LtGInZ4I4WDrCvCHQBVMHOy4a-sqzpSrMO-Rwr8ezStTz_kfoi2bri7uGdXfNvskAEO_Tj5Jkwl0XSN-qA6MYiGShcDB_vNQOl1bpl3aua7gMrDRvWsHLpAuFBlBnNxTMeen95XElzx3r4myG8p8sgSHdx4NBawYGaI5oFn_dZ8
Source: global traffic	HTTP traffic detected: GET /tr/?id=291059134405770&ev=PageView&dl=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&rl=&if=false&ts=1711634882816&sw=1280&sh=1024&v=2.9.151&r=stable&ec=0&o=4126&fbp=fb.1.1711634882815.126934393&ler=empty&cdl=API_unavailable&it=1711634882070&coo=false&dpo=&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=291059134405770&ev=PageView&dl=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&rl=&if=false&ts=1711634882816&sw=1280&sh=1024&v=2.9.151&r=stable&ec=0&o=4126&fbp=fb.1.1711634882815.126934393&ler=empty&cdl=API_unavailable&it=1711634882070&coo=false&dpo=&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: event-source;navigation-source, triggerReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/1001687149/?random=1711634882116&cv=11&fst=1711634400000&bg=ffffff&guid=ON&async=1&gtm=45be43p0v892644071z86358348za201&gcd=13r3r3l3l5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&label=b1TSCIv8tAUQ7ZDS3QM&frm=0&tiba=Secure%20Document%20by%20Matthew%20Swift%20on%20Prezi%20Design&npa=0&data=ads_data_redaction%3Dfalse&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqlFJqyGehJ41O047HAIB4MKsQbgaOVr5AL0Cyui5kEK1uHZyY&random=3004055227&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlKHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=LtGInZ4I4WDrCvCHQBVMHOy4a-sqzpSrMO-Rwr8ezStTz_kfoi2bri7uGdXfNvskAEO_Tj5Jkwl0XSN-qA6MYiGShcDB_vNQOl1bpl3aua7gMrDRvWsHLpAuFBlBnNxTMeen95XElzx3r4myG8p8sgSHdx4NBawYGaI5oFn_dZ8
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: pips.taboola.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://prezi.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4197038910&v=1.1&a=20307117&pu=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&t=Secure+Document+by+Matthew+Swift+on+Prezi+Design&cts=1711634882497&vi=260bd16f2522b2093ee80312df7bc543&nc=true&ce=false&cc=0 HTTP/1.1Host: track.hubspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=QZo_urGWF.n5HRBGiXdetiS5nPjvgrxZwWccJuGunnU-1711634883-1.0.1.1-38L9t7CsoP1tklegMSxJH7NKm64mtVdnbnjBa3tcv7zQLwXbZ.ytQ06SVDu8zy6cPW0y9Xk4jVkYzbfiRb0mXQ; _cfuvid=uvbn2Ku4tdSZ8stCN6F5_A49EAYFZ4sg759aH1Y8YQI-1711634883921-0.0.1.1-604800000
Source: global traffic	HTTP traffic detected: GET /api/v1/fonts/CooperHewitt-Regular/ HTTP/1.1Host: prezi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://prezi.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://prezi.com/api/v2/fonts/stylesheet/?fontFamily=CooperHewittAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __putma=9489f764-ed0c-11ee-8366-4eb2dc9db458; csrftoken=Qp4TQoQrnBHljlETJBhuwjuF1xQbEqUc; glassbox-session-id=eyJzZXNzaW9uX2lkIjoiMjMzOTlkNDktOGNlMS00YjI3LWE2OGMtZjE5NjBiMzg4MDhhIn0=; OTGPPConsent=DBABLA~BVQqAAAACgA.QA; _gcl_au=1.1.2095783995.1711634881; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Mar+28+2024+15%3A08%3A01+GMT%2B0100+(Central+European+Standard+Time)&version=202311.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&GPPCookiesCount=1&groups=C0001%3A1%2CC0003%3A1%2CSSPD_BG%3A1%2CC0002%3A1%2CC0004%3A1; _gid=GA1.2.572371416.1711634882; _gat_UA-2156578-3=1; _ga_N6JQLWRW1C=GS1.1.1711634882.1.0.1711634882.60.0.0; _ga=GA1.1.331924544.1711634882; _uetsid=96fd6250ed0c11ee8cc3d5e29b0c487c; _uetvid=96fda030ed0c11ee84576132fc53bbf7; __hstc=108475037.260bd16f2522b2093ee80312df7bc543.1711634882493.1711634882493.1711634882493.1; hubspotutk=260bd16f2522b2093ee80312df7bc543; __hssrc=1; __hssc=108475037.1.1711634882494; _fbp=fb.1.1711634882815.126934393
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/AW-958692981/?random=1711634882084&cv=11&fst=1711634400000&bg=ffffff&guid=ON&async=1&gtm=45be43p0z86358348za201&gcd=13r3r3l3l5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&frm=0&tiba=Secure%20Document%20by%20Matthew%20Swift%20on%20Prezi%20Design&npa=0&data=ads_data_redaction%3Dfalse&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqCzbpt8RH-whwEgiedhhzkQsAXMh4bejQ4DOfUB6nuAcN45JF&random=59350646&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlKHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=LtGInZ4I4WDrCvCHQBVMHOy4a-sqzpSrMO-Rwr8ezStTz_kfoi2bri7uGdXfNvskAEO_Tj5Jkwl0XSN-qA6MYiGShcDB_vNQOl1bpl3aua7gMrDRvWsHLpAuFBlBnNxTMeen95XElzx3r4myG8p8sgSHdx4NBawYGaI5oFn_dZ8
Source: global traffic	HTTP traffic detected: GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2156578-3&cid=331924544.1711634882&jid=534201109&_u=YEBAAAAAAAAAAC~&z=103489921 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlKHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=LtGInZ4I4WDrCvCHQBVMHOy4a-sqzpSrMO-Rwr8ezStTz_kfoi2bri7uGdXfNvskAEO_Tj5Jkwl0XSN-qA6MYiGShcDB_vNQOl1bpl3aua7gMrDRvWsHLpAuFBlBnNxTMeen95XElzx3r4myG8p8sgSHdx4NBawYGaI5oFn_dZ8
Source: global traffic	HTTP traffic detected: GET /tr/?id=291059134405770&ev=PageView&dl=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&rl=&if=false&ts=1711634882816&sw=1280&sh=1024&v=2.9.151&r=stable&ec=0&o=4126&fbp=fb.1.1711634882815.126934393&ler=empty&cdl=API_unavailable&it=1711634882070&coo=false&dpo=&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=291059134405770&ev=PageView&dl=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&rl=&if=false&ts=1711634882816&sw=1280&sh=1024&v=2.9.151&r=stable&ec=0&o=4126&fbp=fb.1.1711634882815.126934393&ler=empty&cdl=API_unavailable&it=1711634882070&coo=false&dpo=&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/1001687149/?random=1711634882116&cv=11&fst=1711634400000&bg=ffffff&guid=ON&async=1&gtm=45be43p0v892644071z86358348za201&gcd=13r3r3l3l5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&label=b1TSCIv8tAUQ7ZDS3QM&frm=0&tiba=Secure%20Document%20by%20Matthew%20Swift%20on%20Prezi%20Design&npa=0&data=ads_data_redaction%3Dfalse&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqlFJqyGehJ41O047HAIB4MKsQbgaOVr5AL0Cyui5kEK1uHZyY&random=3004055227&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlKHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=LtGInZ4I4WDrCvCHQBVMHOy4a-sqzpSrMO-Rwr8ezStTz_kfoi2bri7uGdXfNvskAEO_Tj5Jkwl0XSN-qA6MYiGShcDB_vNQOl1bpl3aua7gMrDRvWsHLpAuFBlBnNxTMeen95XElzx3r4myG8p8sgSHdx4NBawYGaI5oFn_dZ8
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: pips.taboola.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: t_gid=c3438892-e13a-4f00-a3ac-73aedb642a2b-tuctcfeff43
Source: global traffic	HTTP traffic detected: GET /?uid=c3438892-e13a-4f00-a3ac-73aedb642a2b-tuctcfeff43&ptf=V2luZG93cw==&ptfv=MTAuMC4w&ufv=MTE3LjAuNTkzOC4xMzI=&bnd=R29vZ2xlIENocm9tZQ==&bndv=MTE3&bnd=Tm90O0E9QnJhbmQ=&bndv=OA==&bnd=Q2hyb21pdW0=&bndv=MTE3&mbl=ZmFsc2U= HTTP/1.1Host: cds.taboola.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://prezi.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/v2/fonts/stylesheet/?fontFamily=Raleway,Roboto,Roboto,Raleway HTTP/1.1Host: prezi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLaAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __putma=9489f764-ed0c-11ee-8366-4eb2dc9db458; csrftoken=Qp4TQoQrnBHljlETJBhuwjuF1xQbEqUc; glassbox-session-id=eyJzZXNzaW9uX2lkIjoiMjMzOTlkNDktOGNlMS00YjI3LWE2OGMtZjE5NjBiMzg4MDhhIn0=; OTGPPConsent=DBABLA~BVQqAAAACgA.QA; _gcl_au=1.1.2095783995.1711634881; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Mar+28+2024+15%3A08%3A01+GMT%2B0100+(Central+European+Standard+Time)&version=202311.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&GPPCookiesCount=1&groups=C0001%3A1%2CC0003%3A1%2CSSPD_BG%3A1%2CC0002%3A1%2CC0004%3A1; _gid=GA1.2.572371416.1711634882; _gat_UA-2156578-3=1; _ga_N6JQLWRW1C=GS1.1.1711634882.1.0.1711634882.60.0.0; _ga=GA1.1.331924544.1711634882; _uetsid=96fd6250ed0c11ee8cc3d5e29b0c487c; _uetvid=96fda030ed0c11ee84576132fc53bbf7; __hstc=108475037.260bd16f2522b2093ee80312df7bc543.1711634882493.1711634882493.1711634882493.1; hubspotutk=260bd16f2522b2093ee80312df7bc543; __hssrc=1; __hssc=108475037.1.1711634882494; _fbp=fb.1.1711634882815.126934393
Source: global traffic	HTTP traffic detected: GET /1013987/log/3/unip?en=pre_d_eng_tb&tos=1561&scd=0&ssd=1&est=1711634881853&ver=36&isls=true&src=i&invt=1500&msa=550&rv=1&tim=1711634883414&vi=1711634881848&ri=106dde1fc8ff1f99a95322d86585e0ea&sd=v2_88e9a1d39f282eb52211a52fd3c2ed49_c3438892-e13a-4f00-a3ac-73aedb642a2b-tuctcfeff43_1711634883_1711634883_CNawjgYQ4_E9GLi6jqvoMSABKAEw4QE4kaQOQO7BD0iX0NkDULYEWABgAGiQgI6I5eeGxhBwAQ&ui=c3438892-e13a-4f00-a3ac-73aedb642a2b-tuctcfeff43&ref=null&cv=20240321-9-RELEASE&item-url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&cbp=OneTrust&cbpv=1&cbcd=%2CC0001%2CC0003%2CSSPD_BG%2CC0002%2CC0004%2C HTTP/1.1Host: trc-events.taboola.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Attribution-Reporting-Eligible: triggersec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://prezi.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: t_gid=c3438892-e13a-4f00-a3ac-73aedb642a2b-tuctcfeff43; t_pt_gid=c3438892-e13a-4f00-a3ac-73aedb642a2b-tuctcfeff43; receive-cookie-deprecation=1
Source: global traffic	HTTP traffic detected: GET /api/v1/fonts/Raleway-Regular/ HTTP/1.1Host: prezi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://prezi.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://prezi.com/api/v2/fonts/stylesheet/?fontFamily=Raleway,Roboto,Roboto,RalewayAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __putma=9489f764-ed0c-11ee-8366-4eb2dc9db458; csrftoken=Qp4TQoQrnBHljlETJBhuwjuF1xQbEqUc; glassbox-session-id=eyJzZXNzaW9uX2lkIjoiMjMzOTlkNDktOGNlMS00YjI3LWE2OGMtZjE5NjBiMzg4MDhhIn0=; OTGPPConsent=DBABLA~BVQqAAAACgA.QA; _gcl_au=1.1.2095783995.1711634881; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Mar+28+2024+15%3A08%3A01+GMT%2B0100+(Central+European+Standard+Time)&version=202311.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&GPPCookiesCount=1&groups=C0001%3A1%2CC0003%3A1%2CSSPD_BG%3A1%2CC0002%3A1%2CC0004%3A1; _gid=GA1.2.572371416.1711634882; _gat_UA-2156578-3=1; _ga_N6JQLWRW1C=GS1.1.1711634882.1.0.1711634882.60.0.0; _ga=GA1.1.331924544.1711634882; _uetsid=96fd6250ed0c11ee8cc3d5e29b0c487c; _uetvid=96fda030ed0c11ee84576132fc53bbf7; __hstc=108475037.260bd16f2522b2093ee80312df7bc543.1711634882493.1711634882493.1711634882493.1; hubspotutk=260bd16f2522b2093ee80312df7bc543; __hssrc=1; __hssc=108475037.1.1711634882494; _fbp=fb.1.1711634882815.126934393
Source: global traffic	HTTP traffic detected: GET /api/v1/fonts/Roboto-Regular2/ HTTP/1.1Host: prezi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://prezi.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://prezi.com/api/v2/fonts/stylesheet/?fontFamily=Raleway,Roboto,Roboto,RalewayAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __putma=9489f764-ed0c-11ee-8366-4eb2dc9db458; csrftoken=Qp4TQoQrnBHljlETJBhuwjuF1xQbEqUc; glassbox-session-id=eyJzZXNzaW9uX2lkIjoiMjMzOTlkNDktOGNlMS00YjI3LWE2OGMtZjE5NjBiMzg4MDhhIn0=; OTGPPConsent=DBABLA~BVQqAAAACgA.QA; _gcl_au=1.1.2095783995.1711634881; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Mar+28+2024+15%3A08%3A01+GMT%2B0100+(Central+European+Standard+Time)&version=202311.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&GPPCookiesCount=1&groups=C0001%3A1%2CC0003%3A1%2CSSPD_BG%3A1%2CC0002%3A1%2CC0004%3A1; _gid=GA1.2.572371416.1711634882; _gat_UA-2156578-3=1; _ga_N6JQLWRW1C=GS1.1.1711634882.1.0.1711634882.60.0.0; _ga=GA1.1.331924544.1711634882; _uetsid=96fd6250ed0c11ee8cc3d5e29b0c487c; _uetvid=96fda030ed0c11ee84576132fc53bbf7; __hstc=108475037.260bd16f2522b2093ee80312df7bc543.1711634882493.1711634882493.1711634882493.1; hubspotutk=260bd16f2522b2093ee80312df7bc543; __hssrc=1; __hssc=108475037.1.1711634882494; _fbp=fb.1.1711634882815.126934393
Source: global traffic	HTTP traffic detected: GET /api/v1/fonts/CooperHewitt-Bold/ HTTP/1.1Host: prezi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://prezi.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://prezi.com/api/v2/fonts/stylesheet/?fontFamily=CooperHewittAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __putma=9489f764-ed0c-11ee-8366-4eb2dc9db458; csrftoken=Qp4TQoQrnBHljlETJBhuwjuF1xQbEqUc; glassbox-session-id=eyJzZXNzaW9uX2lkIjoiMjMzOTlkNDktOGNlMS00YjI3LWE2OGMtZjE5NjBiMzg4MDhhIn0=; OTGPPConsent=DBABLA~BVQqAAAACgA.QA; _gcl_au=1.1.2095783995.1711634881; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Mar+28+2024+15%3A08%3A01+GMT%2B0100+(Central+European+Standard+Time)&version=202311.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&GPPCookiesCount=1&groups=C0001%3A1%2CC0003%3A1%2CSSPD_BG%3A1%2CC0002%3A1%2CC0004%3A1; _gid=GA1.2.572371416.1711634882; _gat_UA-2156578-3=1; _ga_N6JQLWRW1C=GS1.1.1711634882.1.0.1711634882.60.0.0; _ga=GA1.1.331924544.1711634882; _uetsid=96fd6250ed0c11ee8cc3d5e29b0c487c; _uetvid=96fda030ed0c11ee84576132fc53bbf7; __hstc=108475037.260bd16f2522b2093ee80312df7bc543.1711634882493.1711634882493.1711634882493.1; hubspotutk=260bd16f2522b2093ee80312df7bc543; __hssrc=1; __hssc=108475037.1.1711634882494; _fbp=fb.1.1711634882815.126934393; _tt_enable_cookie=1; _ttp=MIau9RqghUGarWmMI67EE7JQoog
Source: global traffic	HTTP traffic detected: GET /81abd42ac50a67916700ec855e00b049f6db148bb8542310433f62c13879dd1beae271ee3fe0c4bfdbb58006f5f902707fa45a99f1c11d3fe03b9698cc6e2a00 HTTP/1.1Host: prezigram-assets.prezicdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6aae029930513925216739a29a87625aa2d8e9a06d371fe3aad2cc1db8b05264ed332d336b1f460d4c55ac1ce5b3cd19d4a96c2e5347bfd59a5bbc3926d26eff HTTP/1.1Host: prezigram-assets.prezicdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /03668b207910a35646d0df764b55082d74fb27792c6a552bd7a63bba836be0fd4838661eff9491657316de79f1ed7c07ce9daea795eedf2e6eb8e2b1b086aec9 HTTP/1.1Host: prezigram-assets.prezicdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /81abd42ac50a67916700ec855e00b049f6db148bb8542310433f62c13879dd1beae271ee3fe0c4bfdbb58006f5f902707fa45a99f1c11d3fe03b9698cc6e2a00 HTTP/1.1Host: prezigram-assets.prezicdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /03668b207910a35646d0df764b55082d74fb27792c6a552bd7a63bba836be0fd4838661eff9491657316de79f1ed7c07ce9daea795eedf2e6eb8e2b1b086aec9 HTTP/1.1Host: prezigram-assets.prezicdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6aae029930513925216739a29a87625aa2d8e9a06d371fe3aad2cc1db8b05264ed332d336b1f460d4c55ac1ce5b3cd19d4a96c2e5347bfd59a5bbc3926d26eff HTTP/1.1Host: prezigram-assets.prezicdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr/?id=291059134405770&ev=SubscribedButtonClick&dl=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&rl=&if=false&ts=1711634886235&cd[buttonFeatures]=%7B%22classList%22%3A%22%22%2C%22destination%22%3A%22%22%2C%22id%22%3A%22onetrust-accept-btn-handler%22%2C%22imageUrl%22%3A%22%22%2C%22innerText%22%3A%22Accept%20Cookies%22%2C%22numChildButtons%22%3A0%2C%22tag%22%3A%22button%22%2C%22type%22%3Anull%2C%22name%22%3A%22%22%2C%22value%22%3A%22%22%7D&cd[buttonText]=Accept%20Cookies&cd[formFeatures]=%5B%5D&cd[pageFeatures]=%7B%22title%22%3A%22%5Cn%20%20%20%20Secure%20Document%20by%20Matthew%20Swift%20on%20Prezi%20Design%5Cn%22%7D&sw=1280&sh=1024&v=2.9.151&r=stable&ec=1&o=4126&fbp=fb.1.1711634882815.126934393&ler=empty&cdl=API_unavailable&it=1711634882070&coo=false&dpo=&es=automatic&tm=3&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/ot_persistent_cookie.png HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=291059134405770&ev=SubscribedButtonClick&dl=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&rl=&if=false&ts=1711634886235&cd[buttonFeatures]=%7B%22classList%22%3A%22%22%2C%22destination%22%3A%22%22%2C%22id%22%3A%22onetrust-accept-btn-handler%22%2C%22imageUrl%22%3A%22%22%2C%22innerText%22%3A%22Accept%20Cookies%22%2C%22numChildButtons%22%3A0%2C%22tag%22%3A%22button%22%2C%22type%22%3Anull%2C%22name%22%3A%22%22%2C%22value%22%3A%22%22%7D&cd[buttonText]=Accept%20Cookies&cd[formFeatures]=%5B%5D&cd[pageFeatures]=%7B%22title%22%3A%22%5Cn%20%20%20%20Secure%20Document%20by%20Matthew%20Swift%20on%20Prezi%20Design%5Cn%22%7D&sw=1280&sh=1024&v=2.9.151&r=stable&ec=1&o=4126&fbp=fb.1.1711634882815.126934393&ler=empty&cdl=API_unavailable&it=1711634882070&coo=false&dpo=&es=automatic&tm=3&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: not-navigation-source, trigger, event-sourceReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr/?id=291059134405770&ev=SubscribedButtonClick&dl=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&rl=&if=false&ts=1711634886235&cd[buttonFeatures]=%7B%22classList%22%3A%22%22%2C%22destination%22%3A%22%22%2C%22id%22%3A%22onetrust-accept-btn-handler%22%2C%22imageUrl%22%3A%22%22%2C%22innerText%22%3A%22Accept%20Cookies%22%2C%22numChildButtons%22%3A0%2C%22tag%22%3A%22button%22%2C%22type%22%3Anull%2C%22name%22%3A%22%22%2C%22value%22%3A%22%22%7D&cd[buttonText]=Accept%20Cookies&cd[formFeatures]=%5B%5D&cd[pageFeatures]=%7B%22title%22%3A%22%5Cn%20%20%20%20Secure%20Document%20by%20Matthew%20Swift%20on%20Prezi%20Design%5Cn%22%7D&sw=1280&sh=1024&v=2.9.151&r=stable&ec=1&o=4126&fbp=fb.1.1711634882815.126934393&ler=empty&cdl=API_unavailable&it=1711634882070&coo=false&dpo=&es=automatic&tm=3&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=291059134405770&ev=SubscribedButtonClick&dl=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&rl=&if=false&ts=1711634886235&cd[buttonFeatures]=%7B%22classList%22%3A%22%22%2C%22destination%22%3A%22%22%2C%22id%22%3A%22onetrust-accept-btn-handler%22%2C%22imageUrl%22%3A%22%22%2C%22innerText%22%3A%22Accept%20Cookies%22%2C%22numChildButtons%22%3A0%2C%22tag%22%3A%22button%22%2C%22type%22%3Anull%2C%22name%22%3A%22%22%2C%22value%22%3A%22%22%7D&cd[buttonText]=Accept%20Cookies&cd[formFeatures]=%5B%5D&cd[pageFeatures]=%7B%22title%22%3A%22%5Cn%20%20%20%20Secure%20Document%20by%20Matthew%20Swift%20on%20Prezi%20Design%5Cn%22%7D&sw=1280&sh=1024&v=2.9.151&r=stable&ec=1&o=4126&fbp=fb.1.1711634882815.126934393&ler=empty&cdl=API_unavailable&it=1711634882070&coo=false&dpo=&es=automatic&tm=3&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/ot_persistent_cookie.png HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1013987/log/3/unip?en=pre_d_eng_tb&tos=4569&scd=0&ssd=1&est=1711634881853&ver=36&isls=true&src=i&invt=3000&msa=550&rv=1&tim=1711634886423&vi=1711634881848&ri=106dde1fc8ff1f99a95322d86585e0ea&sd=v2_88e9a1d39f282eb52211a52fd3c2ed49_c3438892-e13a-4f00-a3ac-73aedb642a2b-tuctcfeff43_1711634883_1711634883_CNawjgYQ4_E9GLi6jqvoMSABKAEw4QE4kaQOQO7BD0iX0NkDULYEWABgAGiQgI6I5eeGxhBwAQ&ui=c3438892-e13a-4f00-a3ac-73aedb642a2b-tuctcfeff43&ref=null&cv=20240321-9-RELEASE&item-url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&cbp=OneTrust&cbpv=1&cbcd=%2CC0003%2CC0001%2CC0002%2CC0004%2CSSPD_BG%2C HTTP/1.1Host: trc-events.taboola.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Attribution-Reporting-Eligible: triggersec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://prezi.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: t_gid=c3438892-e13a-4f00-a3ac-73aedb642a2b-tuctcfeff43; t_pt_gid=c3438892-e13a-4f00-a3ac-73aedb642a2b-tuctcfeff43; receive-cookie-deprecation=1
Source: global traffic	HTTP traffic detected: GET /1013987/log/3/unip?en=pre_d_eng_tb&tos=10586&scd=15&ssd=1&est=1711634881853&ver=36&isls=true&src=i&invt=6000&msa=1312&rv=1&tim=1711634892440&vi=1711634881848&ri=106dde1fc8ff1f99a95322d86585e0ea&sd=v2_88e9a1d39f282eb52211a52fd3c2ed49_c3438892-e13a-4f00-a3ac-73aedb642a2b-tuctcfeff43_1711634883_1711634883_CNawjgYQ4_E9GLi6jqvoMSABKAEw4QE4kaQOQO7BD0iX0NkDULYEWABgAGiQgI6I5eeGxhBwAQ&ui=c3438892-e13a-4f00-a3ac-73aedb642a2b-tuctcfeff43&ref=null&cv=20240321-9-RELEASE&item-url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&cbp=OneTrust&cbpv=1&cbcd=%2CC0003%2CC0001%2CC0002%2CC0004%2CSSPD_BG%2C HTTP/1.1Host: trc-events.taboola.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Attribution-Reporting-Eligible: triggersec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://prezi.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://prezi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: t_gid=c3438892-e13a-4f00-a3ac-73aedb642a2b-tuctcfeff43; t_pt_gid=c3438892-e13a-4f00-a3ac-73aedb642a2b-tuctcfeff43; receive-cookie-deprecation=1
Source: global traffic	HTTP traffic detected: GET /5655766779679/768798809534344657676.html HTTP/1.1Host: mr-asus.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=2WzpRg9RsT+R7+Y&MD=+3tDNdrn HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: 8993b1c6.c7aeb996ba99e08645130852.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://mr-asus.ru/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /t2 HTTP/1.1Host: prezi-analytics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: prezi.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __putma=9489f764-ed0c-11ee-8366-4eb2dc9db458; csrftoken=Qp4TQoQrnBHljlETJBhuwjuF1xQbEqUc; glassbox-session-id=eyJzZXNzaW9uX2lkIjoiMjMzOTlkNDktOGNlMS00YjI3LWE2OGMtZjE5NjBiMzg4MDhhIn0=; OTGPPConsent=DBABLA~BVQqAAAACgA.QA; _gcl_au=1.1.2095783995.1711634881; _gid=GA1.2.572371416.1711634882; _gat_UA-2156578-3=1; _ga=GA1.1.331924544.1711634882; _uetsid=96fd6250ed0c11ee8cc3d5e29b0c487c; _uetvid=96fda030ed0c11ee84576132fc53bbf7; __hstc=108475037.260bd16f2522b2093ee80312df7bc543.1711634882493.1711634882493.1711634882493.1; hubspotutk=260bd16f2522b2093ee80312df7bc543; __hssrc=1; __hssc=108475037.1.1711634882494; _fbp=fb.1.1711634882815.126934393; _tt_enable_cookie=1; _ttp=MIau9RqghUGarWmMI67EE7JQoog; OptanonAlertBoxClosed=2024-03-28T14:08:06.241Z; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Mar+28+2024+15%3A08%3A06+GMT%2B0100+(Central+European+Standard+Time)&version=202311.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=NotLandingPage&GPPCookiesCount=1&groups=C0003%3A1%2CC0001%3A1%2CC0002%3A1%2CC0004%3A1%2CSSPD_BG%3A1; _ga_N6JQLWRW1C=GS1.1.1711634882.1.1.1711634898.44.0.0
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://8993b1c6.c7aeb996ba99e08645130852.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/g/dc6b543c1346/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://8993b1c6.c7aeb996ba99e08645130852.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i7zxk/0x4AAAAAAAViFPeHH3z19NbO/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://8993b1c6.c7aeb996ba99e08645130852.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=86b83137dd593880 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i7zxk/0x4AAAAAAAViFPeHH3z19NbO/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i7zxk/0x4AAAAAAAViFPeHH3z19NbO/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 8993b1c6.c7aeb996ba99e08645130852.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://8993b1c6.c7aeb996ba99e08645130852.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 8993b1c6.c7aeb996ba99e08645130852.workers.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1329263543:1711631579:wETikrO3D0_55QB6b40G2lFt5tvBkvGuWSvMZFU-7IA/86b83137dd593880/8ce6bc76cced506 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/i/86b83137dd593880/1711634908224/h__11-NY7fpCft1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i7zxk/0x4AAAAAAAViFPeHH3z19NbO/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/i/86b83137dd593880/1711634908224/h__11-NY7fpCft1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/pat/86b83137dd593880/1711634908231/7dff40727db7e0ab990155ecf75aae403895f646d5f3a295266cb41f99bcc39d/UytNTup_UbjRTAY HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i7zxk/0x4AAAAAAAViFPeHH3z19NbO/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1329263543:1711631579:wETikrO3D0_55QB6b40G2lFt5tvBkvGuWSvMZFU-7IA/86b83137dd593880/8ce6bc76cced506 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1329263543:1711631579:wETikrO3D0_55QB6b40G2lFt5tvBkvGuWSvMZFU-7IA/86b83137dd593880/8ce6bc76cced506 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3dhbHJ1c2FybmVyaWNhLmNvbSIsImRvbWFpbiI6IndhbHJ1c2FybmVyaWNhLmNvbSIsImtleSI6IjJibHZyR3pFZE5xaiIsInFyYyI6bnVsbCwiaWF0IjoxNzExNjM0OTE0LCJleHAiOjE3MTE2MzUwMzR9.IMDlgKI6Pb_RGo0dm2fFuseryZbbItfXNac0bosx6hA HTTP/1.1Host: walrusarnerica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://8993b1c6.c7aeb996ba99e08645130852.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: walrusarnerica.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://8993b1c6.c7aeb996ba99e08645130852.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=2blvrGzEdNqj; qPdM.sig=6K85eNQ2lbAax2poky4wIHZW7b4
Source: global traffic	HTTP traffic detected: GET /owa/ HTTP/1.1Host: walrusarnerica.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://8993b1c6.c7aeb996ba99e08645130852.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=2blvrGzEdNqj; qPdM.sig=6K85eNQ2lbAax2poky4wIHZW7b4
Source: global traffic	HTTP traffic detected: GET /captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC HTTP/1.1Host: walrusarnerica.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://8993b1c6.c7aeb996ba99e08645130852.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=2blvrGzEdNqj; qPdM.sig=6K85eNQ2lbAax2poky4wIHZW7b4; ClientId=27B609C22FE94573BB8E20DEFE5E9C24; OIDC=1; OpenIdConnect.nonce.v3._POTzWQy5yz48Ra-gtDM9RYqzIOn5K_VPs5p_ZqQxy4=638472317182851220.59b03a29-7027-4a16-9fdf-3ff782b62779; X-OWA-RedirectHistory=ArLym14BlLiakDBP3Ag
Source: global traffic	HTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/js/BssoInterrupt_Core_GW4zPEKtwiiwtRHaCqGPVw2.js HTTP/1.1Host: walrusarnerica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNCAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=2blvrGzEdNqj; qPdM.sig=6K85eNQ2lbAax2poky4wIHZW7b4; ClientId=27B609C22FE94573BB8E20DEFE5E9C24; OIDC=1; OpenIdConnect.nonce.v3._POTzWQy5yz48Ra-gtDM9RYqzIOn5K_VPs5p_ZqQxy4=638472317182851220.59b03a29-7027-4a16-9fdf-3ff782b62779; X-OWA-RedirectHistory=ArLym14BlLiakDBP3Ag; esctx-9q9kona8AOU=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8hs7umjQiAYBj73vxnCUnh8pg99NewpVp34uJDzrM69aE2vCBab94SFZ_ZGrTCStvycSB2ZhSZ_DdTGk85hspD78oP7EAIk2AbSQ6aIFwl6SaNxEnWZCuL7NbhmVkQmX268i42J2dP8Wdk5k84sBZviAA; fpc=AiIxZMvkWE9HqmKkqx7p9G4; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8A5zBZLuZ5F5KStDng6gaakIB-__W5sSToI1tPq2GZpMh7HwAuGGxEC0M-5YDQ9SfeBDSes3-sF-Nb7nIw3ub2bxVLT2jv1bflJRZweWWNCgaxrQfjRILPyACJlB51s-9z5HaxXnCBa7lHiwseUlL9ZRJKdhe52cUnLIgHPXlNmQgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 8993b1c6.c7aeb996ba99e08645130852.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://8993b1c6.c7aeb996ba99e08645130852.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 8993b1c6.c7aeb996ba99e08645130852.workers.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC&sso_reload=true HTTP/1.1Host: walrusarnerica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNCAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=2blvrGzEdNqj; qPdM.sig=6K85eNQ2lbAax2poky4wIHZW7b4; ClientId=27B609C22FE94573BB8E20DEFE5E9C24; OIDC=1; OpenIdConnect.nonce.v3._POTzWQy5yz48Ra-gtDM9RYqzIOn5K_VPs5p_ZqQxy4=638472317182851220.59b03a29-7027-4a16-9fdf-3ff782b62779; X-OWA-RedirectHistory=ArLym14BlLiakDBP3Ag; esctx-9q9kona8AOU=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8hs7umjQiAYBj73vxnCUnh8pg99NewpVp34uJDzrM69aE2vCBab94SFZ_ZGrTCStvycSB2ZhSZ_DdTGk85hspD78oP7EAIk2AbSQ6aIFwl6SaNxEnWZCuL7NbhmVkQmX268i42J2dP8Wdk5k84sBZviAA; fpc=AiIxZMvkWE9HqmKkqx7p9G4; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8A5zBZLuZ5F5KStDng6gaakIB-__W5sSToI1tPq2GZpMh7HwAuGGxEC0M-5YDQ9SfeBD
Source: global traffic	HTTP traffic detected: GET /Me.htm?v=3 HTTP/1.1Host: login.live.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://walrusarnerica.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css HTTP/1.1Host: walrusarnerica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC&sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=2blvrGzEdNqj; qPdM.sig=6K85eNQ2lbAax2poky4wIHZW7b4; ClientId=27B609C22FE94573BB8E20DEFE5E9C24; OIDC=1; OpenIdConnect.nonce.v3._POTzWQy5yz48Ra-gtDM9RYqzIOn5K_VPs5p_ZqQxy4=638472317182851220.59b03a29-7027-4a16-9fdf-3ff782b62779; X-OWA-RedirectHistory=ArLym14BlLiakDBP3Ag; esctx-9q9kona8AOU=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8hs7umjQiAYBj73vxnCUnh8pg99NewpVp34uJDzrM69aE2vCBab94SFZ_ZGrTCStvycSB2ZhSZ_DdTGk85hspD78oP7EAIk2AbSQ6aIFwl6SaNxEnWZCuL7NbhmVkQmX268i42J2dP8Wdk5k84sBZviAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; buid=0.AU4AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8vAJk0l8di186_XqkaPnEsl0-2QA7eFTBvu-9FvHI4d5XKvVSYZ6t2bMjojpfv6CxeyRmEp3D3lPThWbprTSMGIs0xiaSABPpNe8otPFkXC0gAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8n77hGOqtcn2HdU4CBdjYuZFmE4hcYml-YgobcdjjBe9eTlnb5Ly7Al5h7yM1rdfbRhOnW2Zyl9MbsH4rLbsjuvxHP5LgIq4CDr6M18lTnNn2BcJcaOv6ye-uxn2DcwZ75ufZqKyEm4GlNsdv_SYMu-IL7hoYcQktTCncSgWl-UkgAA; esctx-E6gYkV5LU8o=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd89ltcphutfwMHFW36p1QVUSpAv0QxOgUT92b41gqP3yEzDwg04ZU7FiyuOREwNUr7sNRb4vTEWhfFdAhChOxinSjwgZvLMUXzBOS5eWCKmz2aRh7Vh15w8BsnTNkXWt6ODckmYd2y9JyEFvBAcgsndyAA; fpc=AiIxZMvkWE9HqmKkqx7p9G6erOTJAQAAAOlwl90OAAAA
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_QMJbZSc_Phofl-lfd63BLw2.js HTTP/1.1Host: walrusarnerica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC&sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=2blvrGzEdNqj; qPdM.sig=6K85eNQ2lbAax2poky4wIHZW7b4; ClientId=27B609C22FE94573BB8E20DEFE5E9C24; OIDC=1; OpenIdConnect.nonce.v3._POTzWQy5yz48Ra-gtDM9RYqzIOn5K_VPs5p_ZqQxy4=638472317182851220.59b03a29-7027-4a16-9fdf-3ff782b62779; X-OWA-RedirectHistory=ArLym14BlLiakDBP3Ag; esctx-9q9kona8AOU=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8hs7umjQiAYBj73vxnCUnh8pg99NewpVp34uJDzrM69aE2vCBab94SFZ_ZGrTCStvycSB2ZhSZ_DdTGk85hspD78oP7EAIk2AbSQ6aIFwl6SaNxEnWZCuL7NbhmVkQmX268i42J2dP8Wdk5k84sBZviAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; buid=0.AU4AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8vAJk0l8di186_XqkaPnEsl0-2QA7eFTBvu-9FvHI4d5XKvVSYZ6t2bMjojpfv6CxeyRmEp3D3lPThWbprTSMGIs0xiaSABPpNe8otPFkXC0gAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8n77hGOqtcn2HdU4CBdjYuZFmE4hcYml-YgobcdjjBe9eTlnb5Ly7Al5h7yM1rdfbRhOnW2Zyl9MbsH4rLbsjuvxHP5LgIq4CDr6M18lTnNn2BcJcaOv6ye-uxn2DcwZ75ufZqKyEm4GlNsdv_SYMu-IL7hoYcQktTCncSgWl-UkgAA; esctx-E6gYkV5LU8o=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd89ltcphutfwMHFW36p1QVUSpAv0QxOgUT92b41gqP3yEzDwg04ZU7FiyuOREwNUr7sNRb4vTEWhfFdAhChOxinSjwgZvLMUXzBOS5eWCKmz2aRh7Vh15w8BsnTNkXWt6ODckmYd2y9JyEFvBAcgsndyAA; fpc=AiIxZMvkWE9HqmKkqx7p9G6erOTJAQAAAOlwl90OAAAA
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_pevuvrbnnz-5coi_b4jtbw2.js HTTP/1.1Host: walrusarnerica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC&sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=2blvrGzEdNqj; qPdM.sig=6K85eNQ2lbAax2poky4wIHZW7b4; ClientId=27B609C22FE94573BB8E20DEFE5E9C24; OIDC=1; OpenIdConnect.nonce.v3._POTzWQy5yz48Ra-gtDM9RYqzIOn5K_VPs5p_ZqQxy4=638472317182851220.59b03a29-7027-4a16-9fdf-3ff782b62779; X-OWA-RedirectHistory=ArLym14BlLiakDBP3Ag; esctx-9q9kona8AOU=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8hs7umjQiAYBj73vxnCUnh8pg99NewpVp34uJDzrM69aE2vCBab94SFZ_ZGrTCStvycSB2ZhSZ_DdTGk85hspD78oP7EAIk2AbSQ6aIFwl6SaNxEnWZCuL7NbhmVkQmX268i42J2dP8Wdk5k84sBZviAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; buid=0.AU4AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8vAJk0l8di186_XqkaPnEsl0-2QA7eFTBvu-9FvHI4d5XKvVSYZ6t2bMjojpfv6CxeyRmEp3D3lPThWbprTSMGIs0xiaSABPpNe8otPFkXC0gAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8n77hGOqtcn2HdU4CBdjYuZFmE4hcYml-YgobcdjjBe9eTlnb5Ly7Al5h7yM1rdfbRhOnW2Zyl9MbsH4rLbsjuvxHP5LgIq4CDr6M18lTnNn2BcJcaOv6ye-uxn2DcwZ75ufZqKyEm4GlNsdv_SYMu-IL7hoYcQktTCncSgWl-UkgAA; esctx-E6gYkV5LU8o=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd89ltcphutfwMHFW36p1QVUSpAv0QxOgUT92b41gqP3yEzDwg04ZU7FiyuOREwNUr7sNRb4vTEWhfFdAhChOxinSjwgZvLMUXzBOS5eWCKmz2aRh7Vh15w8BsnTNkXWt6ODckmYd2y9JyEFvBAcgsndyAA; fpc=AiIxZMvkWE9HqmKkqx7p9G6erOTJAQAAAOlwl90OAAAA
Source: global traffic	HTTP traffic detected: GET /owa/prefetch.aspx HTTP/1.1Host: outlook.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://walrusarnerica.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js HTTP/1.1Host: walrusarnerica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC&sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=2blvrGzEdNqj; qPdM.sig=6K85eNQ2lbAax2poky4wIHZW7b4; ClientId=27B609C22FE94573BB8E20DEFE5E9C24; OIDC=1; OpenIdConnect.nonce.v3._POTzWQy5yz48Ra-gtDM9RYqzIOn5K_VPs5p_ZqQxy4=638472317182851220.59b03a29-7027-4a16-9fdf-3ff782b62779; X-OWA-RedirectHistory=ArLym14BlLiakDBP3Ag; esctx-9q9kona8AOU=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8hs7umjQiAYBj73vxnCUnh8pg99NewpVp34uJDzrM69aE2vCBab94SFZ_ZGrTCStvycSB2ZhSZ_DdTGk85hspD78oP7EAIk2AbSQ6aIFwl6SaNxEnWZCuL7NbhmVkQmX268i42J2dP8Wdk5k84sBZviAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; buid=0.AU4AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8vAJk0l8di186_XqkaPnEsl0-2QA7eFTBvu-9FvHI4d5XKvVSYZ6t2bMjojpfv6CxeyRmEp3D3lPThWbprTSMGIs0xiaSABPpNe8otPFkXC0gAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8n77hGOqtcn2HdU4CBdjYuZFmE4hcYml-YgobcdjjBe9eTlnb5Ly7Al5h7yM1rdfbRhOnW2Zyl9MbsH4rLbsjuvxHP5LgIq4CDr6M18lTnNn2BcJcaOv6ye-uxn2DcwZ75ufZqKyEm4GlNsdv_SYMu-IL7hoYcQktTCncSgWl-UkgAA; esctx-E6gYkV5LU8o=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd89ltcphutfwMHFW36p1QVUSpAv0QxOgUT92b41gqP3yEzDwg04ZU7FiyuOREwNUr7sNRb4vTEWhfFdAhChOxinSjwgZvLMUXzBOS5eWCKmz2aRh7Vh15w8BsnTNkXWt6ODckmYd2y9JyEFvBAcgsndyAA; fpc=AiIxZMvkWE9HqmKkqx7p9G6erOTJAQAAAOlwl90OAAAA
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg HTTP/1.1Host: walrusarnerica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC&sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=2blvrGzEdNqj; qPdM.sig=6K85eNQ2lbAax2poky4wIHZW7b4; ClientId=27B609C22FE94573BB8E20DEFE5E9C24; OIDC=1; OpenIdConnect.nonce.v3._POTzWQy5yz48Ra-gtDM9RYqzIOn5K_VPs5p_ZqQxy4=638472317182851220.59b03a29-7027-4a16-9fdf-3ff782b62779; X-OWA-RedirectHistory=ArLym14BlLiakDBP3Ag; esctx-9q9kona8AOU=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8hs7umjQiAYBj73vxnCUnh8pg99NewpVp34uJDzrM69aE2vCBab94SFZ_ZGrTCStvycSB2ZhSZ_DdTGk85hspD78oP7EAIk2AbSQ6aIFwl6SaNxEnWZCuL7NbhmVkQmX268i42J2dP8Wdk5k84sBZviAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; buid=0.AU4AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8vAJk0l8di186_XqkaPnEsl0-2QA7eFTBvu-9FvHI4d5XKvVSYZ6t2bMjojpfv6CxeyRmEp3D3lPThWbprTSMGIs0xiaSABPpNe8otPFkXC0gAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8n77hGOqtcn2HdU4CBdjYuZFmE4hcYml-YgobcdjjBe9eTlnb5Ly7Al5h7yM1rdfbRhOnW2Zyl9MbsH4rLbsjuvxHP5LgIq4CDr6M18lTnNn2BcJcaOv6ye-uxn2DcwZ75ufZqKyEm4GlNsdv_SYMu-IL7hoYcQktTCncSgWl-UkgAA; esctx-E6gYkV5LU8o=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd89ltcphutfwMHFW36p1QVUSpAv0QxOgUT92b41gqP3yEzDwg04ZU7FiyuOREwNUr7sNRb4vTEWhfFdAhChOxinSjwgZvLMUXzBOS5eWCKmz2aRh7Vh15w8BsnTNkXWt6ODckmYd2y9JyEFvBAcgsndyAA; fpc=AiIxZMvkWE9HqmKkqx7p9G6erOTJAQAAAOlwl90OAAAA; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg HTTP/1.1Host: walrusarnerica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC&sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=2blvrGzEdNqj; qPdM.sig=6K85eNQ2lbAax2poky4wIHZW7b4; ClientId=27B609C22FE94573BB8E20DEFE5E9C24; OIDC=1; OpenIdConnect.nonce.v3._POTzWQy5yz48Ra-gtDM9RYqzIOn5K_VPs5p_ZqQxy4=638472317182851220.59b03a29-7027-4a16-9fdf-3ff782b62779; X-OWA-RedirectHistory=ArLym14BlLiakDBP3Ag; esctx-9q9kona8AOU=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8hs7umjQiAYBj73vxnCUnh8pg99NewpVp34uJDzrM69aE2vCBab94SFZ_ZGrTCStvycSB2ZhSZ_DdTGk85hspD78oP7EAIk2AbSQ6aIFwl6SaNxEnWZCuL7NbhmVkQmX268i42J2dP8Wdk5k84sBZviAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; buid=0.AU4AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8vAJk0l8di186_XqkaPnEsl0-2QA7eFTBvu-9FvHI4d5XKvVSYZ6t2bMjojpfv6CxeyRmEp3D3lPThWbprTSMGIs0xiaSABPpNe8otPFkXC0gAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8n77hGOqtcn2HdU4CBdjYuZFmE4hcYml-YgobcdjjBe9eTlnb5Ly7Al5h7yM1rdfbRhOnW2Zyl9MbsH4rLbsjuvxHP5LgIq4CDr6M18lTnNn2BcJcaOv6ye-uxn2DcwZ75ufZqKyEm4GlNsdv_SYMu-IL7hoYcQktTCncSgWl-UkgAA; esctx-E6gYkV5LU8o=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd89ltcphutfwMHFW36p1QVUSpAv0QxOgUT92b41gqP3yEzDwg04ZU7FiyuOREwNUr7sNRb4vTEWhfFdAhChOxinSjwgZvLMUXzBOS5eWCKmz2aRh7Vh15w8BsnTNkXWt6ODckmYd2y9JyEFvBAcgsndyAA; fpc=AiIxZMvkWE9HqmKkqx7p9G6erOTJAQAAAOlwl90OAAAA; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png HTTP/1.1Host: walrusarnerica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC&sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=2blvrGzEdNqj; qPdM.sig=6K85eNQ2lbAax2poky4wIHZW7b4; ClientId=27B609C22FE94573BB8E20DEFE5E9C24; OIDC=1; OpenIdConnect.nonce.v3._POTzWQy5yz48Ra-gtDM9RYqzIOn5K_VPs5p_ZqQxy4=638472317182851220.59b03a29-7027-4a16-9fdf-3ff782b62779; X-OWA-RedirectHistory=ArLym14BlLiakDBP3Ag; esctx-9q9kona8AOU=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8hs7umjQiAYBj73vxnCUnh8pg99NewpVp34uJDzrM69aE2vCBab94SFZ_ZGrTCStvycSB2ZhSZ_DdTGk85hspD78oP7EAIk2AbSQ6aIFwl6SaNxEnWZCuL7NbhmVkQmX268i42J2dP8Wdk5k84sBZviAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; buid=0.AU4AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8vAJk0l8di186_XqkaPnEsl0-2QA7eFTBvu-9FvHI4d5XKvVSYZ6t2bMjojpfv6CxeyRmEp3D3lPThWbprTSMGIs0xiaSABPpNe8otPFkXC0gAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8n77hGOqtcn2HdU4CBdjYuZFmE4hcYml-YgobcdjjBe9eTlnb5Ly7Al5h7yM1rdfbRhOnW2Zyl9MbsH4rLbsjuvxHP5LgIq4CDr6M18lTnNn2BcJcaOv6ye-uxn2DcwZ75ufZqKyEm4GlNsdv_SYMu-IL7hoYcQktTCncSgWl-UkgAA; esctx-E6gYkV5LU8o=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd89ltcphutfwMHFW36p1QVUSpAv0QxOgUT92b41gqP3yEzDwg04ZU7FiyuOREwNUr7sNRb4vTEWhfFdAhChOxinSjwgZvLMUXzBOS5eWCKmz2aRh7Vh15w8BsnTNkXWt6ODckmYd2y9JyEFvBAcgsndyAA; fpc=AiIxZMvkWE9HqmKkqx7p9G6erOTJAQAAAOlwl90OAAAA; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1Host: walrusarnerica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC&sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=2blvrGzEdNqj; qPdM.sig=6K85eNQ2lbAax2poky4wIHZW7b4; ClientId=27B609C22FE94573BB8E20DEFE5E9C24; OIDC=1; OpenIdConnect.nonce.v3._POTzWQy5yz48Ra-gtDM9RYqzIOn5K_VPs5p_ZqQxy4=638472317182851220.59b03a29-7027-4a16-9fdf-3ff782b62779; X-OWA-RedirectHistory=ArLym14BlLiakDBP3Ag; esctx-9q9kona8AOU=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8hs7umjQiAYBj73vxnCUnh8pg99NewpVp34uJDzrM69aE2vCBab94SFZ_ZGrTCStvycSB2ZhSZ_DdTGk85hspD78oP7EAIk2AbSQ6aIFwl6SaNxEnWZCuL7NbhmVkQmX268i42J2dP8Wdk5k84sBZviAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; buid=0.AU4AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8vAJk0l8di186_XqkaPnEsl0-2QA7eFTBvu-9FvHI4d5XKvVSYZ6t2bMjojpfv6CxeyRmEp3D3lPThWbprTSMGIs0xiaSABPpNe8otPFkXC0gAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8n77hGOqtcn2HdU4CBdjYuZFmE4hcYml-YgobcdjjBe9eTlnb5Ly7Al5h7yM1rdfbRhOnW2Zyl9MbsH4rLbsjuvxHP5LgIq4CDr6M18lTnNn2BcJcaOv6ye-uxn2DcwZ75ufZqKyEm4GlNsdv_SYMu-IL7hoYcQktTCncSgWl-UkgAA; esctx-E6gYkV5LU8o=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd89ltcphutfwMHFW36p1QVUSpAv0QxOgUT92b41gqP3yEzDwg04ZU7FiyuOREwNUr7sNRb4vTEWhfFdAhChOxinSjwgZvLMUXzBOS5eWCKmz2aRh7Vh15w8BsnTNkXWt6ODckmYd2y9JyEFvBAcgsndyAA; fpc=AiIxZMvkWE9HqmKkqx7p9G6erOTJAQAAAOlwl90OAAAA; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_76bb127b5869a5c6b8b3.js HTTP/1.1Host: walrusarnerica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC&sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=2blvrGzEdNqj; qPdM.sig=6K85eNQ2lbAax2poky4wIHZW7b4; ClientId=27B609C22FE94573BB8E20DEFE5E9C24; OIDC=1; OpenIdConnect.nonce.v3._POTzWQy5yz48Ra-gtDM9RYqzIOn5K_VPs5p_ZqQxy4=638472317182851220.59b03a29-7027-4a16-9fdf-3ff782b62779; X-OWA-RedirectHistory=ArLym14BlLiakDBP3Ag; esctx-9q9kona8AOU=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8hs7umjQiAYBj73vxnCUnh8pg99NewpVp34uJDzrM69aE2vCBab94SFZ_ZGrTCStvycSB2ZhSZ_DdTGk85hspD78oP7EAIk2AbSQ6aIFwl6SaNxEnWZCuL7NbhmVkQmX268i42J2dP8Wdk5k84sBZviAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; buid=0.AU4AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8vAJk0l8di186_XqkaPnEsl0-2QA7eFTBvu-9FvHI4d5XKvVSYZ6t2bMjojpfv6CxeyRmEp3D3lPThWbprTSMGIs0xiaSABPpNe8otPFkXC0gAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8n77hGOqtcn2HdU4CBdjYuZFmE4hcYml-YgobcdjjBe9eTlnb5Ly7Al5h7yM1rdfbRhOnW2Zyl9MbsH4rLbsjuvxHP5LgIq4CDr6M18lTnNn2BcJcaOv6ye-uxn2DcwZ75ufZqKyEm4GlNsdv_SYMu-IL7hoYcQktTCncSgWl-UkgAA; esctx-E6gYkV5LU8o=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd89ltcphutfwMHFW36p1QVUSpAv0QxOgUT92b41gqP3yEzDwg04ZU7FiyuOREwNUr7sNRb4vTEWhfFdAhChOxinSjwgZvLMUXzBOS5eWCKmz2aRh7Vh15w8BsnTNkXWt6ODckmYd2y9JyEFvBAcgsndyAA; fpc=AiIxZMvkWE9HqmKkqx7p9G6erOTJAQAAAOlwl90OAAAA; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1Host: walrusarnerica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://walrusarnerica.com/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9ZjU1MjI5ZDEtZTM0ZC0zNDdjLTE3MWYtMDU4YzYzNDMzN2ZjJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ3MjMxNzE4Mjg1MTIyMC41OWIwM2EyOS03MDI3LTRhMTYtOWZkZi0zZmY3ODJiNjI3Nzkmc3RhdGU9RGNzN0VvQWdEQURSb09OeGtIeUFKTWVCY2RKYWVuMVR2TzIyQU1DWmpsUXdBenJGdXJLUWtyRU5Zc1o3LUVaWjdGV1J0ZlpGczNvOFVTVkNqZmRrVlNfNVh1MzlWdnNC&sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=2blvrGzEdNqj; qPdM.sig=6K85eNQ2lbAax2poky4wIHZW7b4; ClientId=27B609C22FE94573BB8E20DEFE5E9C24; OIDC=1; OpenIdConnect.nonce.v3._POTzWQy5yz48Ra-gtDM9RYqzIOn5K_VPs5p_ZqQxy4=638472317182851220.59b03a29-7027-4a16-9fdf-3ff782b62779; X-OWA-RedirectHistory=ArLym14BlLiakDBP3Ag; esctx-9q9kona8AOU=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8hs7umjQiAYBj73vxnCUnh8pg99NewpVp34uJDzrM69aE2vCBab94SFZ_ZGrTCStvycSB2ZhSZ_DdTGk85hspD78oP7EAIk2AbSQ6aIFwl6SaNxEnWZCuL7NbhmVkQmX268i42J2dP8Wdk5k84sBZviAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; buid=0.AU4AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8vAJk0l8di186_XqkaPnEsl0-2QA7eFTBvu-9FvHI4d5XKvVSYZ6t2bMjojpfv6CxeyRmEp3D3lPThWbprTSMGIs0xiaSABPpNe8otPFkXC0gAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8n77hGOqtcn2HdU4CBdjYuZFmE4hcYml-YgobcdjjBe9eTlnb5Ly7Al5h7yM1rdfbRhOnW2Zyl9MbsH4rLbsjuvxHP5LgIq4CDr6M18lTnNn2BcJcaOv6ye-uxn2DcwZ75ufZqKyEm4GlNsdv_SYMu-IL7hoYcQktTCncSgWl-UkgAA; esctx-E6gYkV5LU8o=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd89ltcphutfwMHFW36p1QVUSpAv0QxOgUT92b41gqP3yEzDwg04ZU7FiyuOREwNUr7sNRb4vTEWhfFdAhChOxinSjwgZvLMUXzBOS5eWCKmz2aRh7Vh15w8BsnTNkXWt6ODckmYd2y9JyEFvBAcgsndyAA; fpc=AiIxZMvkWE9HqmKkqx7p9G6erOTJAQAAAOlwl90OAAAA; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg HTTP/1.1Host: walrusarnerica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=2blvrGzEdNqj; qPdM.sig=6K85eNQ2lbAax2poky4wIHZW7b4; ClientId=27B609C22FE94573BB8E20DEFE5E9C24; OIDC=1; OpenIdConnect.nonce.v3._POTzWQy5yz48Ra-gtDM9RYqzIOn5K_VPs5p_ZqQxy4=638472317182851220.59b03a29-7027-4a16-9fdf-3ff782b62779; X-OWA-RedirectHistory=ArLym14BlLiakDBP3Ag; esctx-9q9kona8AOU=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8hs7umjQiAYBj73vxnCUnh8pg99NewpVp34uJDzrM69aE2vCBab94SFZ_ZGrTCStvycSB2ZhSZ_DdTGk85hspD78oP7EAIk2AbSQ6aIFwl6SaNxEnWZCuL7NbhmVkQmX268i42J2dP8Wdk5k84sBZviAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; buid=0.AU4AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8vAJk0l8di186_XqkaPnEsl0-2QA7eFTBvu-9FvHI4d5XKvVSYZ6t2bMjojpfv6CxeyRmEp3D3lPThWbprTSMGIs0xiaSABPpNe8otPFkXC0gAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8n77hGOqtcn2HdU4CBdjYuZFmE4hcYml-YgobcdjjBe9eTlnb5Ly7Al5h7yM1rdfbRhOnW2Zyl9MbsH4rLbsjuvxHP5LgIq4CDr6M18lTnNn2BcJcaOv6ye-uxn2DcwZ75ufZqKyEm4GlNsdv_SYMu-IL7hoYcQktTCncSgWl-UkgAA; esctx-E6gYkV5LU8o=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd89ltcphutfwMHFW36p1QVUSpAv0QxOgUT92b41gqP3yEzDwg04ZU7FiyuOREwNUr7sNRb4vTEWhfFdAhChOxinSjwgZvLMUXzBOS5eWCKmz2aRh7Vh15w8BsnTNkXWt6ODckmYd2y9JyEFvBAcgsndyAA; fpc=AiIxZMvkWE9HqmKkqx7p9G6erOTJAQAAAOlwl90OAAAA; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png HTTP/1.1Host: walrusarnerica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=2blvrGzEdNqj; qPdM.sig=6K85eNQ2lbAax2poky4wIHZW7b4; ClientId=27B609C22FE94573BB8E20DEFE5E9C24; OIDC=1; OpenIdConnect.nonce.v3._POTzWQy5yz48Ra-gtDM9RYqzIOn5K_VPs5p_ZqQxy4=638472317182851220.59b03a29-7027-4a16-9fdf-3ff782b62779; X-OWA-RedirectHistory=ArLym14BlLiakDBP3Ag; esctx-9q9kona8AOU=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8hs7umjQiAYBj73vxnCUnh8pg99NewpVp34uJDzrM69aE2vCBab94SFZ_ZGrTCStvycSB2ZhSZ_DdTGk85hspD78oP7EAIk2AbSQ6aIFwl6SaNxEnWZCuL7NbhmVkQmX268i42J2dP8Wdk5k84sBZviAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; buid=0.AU4AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8vAJk0l8di186_XqkaPnEsl0-2QA7eFTBvu-9FvHI4d5XKvVSYZ6t2bMjojpfv6CxeyRmEp3D3lPThWbprTSMGIs0xiaSABPpNe8otPFkXC0gAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8n77hGOqtcn2HdU4CBdjYuZFmE4hcYml-YgobcdjjBe9eTlnb5Ly7Al5h7yM1rdfbRhOnW2Zyl9MbsH4rLbsjuvxHP5LgIq4CDr6M18lTnNn2BcJcaOv6ye-uxn2DcwZ75ufZqKyEm4GlNsdv_SYMu-IL7hoYcQktTCncSgWl-UkgAA; esctx-E6gYkV5LU8o=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd89ltcphutfwMHFW36p1QVUSpAv0QxOgUT92b41gqP3yEzDwg04ZU7FiyuOREwNUr7sNRb4vTEWhfFdAhChOxinSjwgZvLMUXzBOS5eWCKmz2aRh7Vh15w8BsnTNkXWt6ODckmYd2y9JyEFvBAcgsndyAA; fpc=AiIxZMvkWE9HqmKkqx7p9G6erOTJAQAAAOlwl90OAAAA; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1Host: walrusarnerica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=2blvrGzEdNqj; qPdM.sig=6K85eNQ2lbAax2poky4wIHZW7b4; ClientId=27B609C22FE94573BB8E20DEFE5E9C24; OIDC=1; OpenIdConnect.nonce.v3._POTzWQy5yz48Ra-gtDM9RYqzIOn5K_VPs5p_ZqQxy4=638472317182851220.59b03a29-7027-4a16-9fdf-3ff782b62779; X-OWA-RedirectHistory=ArLym14BlLiakDBP3Ag; esctx-9q9kona8AOU=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8hs7umjQiAYBj73vxnCUnh8pg99NewpVp34uJDzrM69aE2vCBab94SFZ_ZGrTCStvycSB2ZhSZ_DdTGk85hspD78oP7EAIk2AbSQ6aIFwl6SaNxEnWZCuL7NbhmVkQmX268i42J2dP8Wdk5k84sBZviAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; buid=0.AU4AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8vAJk0l8di186_XqkaPnEsl0-2QA7eFTBvu-9FvHI4d5XKvVSYZ6t2bMjojpfv6CxeyRmEp3D3lPThWbprTSMGIs0xiaSABPpNe8otPFkXC0gAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8n77hGOqtcn2HdU4CBdjYuZFmE4hcYml-YgobcdjjBe9eTlnb5Ly7Al5h7yM1rdfbRhOnW2Zyl9MbsH4rLbsjuvxHP5LgIq4CDr6M18lTnNn2BcJcaOv6ye-uxn2DcwZ75ufZqKyEm4GlNsdv_SYMu-IL7hoYcQktTCncSgWl-UkgAA; esctx-E6gYkV5LU8o=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd89ltcphutfwMHFW36p1QVUSpAv0QxOgUT92b41gqP3yEzDwg04ZU7FiyuOREwNUr7sNRb4vTEWhfFdAhChOxinSjwgZvLMUXzBOS5eWCKmz2aRh7Vh15w8BsnTNkXWt6ODckmYd2y9JyEFvBAcgsndyAA; fpc=AiIxZMvkWE9HqmKkqx7p9G6erOTJAQAAAOlwl90OAAAA; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg HTTP/1.1Host: walrusarnerica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=2blvrGzEdNqj; qPdM.sig=6K85eNQ2lbAax2poky4wIHZW7b4; ClientId=27B609C22FE94573BB8E20DEFE5E9C24; OIDC=1; OpenIdConnect.nonce.v3._POTzWQy5yz48Ra-gtDM9RYqzIOn5K_VPs5p_ZqQxy4=638472317182851220.59b03a29-7027-4a16-9fdf-3ff782b62779; X-OWA-RedirectHistory=ArLym14BlLiakDBP3Ag; esctx-9q9kona8AOU=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8hs7umjQiAYBj73vxnCUnh8pg99NewpVp34uJDzrM69aE2vCBab94SFZ_ZGrTCStvycSB2ZhSZ_DdTGk85hspD78oP7EAIk2AbSQ6aIFwl6SaNxEnWZCuL7NbhmVkQmX268i42J2dP8Wdk5k84sBZviAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; buid=0.AU4AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8vAJk0l8di186_XqkaPnEsl0-2QA7eFTBvu-9FvHI4d5XKvVSYZ6t2bMjojpfv6CxeyRmEp3D3lPThWbprTSMGIs0xiaSABPpNe8otPFkXC0gAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8n77hGOqtcn2HdU4CBdjYuZFmE4hcYml-YgobcdjjBe9eTlnb5Ly7Al5h7yM1rdfbRhOnW2Zyl9MbsH4rLbsjuvxHP5LgIq4CDr6M18lTnNn2BcJcaOv6ye-uxn2DcwZ75ufZqKyEm4GlNsdv_SYMu-IL7hoYcQktTCncSgWl-UkgAA; esctx-E6gYkV5LU8o=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd89ltcphutfwMHFW36p1QVUSpAv0QxOgUT92b41gqP3yEzDwg04ZU7FiyuOREwNUr7sNRb4vTEWhfFdAhChOxinSjwgZvLMUXzBOS5eWCKmz2aRh7Vh15w8BsnTNkXWt6ODckmYd2y9JyEFvBAcgsndyAA; fpc=AiIxZMvkWE9HqmKkqx7p9G6erOTJAQAAAOlwl90OAAAA; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1Host: walrusarnerica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=2blvrGzEdNqj; qPdM.sig=6K85eNQ2lbAax2poky4wIHZW7b4; ClientId=27B609C22FE94573BB8E20DEFE5E9C24; OIDC=1; OpenIdConnect.nonce.v3._POTzWQy5yz48Ra-gtDM9RYqzIOn5K_VPs5p_ZqQxy4=638472317182851220.59b03a29-7027-4a16-9fdf-3ff782b62779; X-OWA-RedirectHistory=ArLym14BlLiakDBP3Ag; esctx-9q9kona8AOU=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8hs7umjQiAYBj73vxnCUnh8pg99NewpVp34uJDzrM69aE2vCBab94SFZ_ZGrTCStvycSB2ZhSZ_DdTGk85hspD78oP7EAIk2AbSQ6aIFwl6SaNxEnWZCuL7NbhmVkQmX268i42J2dP8Wdk5k84sBZviAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; buid=0.AU4AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8vAJk0l8di186_XqkaPnEsl0-2QA7eFTBvu-9FvHI4d5XKvVSYZ6t2bMjojpfv6CxeyRmEp3D3lPThWbprTSMGIs0xiaSABPpNe8otPFkXC0gAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8n77hGOqtcn2HdU4CBdjYuZFmE4hcYml-YgobcdjjBe9eTlnb5Ly7Al5h7yM1rdfbRhOnW2Zyl9MbsH4rLbsjuvxHP5LgIq4CDr6M18lTnNn2BcJcaOv6ye-uxn2DcwZ75ufZqKyEm4GlNsdv_SYMu-IL7hoYcQktTCncSgWl-UkgAA; esctx-E6gYkV5LU8o=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd89ltcphutfwMHFW36p1QVUSpAv0QxOgUT92b41gqP3yEzDwg04ZU7FiyuOREwNUr7sNRb4vTEWhfFdAhChOxinSjwgZvLMUXzBOS5eWCKmz2aRh7Vh15w8BsnTNkXWt6ODckmYd2y9JyEFvBAcgsndyAA; fpc=AiIxZMvkWE9HqmKkqx7p9G6erOTJAQAAAOlwl90OAAAA; brcap=0

Source: chromecache_265.14.dr	String found in binary or memory: href="https://www.youtube.com/embed/LRdbULX-abg?badge=0&autoplay=1&html5=1&rel=0"><div class="nav_featured-text-wrapper"><div class="nav-image-title product">Prezi Video explained</div><p class="nav-image-description"> equals www.youtube.com (Youtube)
Source: chromecache_265.14.dr	String found in binary or memory: href="/redirect/?click_source=logged_element&page_location=footer_mobile&element_text=facebook&url=https://www.facebook.com/prezicom/"><img alt="Facebook logo" class="footer_icon" src="https://assets.prezicdn.net/assets-versioned/coverservice-versioned/4228-4071a4d/coverservice/webflow/images/facebook.svg" /></a><a class="footer_social-link w-inline-block" equals www.facebook.com (Facebook)
Source: chromecache_265.14.dr	String found in binary or memory: href="/redirect/?click_source=logged_element&page_location=footer_mobile&element_text=linkedin&url=https://www.linkedin.com/company/216295"><img alt="LinkedIn logo" class="footer_icon linkedin" src="https://assets.prezicdn.net/assets-versioned/coverservice-versioned/4228-4071a4d/coverservice/webflow/images/linkedin.svg" /></a></div><div class="footer_terms"> equals www.linkedin.com (Linkedin)
Source: chromecache_329.14.dr	String found in binary or memory: </p><div class="arrow-container pull-right"><div class="arrow"><i class="icon-chevron-down"></i></div></div></div></a><div id="mobile-footer-infogram" class="panel-collapse collapse out" role="tabpanel" aria-labelledby="footer-heading-infogram"><div class="panel-body"><ul class="pad-zero btm-0"><li class="btm-12"><a href="https://infogram.com?utm_source=referral&utm_medium=prezi&utm_campaign=site-footer" target="_blank" class="footer-links" rel="noopener">Data Visualization</a></li><li class="btm-12"><a href="https://infogram.com/templates?utm_source=referral&utm_medium=prezi&utm_campaign=site-footer#infographics" target="_blank" class="footer-links" rel="noopener">Infographics</a></li><li class="btm-12"><a href="https://infogram.com/templates?utm_source=referral&utm_medium=prezi&utm_campaign=site-footer#single-chart" target="_blank" class="footer-links" rel="noopener">Charts</a></li></ul></div></div></div></div><div class="col-xs-12 mobile-social"><ul class="list-inline social-links"><li class="btm-12"><a class="facebook-link-mobile" target="_blank" href="/redirect/?click_source=logged_element&page_location=footer_mobile&element_text=facebook&url=https://www.facebook.com/prezicom/" title="Link to the Prezi facebook page"><img class="icons" src="https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/facebook-icon.svg" width="18" height="18" alt="Facebook logo"/></a></li><li class="btm-12"><a class="twitter-link-mobile" target="_blank" href="/redirect/?click_source=logged_element&page_location=footer_mobile&element_text=twitter&url=https://twitter.com/prezi" title="Link to the Prezi twitter page"><img class="icons" src="https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/twitter-icon.svg" width="22" height="18" alt="Twitter logo"/></a></li><li class="btm-12"><a class="linkedin-link-mobile" target="_blank" href="/redirect/?click_source=logged_element&page_location=footer_mobile&element_text=linkedin&url=https://www.linkedin.com/company/216295" title="Link to the Prezi LinkedIn company page"><img class="icons" src="https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/linkedin-icon.svg" width="18" height="18" alt="LinkedIn logo"/></a></li></ul><p class="small text-gray-3"> equals www.facebook.com (Facebook)
Source: chromecache_329.14.dr	String found in binary or memory: </p><div class="arrow-container pull-right"><div class="arrow"><i class="icon-chevron-down"></i></div></div></div></a><div id="mobile-footer-infogram" class="panel-collapse collapse out" role="tabpanel" aria-labelledby="footer-heading-infogram"><div class="panel-body"><ul class="pad-zero btm-0"><li class="btm-12"><a href="https://infogram.com?utm_source=referral&utm_medium=prezi&utm_campaign=site-footer" target="_blank" class="footer-links" rel="noopener">Data Visualization</a></li><li class="btm-12"><a href="https://infogram.com/templates?utm_source=referral&utm_medium=prezi&utm_campaign=site-footer#infographics" target="_blank" class="footer-links" rel="noopener">Infographics</a></li><li class="btm-12"><a href="https://infogram.com/templates?utm_source=referral&utm_medium=prezi&utm_campaign=site-footer#single-chart" target="_blank" class="footer-links" rel="noopener">Charts</a></li></ul></div></div></div></div><div class="col-xs-12 mobile-social"><ul class="list-inline social-links"><li class="btm-12"><a class="facebook-link-mobile" target="_blank" href="/redirect/?click_source=logged_element&page_location=footer_mobile&element_text=facebook&url=https://www.facebook.com/prezicom/" title="Link to the Prezi facebook page"><img class="icons" src="https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/facebook-icon.svg" width="18" height="18" alt="Facebook logo"/></a></li><li class="btm-12"><a class="twitter-link-mobile" target="_blank" href="/redirect/?click_source=logged_element&page_location=footer_mobile&element_text=twitter&url=https://twitter.com/prezi" title="Link to the Prezi twitter page"><img class="icons" src="https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/twitter-icon.svg" width="22" height="18" alt="Twitter logo"/></a></li><li class="btm-12"><a class="linkedin-link-mobile" target="_blank" href="/redirect/?click_source=logged_element&page_location=footer_mobile&element_text=linkedin&url=https://www.linkedin.com/company/216295" title="Link to the Prezi LinkedIn company page"><img class="icons" src="https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/linkedin-icon.svg" width="18" height="18" alt="LinkedIn logo"/></a></li></ul><p class="small text-gray-3"> equals www.linkedin.com (Linkedin)
Source: chromecache_329.14.dr	String found in binary or memory: </p><div class="arrow-container pull-right"><div class="arrow"><i class="icon-chevron-down"></i></div></div></div></a><div id="mobile-footer-infogram" class="panel-collapse collapse out" role="tabpanel" aria-labelledby="footer-heading-infogram"><div class="panel-body"><ul class="pad-zero btm-0"><li class="btm-12"><a href="https://infogram.com?utm_source=referral&utm_medium=prezi&utm_campaign=site-footer" target="_blank" class="footer-links" rel="noopener">Data Visualization</a></li><li class="btm-12"><a href="https://infogram.com/templates?utm_source=referral&utm_medium=prezi&utm_campaign=site-footer#infographics" target="_blank" class="footer-links" rel="noopener">Infographics</a></li><li class="btm-12"><a href="https://infogram.com/templates?utm_source=referral&utm_medium=prezi&utm_campaign=site-footer#single-chart" target="_blank" class="footer-links" rel="noopener">Charts</a></li></ul></div></div></div></div><div class="col-xs-12 mobile-social"><ul class="list-inline social-links"><li class="btm-12"><a class="facebook-link-mobile" target="_blank" href="/redirect/?click_source=logged_element&page_location=footer_mobile&element_text=facebook&url=https://www.facebook.com/prezicom/" title="Link to the Prezi facebook page"><img class="icons" src="https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/facebook-icon.svg" width="18" height="18" alt="Facebook logo"/></a></li><li class="btm-12"><a class="twitter-link-mobile" target="_blank" href="/redirect/?click_source=logged_element&page_location=footer_mobile&element_text=twitter&url=https://twitter.com/prezi" title="Link to the Prezi twitter page"><img class="icons" src="https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/twitter-icon.svg" width="22" height="18" alt="Twitter logo"/></a></li><li class="btm-12"><a class="linkedin-link-mobile" target="_blank" href="/redirect/?click_source=logged_element&page_location=footer_mobile&element_text=linkedin&url=https://www.linkedin.com/company/216295" title="Link to the Prezi LinkedIn company page"><img class="icons" src="https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/linkedin-icon.svg" width="18" height="18" alt="LinkedIn logo"/></a></li></ul><p class="small text-gray-3"> equals www.twitter.com (Twitter)
Source: chromecache_287.14.dr	String found in binary or memory: (function(a,b,c,d){var e={exports:{}};e.exports;(function(){var f=a.fbq;f.execStart=a.performance&&a.performance.now&&a.performance.now();if(!function(){var b=a.postMessage\|\|function(){};if(!f){b({action:"FB_LOG",logType:"Facebook Pixel Error",logMessage:"Pixel code is not installed correctly on this page"},"");"error"in console&&console.error("Facebook Pixel Error: Pixel code is not installed correctly on this page");return!1}return!0}())return;f.__fbeventsModules\|\|(f.__fbeventsModules={},f.__fbeventsResolvedModules={},f.getFbeventsModules=function(a){f.__fbeventsResolvedModules[a]\|\|(f.__fbeventsResolvedModules[a]=f.__fbeventsModules[a]());return f.__fbeventsResolvedModules[a]},f.fbIsModuleLoaded=function(a){return!!f.__fbeventsModules[a]},f.ensureModuleRegistered=function(b,a){f.fbIsModuleLoaded(b)\|\|(f.__fbeventsModules[b]=a)});f.ensureModuleRegistered("signalsFBEventsGetIwlUrl",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var b=f.getFbeventsModules("signalsFBEventsGetTier"),c=d();function d(){try{if(a.trustedTypes&&a.trustedTypes.createPolicy){var b=a.trustedTypes;return b.createPolicy("facebook.com/signals/iwl",{createScriptURL:function(a){var b=new URL(a);b=b.hostname.endsWith(".facebook.com")&&b.pathname=="/signals/iwl.js";if(!b)throw new Error("Disallowed script URL");return a}})}}catch(a){}return null}e.exports=function(a,d){d=b(d);d=d==null?"www.facebook.com":"www."+d+".facebook.com";d="https://"+d+"/signals/iwl.js?pixel_id="+a;if(c!=null)return c.createScriptURL(d);else return d}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("signalsFBEventsGetTier",function(){return function(f,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=/^https:\/\/www\.([A-Za-z0-9\.]+)\.facebook\.com\/tr\/?$/,b=["https://www.facebook.com/tr","https://www.facebook.com/tr/"];e.exports=function(c){if(b.indexOf(c)!==-1)return null;var d=a.exec(c);if(d==null)throw new Error("Malformed tier: "+c);return d[1]}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("SignalsFBEvents.plugins.iwlbootstrapper",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var c=f.getFbeventsModules("SignalsFBEventsIWLBootStrapEvent"),d=f.getFbeventsModules("SignalsFBEventsLogging"),g=f.getFbeventsModules("SignalsFBEventsNetworkConfig"),h=f.getFbeventsModules("SignalsFBEventsPlugin"),i=f.getFbeventsModules("signalsFBEventsGetIwlUrl"),j=f.getFbeventsModules("signalsFBEventsGetTier"),k=d.logUserError,l=/^https:\/\/.\.facebook\.com$/i,m="FACEBOOK_IWL_CONFIG_STORAGE_KEY",n=null;e.exports=new h(function(d,e){try{n=a.sessionStorage?a.sessionStorage:{getItem:function(a){return null},removeItem:function(a){},setItem:function(a,b){}}}catch(a){return}function h(c,d){var e=b.createElement("script");e.async=!0;e.onload=function(){if(!a.FacebookIWL\|\|!a.FacebookIWL.init)return;var b=j(g.ENDPOINT);b!=null&&a.FacebookIWL.set&&a.FacebookIWL.set("tier",b);d()};a.FacebookIWLSessionEnd=func
Source: chromecache_329.14.dr	String found in binary or memory: : Turn your last-minute presentation into a winning momentum</a></li><li class="btm-12"><a href="https://blog.prezi.com/" class="text-a">Latest posts</a></li></ul></div><div class="col-xs-12 col-md-6"></div><div class="col-xs-12 col-md-6"><ul class="list-inline social-links"><li class="btm-12"><a class="facebook-link" target="_blank" href="/redirect/?click_source=logged_element&page_location=footer_mobile&element_text=facebook&url=https://www.facebook.com/prezicom/" title="Link to the Prezi facebook page"><img class="icons" src="https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/facebook-icon.svg" width="18" height="18" alt="Facebook logo"/></a></li><li class="btm-12"><a class="twitter-link" target="_blank" href="/redirect/?click_source=logged_element&page_location=footer_mobile&element_text=twitter&url=https://twitter.com/prezi" title="Link to the Prezi twitter page"><img class="icons" src="https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/twitter-icon.svg" width="20" height="16" alt="Twitter logo"/></a></li><li class="btm-12"><a class="linkedin-link" target="_blank" href="/redirect/?click_source=logged_element&page_location=footer_mobile&element_text=linkedin&url=https://www.linkedin.com/company/216295" title="Link to the Prezi LinkedIn company page"><img class="icons" src="https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/linkedin-icon.svg" width="18" height="18" alt="LinkedIn logo"/></a></li></ul><p class="small text-gray-3"> equals www.facebook.com (Facebook)
Source: chromecache_329.14.dr	String found in binary or memory: : Turn your last-minute presentation into a winning momentum</a></li><li class="btm-12"><a href="https://blog.prezi.com/" class="text-a">Latest posts</a></li></ul></div><div class="col-xs-12 col-md-6"></div><div class="col-xs-12 col-md-6"><ul class="list-inline social-links"><li class="btm-12"><a class="facebook-link" target="_blank" href="/redirect/?click_source=logged_element&page_location=footer_mobile&element_text=facebook&url=https://www.facebook.com/prezicom/" title="Link to the Prezi facebook page"><img class="icons" src="https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/facebook-icon.svg" width="18" height="18" alt="Facebook logo"/></a></li><li class="btm-12"><a class="twitter-link" target="_blank" href="/redirect/?click_source=logged_element&page_location=footer_mobile&element_text=twitter&url=https://twitter.com/prezi" title="Link to the Prezi twitter page"><img class="icons" src="https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/twitter-icon.svg" width="20" height="16" alt="Twitter logo"/></a></li><li class="btm-12"><a class="linkedin-link" target="_blank" href="/redirect/?click_source=logged_element&page_location=footer_mobile&element_text=linkedin&url=https://www.linkedin.com/company/216295" title="Link to the Prezi LinkedIn company page"><img class="icons" src="https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/linkedin-icon.svg" width="18" height="18" alt="LinkedIn logo"/></a></li></ul><p class="small text-gray-3"> equals www.linkedin.com (Linkedin)
Source: chromecache_329.14.dr	String found in binary or memory: : Turn your last-minute presentation into a winning momentum</a></li><li class="btm-12"><a href="https://blog.prezi.com/" class="text-a">Latest posts</a></li></ul></div><div class="col-xs-12 col-md-6"></div><div class="col-xs-12 col-md-6"><ul class="list-inline social-links"><li class="btm-12"><a class="facebook-link" target="_blank" href="/redirect/?click_source=logged_element&page_location=footer_mobile&element_text=facebook&url=https://www.facebook.com/prezicom/" title="Link to the Prezi facebook page"><img class="icons" src="https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/facebook-icon.svg" width="18" height="18" alt="Facebook logo"/></a></li><li class="btm-12"><a class="twitter-link" target="_blank" href="/redirect/?click_source=logged_element&page_location=footer_mobile&element_text=twitter&url=https://twitter.com/prezi" title="Link to the Prezi twitter page"><img class="icons" src="https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/twitter-icon.svg" width="20" height="16" alt="Twitter logo"/></a></li><li class="btm-12"><a class="linkedin-link" target="_blank" href="/redirect/?click_source=logged_element&page_location=footer_mobile&element_text=linkedin&url=https://www.linkedin.com/company/216295" title="Link to the Prezi LinkedIn company page"><img class="icons" src="https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/linkedin-icon.svg" width="18" height="18" alt="LinkedIn logo"/></a></li></ul><p class="small text-gray-3"> equals www.twitter.com (Twitter)
Source: chromecache_350.14.dr	String found in binary or memory: function(h){return h.form===g})};return{store:function(g,h){var m=f(g);m?m.button=h:e.push({form:g,button:h})},get:function(g){var h=f(g);return h?h.button:null}}}function d(e,f,g,h,m){var n=Rz("fsl",g?"nv.mwt":"mwt",0),p;p=g?Rz("fsl","nv.ids",[]):Rz("fsl","ids",[]);if(!p.length)return!0;var q=Nz(e,"gtm.formSubmit",p),r=e.action;r&&r.tagName&&(r=e.cloneNode(!1).action);q["gtm.elementUrl"]=r;L(121);if("https://www.facebook.com/tr/"===r)return L(122),!0;m&&(q["gtm.formSubmitElement"]=m);if(h&&n){if(!vA(q, equals www.facebook.com (Facebook)
Source: chromecache_275.14.dr	String found in binary or memory: f\|\|g.length\|\|h.length))return;var n={jh:d,hh:e,ih:f,Vh:g,Wh:h,Ae:m,Ab:b},p=l.YT,q=function(){VD(n)};if(p)return p.ready&&p.ready(q),b;var r=l.onYouTubeIframeAPIReady;l.onYouTubeIframeAPIReady=function(){r&&r();q()};D(function(){for(var t=z.getElementsByTagName("script"),u=t.length,v=0;v<u;v++){var w=t[v].getAttribute("src");if(YD(w,"iframe_api")\|\|YD(w,"player_api"))return b}for(var x=z.getElementsByTagName("iframe"),y=x.length,B=0;B<y;B++)if(!PD&&WD(x[B],n.Ae))return Rc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: chromecache_275.14.dr, chromecache_333.14.dr, chromecache_350.14.dr, chromecache_289.14.dr	String found in binary or memory: return b}MD.D="internal.enableAutoEventOnTimer";var Ec=ka(["data-gtm-yt-inspected-"]),ND=["www.youtube.com","www.youtube-nocookie.com"],OD,PD=!1; equals www.youtube.com (Youtube)

Source: unknown

DNS traffic detected: queries for: prezi.com

Source: unknown

HTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: */*User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 4738Host: login.live.com

Source: chromecache_283.14.dr	String found in binary or memory: http://cooperhewitt.org/http://vllg.com/See
Source: chromecache_336.14.dr	String found in binary or memory: http://feross.org
Source: chromecache_222.14.dr, chromecache_270.14.dr	String found in binary or memory: http://getbootstrap.com)
Source: chromecache_344.14.dr	String found in binary or memory: http://github.com/jquery/globalize
Source: chromecache_314.14.dr	String found in binary or memory: http://hubs.ly/H0702_H0
Source: chromecache_340.14.dr	String found in binary or memory: http://jedwatson.github.io/classnames
Source: chromecache_270.14.dr	String found in binary or memory: http://jquery.com/
Source: chromecache_270.14.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_232.14.dr	String found in binary or memory: http://knockoutjs.com/
Source: chromecache_270.14.dr	String found in binary or memory: http://mths.be/placeholder
Source: chromecache_265.14.dr	String found in binary or memory: http://prezi.com/features/ai/?click_source=logged_element&page_location=footer&element_text=
Source: 25090817022.ttf.0.dr	String found in binary or memory: http://scripts.sil.org/OFL).
Source: chromecache_323.14.dr	String found in binary or memory: http://scripts.sil.org/OFLhttp://scripts.sil.org/OFL
Source: chromecache_323.14.dr	String found in binary or memory: http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLCopyright
Source: chromecache_270.14.dr	String found in binary or memory: http://sizzlejs.com/
Source: chromecache_323.14.dr	String found in binary or memory: http://theleagueofmoveabletype.comhttp://pixelspread.comThis
Source: chromecache_278.14.dr	String found in binary or memory: http://wicky.nillia.ms/headroom.js
Source: chromecache_270.14.dr	String found in binary or memory: http://www.google-analytics.com/__utm.gif
Source: chromecache_258.14.dr, chromecache_234.14.dr	String found in binary or memory: http://www.hubspot.com
Source: chromecache_232.14.dr	String found in binary or memory: http://www.json.org/json2.js
Source: 25090817022.ttf.0.dr	String found in binary or memory: http://www.latofonts.com/Lato-RegularLato
Source: 25090817022.ttf.0.dr	String found in binary or memory: http://www.latofonts.com/http://www.typoland.com/http://www.latofonts.com/http://scripts.sil.org/OFL
Source: chromecache_270.14.dr	String found in binary or memory: http://www.opensource.org/licenses/GPL-2.0
Source: chromecache_270.14.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php
Source: chromecache_232.14.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php)
Source: 25090817022.ttf.0.dr	String found in binary or memory: http://www.typoland.com/)
Source: You've Been Sent A Secure Document.eml	String found in binary or memory: http://www.zixcorp.com/get-star=
Source: ~WRS{531B1916-4E60-4A23-88FE-CDF1C36ED24C}.tmp.0.dr	String found in binary or memory: http://www.zixcorp.com/get-started/
Source: You've Been Sent A Secure Document.eml	String found in binary or memory: http://www.zixcorp.com/get-started=
Source: chromecache_329.14.dr	String found in binary or memory: https://0701.static.prezi.com/preview/v2/dmf6chteese3cuzqncze4ps7m36jc3sachvcdoaizecfr3dnitcq_0_0.pn
Source: chromecache_329.14.dr	String found in binary or memory: https://0701.static.prezi.com/preview/v2/dmf6chteese3cuzqncze4ps7m36jc3sachvcdoaizecfr3dnitcq_1_0.pn
Source: chromecache_329.14.dr	String found in binary or memory: https://0701.static.prezi.com/preview/v2/dmf6chteese3cuzqncze4ps7m36jc3sachvcdoaizecfr3dnitcq_2_0.pn
Source: chromecache_329.14.dr	String found in binary or memory: https://0701.static.prezi.com/preview/v2/dmf6chteese3cuzqncze4ps7m36jc3sachvcdoaizecfr3dnitcq_3_0.pn
Source: chromecache_321.14.dr	String found in binary or memory: https://8993b1c6.c7aeb996ba99e08645130852.workers.dev
Source: chromecache_254.14.dr	String found in binary or memory: https://accounts.google.com/gsi/
Source: chromecache_254.14.dr	String found in binary or memory: https://accounts.google.com/gsi/button
Source: chromecache_329.14.dr	String found in binary or memory: https://accounts.google.com/gsi/client
Source: chromecache_254.14.dr	String found in binary or memory: https://accounts.google.com/gsi/fedcm.json
Source: chromecache_254.14.dr	String found in binary or memory: https://accounts.google.com/gsi/fedcmcsp?client_id=
Source: chromecache_254.14.dr	String found in binary or memory: https://accounts.google.com/gsi/iframe/select
Source: chromecache_254.14.dr	String found in binary or memory: https://accounts.google.com/gsi/log
Source: chromecache_254.14.dr	String found in binary or memory: https://accounts.google.com/gsi/revoke
Source: chromecache_254.14.dr	String found in binary or memory: https://accounts.google.com/gsi/select
Source: chromecache_254.14.dr	String found in binary or memory: https://accounts.google.com/gsi/status
Source: chromecache_254.14.dr	String found in binary or memory: https://accounts.google.com/gsi/style
Source: chromecache_254.14.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/iframe
Source: chromecache_254.14.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/v2/auth
Source: chromecache_275.14.dr, chromecache_333.14.dr, chromecache_350.14.dr, chromecache_289.14.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_275.14.dr, chromecache_333.14.dr, chromecache_350.14.dr, chromecache_289.14.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_265.14.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Source: chromecache_216.14.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_265.14.dr	String found in binary or memory: https://assets.prezicdn.net/assets-versioned/coverservice-versioned/4007-70770c0/common/img/navigati
Source: chromecache_265.14.dr	String found in binary or memory: https://assets.prezicdn.net/assets-versioned/coverservice-versioned/4228-4071a4d/CACHE/css/output.c1
Source: chromecache_265.14.dr	String found in binary or memory: https://assets.prezicdn.net/assets-versioned/coverservice-versioned/4228-4071a4d/CACHE/js/output.ba9
Source: chromecache_265.14.dr	String found in binary or memory: https://assets.prezicdn.net/assets-versioned/coverservice-versioned/4228-4071a4d/CACHE/js/output.c8f
Source: chromecache_265.14.dr	String found in binary or memory: https://assets.prezicdn.net/assets-versioned/coverservice-versioned/4228-4071a4d/common/img/favicon.
Source: chromecache_265.14.dr	String found in binary or memory: https://assets.prezicdn.net/assets-versioned/coverservice-versioned/4228-4071a4d/common/img/prezi-ap
Source: chromecache_265.14.dr	String found in binary or memory: https://assets.prezicdn.net/assets-versioned/coverservice-versioned/4228-4071a4d/common/js/optimizel
Source: chromecache_265.14.dr	String found in binary or memory: https://assets.prezicdn.net/assets-versioned/coverservice-versioned/4228-4071a4d/coverservice/webflo
Source: chromecache_329.14.dr	String found in binary or memory: https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/CACHE/css/output.280f7
Source: chromecache_329.14.dr	String found in binary or memory: https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/CACHE/css/output.acf7f
Source: chromecache_329.14.dr	String found in binary or memory: https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/CACHE/css/output.c551d
Source: chromecache_329.14.dr	String found in binary or memory: https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/CACHE/css/output.f03e6
Source: chromecache_329.14.dr	String found in binary or memory: https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/CACHE/js/output.2f5423
Source: chromecache_329.14.dr	String found in binary or memory: https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/CACHE/js/output.a8e10b
Source: chromecache_329.14.dr	String found in binary or memory: https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/favicon.ico
Source: chromecache_329.14.dr	String found in binary or memory: https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/icons/Close
Source: chromecache_329.14.dr	String found in binary or memory: https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/prezi-apple
Source: chromecache_329.14.dr	String found in binary or memory: https://assets1.prezicdn.net/frontend-packages/react
Source: chromecache_329.14.dr	String found in binary or memory: https://assets1.prezicdn.net/frontend-packages/react-dom
Source: chromecache_265.14.dr, chromecache_329.14.dr	String found in binary or memory: https://blog.prezi.com/
Source: chromecache_329.14.dr	String found in binary or memory: https://blog.prezi.com/ai-generated-presentation/
Source: chromecache_265.14.dr	String found in binary or memory: https://blog.prezi.com/how-prezi-empowers-educators/
Source: chromecache_265.14.dr	String found in binary or memory: https://blog.prezi.com/how-to-run-effective-sales-meetings/
Source: chromecache_329.14.dr	String found in binary or memory: https://blog.prezi.com/powerpoint-night-ideas/
Source: chromecache_265.14.dr	String found in binary or memory: https://blog.prezi.com/presentation-styles/
Source: chromecache_329.14.dr	String found in binary or memory: https://blog.prezi.com/tomorrow-problem-last-minute-presentation/
Source: chromecache_275.14.dr, chromecache_333.14.dr, chromecache_350.14.dr, chromecache_289.14.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_265.14.dr, chromecache_329.14.dr	String found in binary or memory: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Source: chromecache_282.14.dr, chromecache_251.14.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/googleData.json
Source: chromecache_282.14.dr, chromecache_251.14.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/iab2Data.json
Source: chromecache_282.14.dr, chromecache_251.14.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/iab2V2Data.json
Source: chromecache_282.14.dr, chromecache_251.14.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/iabData.json
Source: chromecache_350.14.dr	String found in binary or memory: https://cdn.taboola.com/libtrc/unip/
Source: chromecache_324.14.dr	String found in binary or memory: https://cdn.taboola.com/scripts/cds-pips.js
Source: chromecache_324.14.dr	String found in binary or memory: https://cdn.taboola.com/scripts/eid.es5.js
Source: chromecache_286.14.dr, chromecache_240.14.dr	String found in binary or memory: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
Source: chromecache_281.14.dr, chromecache_274.14.dr	String found in binary or memory: https://cookiepedia.co.uk/giving-consent-to-cookies
Source: chromecache_282.14.dr, chromecache_251.14.dr	String found in binary or memory: https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck
Source: chromecache_265.14.dr	String found in binary or memory: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=64be3ac6d7e811ba37809e1
Source: chromecache_270.14.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/HTTP/Access_control_CORS
Source: chromecache_270.14.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/CSS/linear-gradient
Source: chromecache_254.14.dr	String found in binary or memory: https://developers.google.com/identity/gsi/web/guides/fedcm-migration?s=dc#cross_origin)
Source: chromecache_254.14.dr	String found in binary or memory: https://developers.google.com/identity/gsi/web/guides/fedcm-migration?s=dc#display_moment
Source: chromecache_254.14.dr	String found in binary or memory: https://developers.google.com/identity/gsi/web/guides/fedcm-migration?s=dc#layout
Source: chromecache_254.14.dr	String found in binary or memory: https://developers.google.com/identity/gsi/web/guides/fedcm-migration?s=dc#skipped_moment
Source: chromecache_265.14.dr	String found in binary or memory: https://dna8twue3dlxq.cloudfront.net/js/profitwell.js
Source: chromecache_270.14.dr	String found in binary or memory: https://drafts.csswg.org/css-images-3/#gradients
Source: chromecache_340.14.dr	String found in binary or memory: https://fb.me/react-animation-transition-group-timeout
Source: chromecache_265.14.dr	String found in binary or memory: https://fonts.googleapis.com
Source: chromecache_265.14.dr	String found in binary or memory: https://fonts.gstatic.com
Source: chromecache_282.14.dr, chromecache_251.14.dr	String found in binary or memory: https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Source: chromecache_270.14.dr	String found in binary or memory: https://github.com/Modernizr/Modernizr/issues/202)
Source: chromecache_270.14.dr	String found in binary or memory: https://github.com/carhartl/jquery-cookie
Source: chromecache_294.14.dr, chromecache_336.14.dr	String found in binary or memory: https://github.com/douglascrockford/JSON-js
Source: chromecache_222.14.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_289.14.dr	String found in binary or memory: https://google.com
Source: chromecache_289.14.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_265.14.dr, chromecache_329.14.dr	String found in binary or memory: https://hslogger-app.prezi.com/log/
Source: chromecache_265.14.dr	String found in binary or memory: https://infogram.com/?utm_source=referral&utm_medium=prezi&utm_campaign=site-footer
Source: chromecache_265.14.dr	String found in binary or memory: https://infogram.com/templates?utm_source=referral&utm_medium=prezi&utm_campaign=site-footer
Source: chromecache_329.14.dr	String found in binary or memory: https://infogram.com/templates?utm_source=referral&utm_medium=prezi&utm_campaign=site-footer#infogra
Source: chromecache_329.14.dr	String found in binary or memory: https://infogram.com/templates?utm_source=referral&utm_medium=prezi&utm_campaign=site-footer#single-
Source: chromecache_329.14.dr	String found in binary or memory: https://infogram.com?utm_source=referral&utm_medium=prezi&utm_campaign=site-footer
Source: chromecache_258.14.dr	String found in binary or memory: https://js-na1.hs-scripts.com/20307117.js
Source: chromecache_314.14.dr	String found in binary or memory: https://js.hs-analytics.net/analytics/1711634700000/20307117.js
Source: chromecache_234.14.dr	String found in binary or memory: https://js.hs-banner.com/v2
Source: chromecache_314.14.dr	String found in binary or memory: https://js.hs-banner.com/v2/20307117/banner.js
Source: chromecache_232.14.dr	String found in binary or memory: https://js.monitor.azure.com/scripts/c/ms.analytics-web-2.min.js
Source: chromecache_244.14.dr	String found in binary or memory: https://login.microsoftonline.com
Source: chromecache_244.14.dr	String found in binary or memory: https://login.windows-ppe.net
Source: chromecache_270.14.dr	String found in binary or memory: https://modernizr.com/download?-cors-cssgradients-prefixes-setclasses-dontmin
Source: chromecache_254.14.dr	String found in binary or memory: https://oauth2.googleapis.com/revoke
Source: chromecache_265.14.dr	String found in binary or memory: https://openfpcdn.io/botd/v1
Source: chromecache_265.14.dr	String found in binary or memory: https://package-bundles.prezi.com/cookie-consent/cookie-consent.1.0.6/cookie-consent.js
Source: chromecache_329.14.dr	String found in binary or memory: https://package-bundles.prezi.com/design-view-page/design-view-page.0.1.669/design-view-page.js
Source: chromecache_289.14.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_214.14.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204/?id=turtlex_join_ig&tx_jig=$
Source: chromecache_275.14.dr, chromecache_333.14.dr, chromecache_350.14.dr, chromecache_289.14.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_329.14.dr	String found in binary or memory: https://prezi-analytics.com/t.js
Source: chromecache_329.14.dr	String found in binary or memory: https://prezi-analytics.com/t2
Source: chromecache_265.14.dr	String found in binary or memory: https://prezi.com/
Source: chromecache_329.14.dr	String found in binary or memory: https://prezi.com/api/v1/featureswitches/
Source: chromecache_265.14.dr	String found in binary or memory: https://prezi.com/de/
Source: chromecache_265.14.dr	String found in binary or memory: https://prezi.com/es/
Source: chromecache_265.14.dr	String found in binary or memory: https://prezi.com/fr/
Source: chromecache_265.14.dr	String found in binary or memory: https://prezi.com/hu/
Source: chromecache_329.14.dr	String found in binary or memory: https://prezi.com/i/kqo5vuvbtycd/secure
Source: chromecache_329.14.dr	String found in binary or memory: https://prezi.com/i/view/pR8cOHi26DZvZnMnybLa
Source: chromecache_265.14.dr	String found in binary or memory: https://prezi.com/it/
Source: chromecache_265.14.dr	String found in binary or memory: https://prezi.com/ja/
Source: chromecache_265.14.dr	String found in binary or memory: https://prezi.com/ko/
Source: chromecache_274.14.dr	String found in binary or memory: https://prezi.com/legal/privacy-policy/
Source: chromecache_329.14.dr	String found in binary or memory: https://prezi.com/m/kqo5vuvbtycd/secure
Source: chromecache_265.14.dr	String found in binary or memory: https://prezi.com/pt/
Source: chromecache_340.14.dr	String found in binary or memory: https://raw.githubusercontent.com/stefanpenner/es6-promise/master/LICENSE
Source: chromecache_292.14.dr, chromecache_273.14.dr	String found in binary or memory: https://reactjs.org/docs/error-decoder.html?invariant=
Source: chromecache_273.14.dr	String found in binary or memory: https://reactjs.org/link/react-polyfills
Source: chromecache_350.14.dr	String found in binary or memory: https://snap.licdn.com/li.lms-analytics/insight.min.js
Source: chromecache_275.14.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_275.14.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_216.14.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_265.14.dr	String found in binary or memory: https://support.prezi.com/
Source: chromecache_216.14.dr	String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_214.14.dr, chromecache_289.14.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_214.14.dr	String found in binary or memory: https://td.doubleclick.net/td/bjs
Source: chromecache_214.14.dr	String found in binary or memory: https://td.doubleclick.net/td/bts
Source: chromecache_214.14.dr	String found in binary or memory: https://td.doubleclick.net/td/buyer.wasm
Source: chromecache_214.14.dr	String found in binary or memory: https://td.doubleclick.net/td/update?ig_name=1j385754586
Source: chromecache_214.14.dr	String found in binary or memory: https://td.doubleclick.net/td/update?ig_name=1j4338051
Source: chromecache_214.14.dr	String found in binary or memory: https://td.doubleclick.net/td/update?ig_name=1j474552973
Source: chromecache_214.14.dr	String found in binary or memory: https://td.doubleclick.net/td/update?ig_name=1j599176323
Source: chromecache_265.14.dr	String found in binary or memory: https://twitter.com/prezi
Source: chromecache_265.14.dr	String found in binary or memory: https://uploads-ssl.webflow.com/64be3ac6d7e811ba37809e1c/64be4739e5d4a152cf8542b5_Hero%2006%402x.png
Source: chromecache_265.14.dr	String found in binary or memory: https://uploads-ssl.webflow.com/64be3ac6d7e811ba37809e1c/6529381761443687cc41c8e8_Text
Source: chromecache_295.14.dr	String found in binary or memory: https://walrusarnerica.com?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3dhbHJ1
Source: chromecache_270.14.dr	String found in binary or memory: https://webkit.org/blog/175/introducing-css-gradients/
Source: You've Been Sent A Secure Document.eml, ~WRS{531B1916-4E60-4A23-88FE-CDF1C36ED24C}.tmp.0.dr	String found in binary or memory: https://workdrive.zoho.eu/file/17s6p7fb7d86e6c7d46b790f74da739ebdd8d
Source: chromecache_350.14.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_216.14.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_216.14.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_216.14.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_289.14.dr	String found in binary or memory: https://www.google.com
Source: chromecache_216.14.dr	String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_248.14.dr	String found in binary or memory: https://www.google.com/pagead/1p-user-list/1001687149/?random
Source: chromecache_242.14.dr	String found in binary or memory: https://www.google.com/pagead/1p-user-list/AW-958692981/?random
Source: chromecache_289.14.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_289.14.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_275.14.dr, chromecache_333.14.dr, chromecache_350.14.dr, chromecache_289.14.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_216.14.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_289.14.dr	String found in binary or memory: https://www.googletagmanager.com/static/exp/keys.json
Source: chromecache_265.14.dr	String found in binary or memory: https://www.instagram.com/prezicom/?click_source=logged_element&page_location=footer
Source: chromecache_265.14.dr	String found in binary or memory: https://www.linkedin.com/company/216295
Source: chromecache_275.14.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_265.14.dr	String found in binary or memory: https://www.tiktok.com/
Source: chromecache_265.14.dr	String found in binary or memory: https://www.youtube.com/embed/LRdbULX-abg?badge=0&autoplay=1&html5=1&rel=0
Source: chromecache_275.14.dr	String found in binary or memory: https://www.youtube.com/iframe_api

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49940
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown	Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 49937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 20.190.190.193:443 -> 192.168.2.16:49702 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49707 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49902 version: TLS 1.2

Creates a window with clipboard capturing capabilities

Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE

Window created: window name: CLIPBRDWNDCLASS

Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe	Section loaded: c2r64.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe	Section loaded: gpapi.dll	Jump to behavior

Source: unknown	Process created: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /eml "C:\Users\user\Desktop\You've Been Sent A Secure Document.eml"
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process created: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "8EA30526-B287-4EE4-B884-096176A1E84D" "3003ECE5-8FE0-44CE-9900-2BDC009B1CAF" "7040" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx"
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://prezi.com/i/view/pR8cOHi26DZvZnMnybLa
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=2000,i,3644548179223104437,7415050152402056491,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process created: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "8EA30526-B287-4EE4-B884-096176A1E84D" "3003ECE5-8FE0-44CE-9900-2BDC009B1CAF" "7040" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx"	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://prezi.com/i/view/pR8cOHi26DZvZnMnybLa	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=2000,i,3644548179223104437,7415050152402056491,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.13.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.13.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.13.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.13.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.13.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.13.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior

IP	Domain	Country	ASN	ASN Name	Malicious
172.253.62.154	stats.g.doubleclick.net	United States	15169	GOOGLEUS	false
104.19.155.83	track.hubspot.com	United States	13335	CLOUDFLARENETUS	false
18.165.83.3	prezigram-assets.prezicdn.net	United States	3	MIT-GATEWAYSUS	false
18.67.65.16	d3aeorqw7ononu.cloudfront.net	United States	3	MIT-GATEWAYSUS	false
20.190.151.6	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
104.18.32.137	unknown	United States	13335	CLOUDFLARENETUS	false
104.22.56.142	cdn.jifo.co	United States	13335	CLOUDFLARENETUS	false
13.249.39.3	d3rwxsx3brl7p6.cloudfront.net	United States	16509	AMAZON-02US	false
172.253.62.105	www.google.com	United States	15169	GOOGLEUS	false
18.67.65.108	unknown	United States	3	MIT-GATEWAYSUS	false
52.71.34.224	prezi.com	United States	14618	AMAZON-AESUS	false
151.101.193.44	tls13.taboola.map.fastly.net	United States	54113	FASTLYUS	false
172.253.122.106	unknown	United States	15169	GOOGLEUS	false
5.44.220.14	mr-asus.ru	Latvia	43513	NANO-ASLV	false
99.83.220.209	unknown	United States	16509	AMAZON-02US	false
3.162.115.54	d2pj2twnjx3fya.cloudfront.net	United States	16509	AMAZON-02US	false
152.199.4.44	cs1100.wpc.omegacdn.net	United States	15133	EDGECASTUS	false
104.21.55.220	8993b1c6.c7aeb996ba99e08645130852.workers.dev	United States	13335	CLOUDFLARENETUS	false
157.240.229.35	star-mini.c10r.facebook.com	United States	32934	FACEBOOKUS	false
172.64.155.119	geolocation.onetrust.com	United States	13335	CLOUDFLARENETUS	false
151.101.1.44	dualstack.tls13.taboola.map.fastly.net	United States	54113	FASTLYUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
172.253.115.156	unknown	United States	15169	GOOGLEUS	false
104.17.2.184	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
34.227.43.173	unknown	United States	14618	AMAZON-AESUS	false
40.97.188.242	MNZ-efz.ms-acdc.office.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
104.19.177.52	cdn.cookielaw.org	United States	13335	CLOUDFLARENETUS	false
142.251.16.156	td.doubleclick.net	United States	15169	GOOGLEUS	false
172.253.122.113	analytics.google.com	United States	15169	GOOGLEUS	false
142.251.167.106	unknown	United States	15169	GOOGLEUS	false
172.253.122.156	googleads.g.doubleclick.net	United States	15169	GOOGLEUS	false
104.17.3.184	unknown	United States	13335	CLOUDFLARENETUS	false
185.230.64.186	walrusarnerica.com	Spain	207046	REDSERVICIOES	false
141.226.224.48	us-vip001.taboola.com	Israel	200478	TABOOLA-ASIL	false
75.2.83.248	prezi-analytics.com	United States	16509	AMAZON-02US	false
104.16.189.89	js.hs-scripts.com	United States	13335	CLOUDFLARENETUS	false
52.73.96.232	bandar-logger.prezi.com	United States	14618	AMAZON-AESUS	false
104.19.178.52	unknown	United States	13335	CLOUDFLARENETUS	false
31.13.66.35	unknown	Ireland	32934	FACEBOOKUS	false
104.18.34.229	js.hs-banner.com	United States	13335	CLOUDFLARENETUS	false
104.16.77.186	js.hs-analytics.net	United States	13335	CLOUDFLARENETUS	false
157.240.229.1	scontent.xx.fbcdn.net	United States	32934	FACEBOOKUS	false
18.154.227.33	d1zvw2klwdlloe.cloudfront.net	United States	16509	AMAZON-02US	false
141.226.224.32	us-cds.taboola.com	Israel	200478	TABOOLA-ASIL	false

Name	IP	Active
cdn.jifo.co	104.22.56.142	true
tls13.taboola.map.fastly.net	151.101.193.44	true
cs1100.wpc.omegacdn.net	152.199.4.44	true
d3rwxsx3brl7p6.cloudfront.net	13.249.39.3	true
js.hs-analytics.net	104.16.77.186	true
prezigram-assets.prezicdn.net	18.165.83.3	true
us-vip001.taboola.com	141.226.224.48	true
mr-asus.ru	5.44.220.14	true
MNZ-efz.ms-acdc.office.com	40.97.188.242	true
stats.g.doubleclick.net	172.253.62.154	true
prezi-analytics.com	75.2.83.248	true
scontent.xx.fbcdn.net	157.240.229.1	true
walrusarnerica.com	185.230.64.186	true
track.hubspot.com	104.19.155.83	true
dualstack.tls13.taboola.map.fastly.net	151.101.1.44	true
js.hs-scripts.com	104.16.189.89	true
www.google.com	172.253.62.105	true
bandar-logger.prezi.com	52.73.96.232	true
d2pj2twnjx3fya.cloudfront.net	3.162.115.54	true
js.hs-banner.com	104.18.34.229	true
star-mini.c10r.facebook.com	157.240.229.35	true
d1zvw2klwdlloe.cloudfront.net	18.154.227.33	true
8993b1c6.c7aeb996ba99e08645130852.workers.dev	104.21.55.220	true
us-cds.taboola.com	141.226.224.32	true
googleads.g.doubleclick.net	172.253.122.156	true
challenges.cloudflare.com	104.17.2.184	true
analytics.google.com	172.253.122.113	true
td.doubleclick.net	142.251.16.156	true
prezi.com	52.71.34.224	true
d3aeorqw7ononu.cloudfront.net	18.67.65.16	true
cdn.cookielaw.org	104.19.177.52	true
geolocation.onetrust.com	172.64.155.119	true
psb.taboola.com	unknown	unknown
assets.prezicdn.net	unknown	unknown
assets1.prezicdn.net	unknown	unknown
trc-events.taboola.com	unknown	unknown
cds.taboola.com	unknown	unknown
package-bundles.prezi.com	unknown	unknown
www.facebook.com	unknown	unknown
r4.res.office365.com	unknown	unknown
www.linkedin.com	unknown	unknown
aadcdn.msftauth.net	unknown	unknown
trc.taboola.com	unknown	unknown
analytics.pangle-ads.com	unknown	unknown
connect.facebook.net	unknown	unknown
px.ads.linkedin.com	unknown	unknown
outlook.office365.com	unknown	unknown
snap.licdn.com	unknown	unknown
cdn.taboola.com	unknown	unknown
analytics.tiktok.com	unknown	unknown
pips.taboola.com	unknown	unknown

Name	Malicious	Antivirus Detection	Reputation
https://cds.taboola.com/?uid=c3438892-e13a-4f00-a3ac-73aedb642a2b-tuctcfeff43&ptf=V2luZG93cw==&ptfv=MTAuMC4w&ufv=MTE3LjAuNTkzOC4xMzI=&bnd=R29vZ2xlIENocm9tZQ==&bndv=MTE3&bnd=Tm90O0E9QnJhbmQ=&bndv=OA==&bnd=Q2hyb21pdW0=&bndv=MTE3&mbl=ZmFsc2U=	false		high
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=291059134405770&ev=SubscribedButtonClick&dl=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&rl=&if=false&ts=1711634886235&cd[buttonFeatures]=%7B%22classList%22%3A%22%22%2C%22destination%22%3A%22%22%2C%22id%22%3A%22onetrust-accept-btn-handler%22%2C%22imageUrl%22%3A%22%22%2C%22innerText%22%3A%22Accept%20Cookies%22%2C%22numChildButtons%22%3A0%2C%22tag%22%3A%22button%22%2C%22type%22%3Anull%2C%22name%22%3A%22%22%2C%22value%22%3A%22%22%7D&cd[buttonText]=Accept%20Cookies&cd[formFeatures]=%5B%5D&cd[pageFeatures]=%7B%22title%22%3A%22%5Cn%20%20%20%20Secure%20Document%20by%20Matthew%20Swift%20on%20Prezi%20Design%5Cn%22%7D&sw=1280&sh=1024&v=2.9.151&r=stable&ec=1&o=4126&fbp=fb.1.1711634882815.126934393&ler=empty&cdl=API_unavailable&it=1711634882070&coo=false&dpo=&es=automatic&tm=3&rqm=FGET	false		high
https://cdn.taboola.com/libtrc/unip/1013987/tfa.js	false		high
https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/CACHE/css/output.f03e6a92b501.css	false	Avira URL Cloud: safe	unknown
https://prezi.com/api/v1/fonts/CooperHewitt-Bold/	false		high
about:blank	false	Avira URL Cloud: safe	low
https://d2pj2twnjx3fya.cloudfront.net/frontend-packages/viewer-container/report_icon.svg	false		high
https://walrusarnerica.com/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css	false	Avira URL Cloud: safe	unknown
https://package-bundles.prezi.com/design-view-page/design-view-page.0.1.669/design-view-page.js	false		high
https://walrusarnerica.com/aadcdn.msftauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_QMJbZSc_Phofl-lfd63BLw2.js	false	Avira URL Cloud: safe	unknown
https://walrusarnerica.com/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js	false	Avira URL Cloud: safe	unknown
https://assets1.prezicdn.net/common/fonts/raleway-semibold.woff2	false	Avira URL Cloud: safe	unknown
https://www.google.com/pagead/1p-user-list/AW-958692981/?random=1711634882084&cv=11&fst=1711634400000&bg=ffffff&guid=ON&async=1&gtm=45be43p0z86358348za201&gcd=13r3r3l3l5&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&frm=0&tiba=Secure%20Document%20by%20Matthew%20Swift%20on%20Prezi%20Design&npa=0&data=ads_data_redaction%3Dfalse&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqCzbpt8RH-whwEgiedhhzkQsAXMh4bejQ4DOfUB6nuAcN45JF&random=59350646&rmt_tld=0&ipr=y	false		high
https://8993b1c6.c7aeb996ba99e08645130852.workers.dev/	true		unknown
https://cdn.jifo.co/prezigram/viewer.js	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://cdn.jifo.co/js/dist/viewer-9c30345a13e32e20f73a-prezigram.js	false	Avira URL Cloud: safe	unknown
https://d2pj2twnjx3fya.cloudfront.net/frontend-packages/viewer-container/share_icon.svg	false		high
https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/footers/linkedin-icon.svg	false	Avira URL Cloud: safe	unknown
https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/favicon.ico?v=2	false	Avira URL Cloud: safe	unknown
https://walrusarnerica.com/aadcdn.msftauth.net/~/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg	false	Avira URL Cloud: safe	unknown
https://prezi.com/	false		high
https://walrusarnerica.com/aadcdn.msftauth.net/~/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg	false	Avira URL Cloud: safe	unknown
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js	false		high
https://walrusarnerica.com/aadcdn.msftauth.net/~/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png	false	Avira URL Cloud: safe	unknown
https://www.facebook.com/tr/?id=291059134405770&ev=PageView&dl=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&rl=&if=false&ts=1711634882816&sw=1280&sh=1024&v=2.9.151&r=stable&ec=0&o=4126&fbp=fb.1.1711634882815.126934393&ler=empty&cdl=API_unavailable&it=1711634882070&coo=false&dpo=&rqm=GET	false		high
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3r3l3l5&rnd=1861409893.1711634881&url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&dma=0&npa=0&gtm=45He43p0h1n71MQ6FG2v6358348za200&auid=2095783995.1711634881	false		high
https://prezi.com/api/v1/featureswitches/	false		high
https://prezi.com/api/v2/prezigram/getProjectContent?viewlinkId=pR8cOHi26DZvZnMnybLa&appVersion=a85a008f49176f15ba67d69d5423c8f41d5d80cd	false		high
https://d2pj2twnjx3fya.cloudfront.net/frontend-packages/viewer-container/embed.svg	false		high
https://js.hs-analytics.net/analytics/1711634700000/20307117.js	false	Avira URL Cloud: safe	unknown
https://cdn.cookielaw.org/logos/static/ot_persistent_cookie.png	false		high
https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/CACHE/css/output.acf7fd5f9f6d.css	false	Avira URL Cloud: safe	unknown
https://assets1.prezicdn.net/frontend-packages/react@17.0.0/umd/react.production.min.js	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/86b83137dd593880/1711634908231/7dff40727db7e0ab990155ecf75aae403895f646d5f3a295266cb41f99bcc39d/UytNTup_UbjRTAY	false		high
https://walrusarnerica.com/	false	Avira URL Cloud: safe	unknown
https://cdn.cookielaw.org/consent/babb4261-7c8b-4e0d-9b99-ce4e6e126a13/39849568-3e88-4ee4-8165-fcb0c856021e/en.json	false		high
https://trc.taboola.com/1013987/trc/3/json?tim=1711634881859&data=%7B%22id%22%3A190%2C%22ii%22%3A%22%2Fi%2Fview%2Fpr8cohi26dzvznmnybla%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1711634881848%2C%22cv%22%3A%2220240321-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dprezi-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22cbp%22%3A%22OneTrust%22%2C%22cbpv%22%3A%221%22%2C%22cbcd%22%3A%22%2CC0001%2CC0003%2CSSPD_BG%2CC0002%2CC0004%2C%22%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1711634881857%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa%22%2C%22tos%22%3A4%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i	false		high
https://walrusarnerica.com/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_76bb127b5869a5c6b8b3.js	false	Avira URL Cloud: safe	unknown
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2156578-3&cid=331924544.1711634882&jid=534201109&_u=YEBAAAAAAAAAAC~&z=103489921	false		high
https://assets1.prezicdn.net/common/fonts/raleway-bold.woff2	false	Avira URL Cloud: safe	unknown
https://www.google.com/pagead/landing?gcs=G111&gcd=13r3r3l3l5&rnd=1861409893.1711634881&url=https%3A%2F%2Fprezi.com%2Fi%2Fview%2FpR8cOHi26DZvZnMnybLa&dma=0&npa=0&gtm=45He43p0h1n71MQ6FG2v6358348za200&auid=2095783995.1711634881	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/i7zxk/0x4AAAAAAAViFPeHH3z19NbO/auto/normal	false		high
https://assets.prezicdn.net/assets-versioned/prezipage-versioned/4972-84c2790/common/img/logo/prezi-logo-white.svg	false	Avira URL Cloud: safe	unknown

ID:	1417055
Product:	CloudBasic
Start time:	15:07:06
Start date:	28.03.2024
Sample:	You've Been Sent A Secure Document.eml
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS
MD5:	af84a5a64f8c0d60e48a82807c2ae9fb
SHA1:	21040e18398edc7f2b3432c63a3741c8b6a06177
SHA256:	1391f4ae40afa1ba8c7f2e22e0514c65f58bf483553423362143f09d02b9bc1c
Filetype:	E-Mail message (Var. 5) (54515/1) 100.00%

Windows Analysis Report You've Been Sent A Secure Document.eml

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

Key, Mouse, Clipboard, Microphone and Screen Capturing

System Summary

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Language, Device and Operating System Detection

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
You've Been Sent A Secure Document.eml