Windows Analysis Report
https://global.americanexpress.com/help?inav=iNUtlContact&extlink=us-em-serv-footer-helpcenter

Overview

General Information

Sample URL:	https://global.americanexpress.com/help?inav=iNUtlContact&extlink=us-em-serv-footer-helpcenter
Analysis ID:	1426758
Infos:

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

HTML body with high number of embedded images detected

Stores files to the Windows start menu directory

Classification

Signatures

HTML body with high number of embedded images detected

Source: https://global.americanexpress.com/help?inav=iNUtlContact&extlink=us-em-serv-footer-helpcenter

HTTP Parser: Total embedded image size: 15606

Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.18:49693 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.18:49697 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.18:49698 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.18:49705 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 23.79.187.180
Source: unknown	TCP traffic detected without corresponding DNS query: 23.76.32.107
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26

Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=s+M7GxcDtlbET9Y&MD=DFrtxrWu HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=s+M7GxcDtlbET9Y&MD=DFrtxrWu HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1713274301023 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://global.americanexpress.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1713274301023 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://global.americanexpress.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=14639981717196152352028843229767243559
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=5.0.0&d_fieldgroup=A&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&mid=14483685490011032432048978651132711855&ts=1713274302100 HTTP/1.1Host: omns.americanexpress.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://global.americanexpress.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TS0114bdae=0144d4a839586b141b989af62e52371e6fc307f9d3a5061f1757c48d9180280c953015a6c6dc95d5b236407f09d657189c894cb579; agent-id=75ae5b53-68cf-4749-8f79-9c43a50fd031; bm_sz=6F6A31595189F7CEAF8A71424DC072A4~YAAQT2gBF03jz8qOAQAA+PQa5xdLqqvmjQo3qql/RSrk+NqgjmVtGRIpJ5fdyCwxL0VXYKaP3pbR9g9uEQWh5UXeVA9Y7V1m7P4NNPA2wKeGfYWBW+KWNGyMZxqUZSy9uAImtIyhIACEkuWppPtqSOdH4vOm1jvnIpZNwdjJ40gWe4OdNk+2mZF9LZGpSPN5W63KHWQIvJ4iH5vJLvoAaS+w4fiJUQj52oL6gxC2RBjBKPwxow2vambX2wX+CPZjRLt4NZMtr+f2bbmARnFCo/v3eRsPyS0JH12rulCjsr5LIQPNrvwt3MBukJtjlim+A82Bo9I2DgrIS9B1+gITDv42IX5px8tCUDTbVR2J6Yk61l/LMCVXt34MUCVLH7mYt71W1ejDyL4Ow4Ls~3293761~4342328; rxVisitor=1713274290937A7R6R3LAF697QOVKMJMDGTMITTEUMT0A; dtLatC=509; dtSa=-; dtCookie=v_4_srv_104_sn_D31AC96E3DF032551F710E6D44416A15_app-3Af32f70c4a19cb7f4_1_ol_0_perc_100000_mul_1_rcs-3Acss_0; _abck=AD827B41E34AB180244EB157C2E73EBF~0~YAAQUGgBFxym8NWOAQAAohcb5wu2ZGB60GcxQTa+6qpnA6FyqN4LrC5qrO0RImU4BIA5aiW5kpMSaiSyndfm39JpVX1S9C5VrOKKlePm9qqeBP9bYW6Iy7qKpBsP3xUYB36lvGG30+nKugXF2BlliLDzfCwaXSu1mXM8QrQC/1pLZU9IMUL+Xd7YLjPlWK7R8OkqushCcrWmU0Z8UNvySw6H36ckn7kVb74EibUOlgNgtg3l8YqVIigkF1WhtKEz6PsqbZ8oa/aADoHU3xYQBLcjAXjQkb8zA7V6/swvOTxG9IFfROLdI5inH5Ekc1pUAyTn1mvUZihn7Z+D5+RQBw6w7sE/nU7wgoFoU8sLmvC19Zmav3geNzaUhXZ5j7rF/R3U84iksSTiDDNRG6kw2MqWYlSBD4zoUiPFl9c7ypAI~-1~-1~-1; rxvt=1713276099040\|1713274290940; dtPC=$274290934_630h-vCCRUAIBSCBAUJCNRSUGTAFBDWCRAFKQA-0e0; s_pers=%20s_tslv%3D1713274301817%7C1776346301817%3B; s_sess=%20s_tp%3D1568%3B%20s_ppv%3Dus%25257Coneamex%25257Cser%25257Chelp%252C58%252C58%252C907%3B%20omn_extlink%3Dus-em-serv-footer-helpcenter%3B%20omn_inav%3DiNUtlContact%3B; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1; AMCV_5C36123F5245AF470A490D45%40AdobeOrg=870038026%7CMCMID%7C14483685490011032432048978651132711855%7CMCAAMLH-1713879102%7C7%7CMCAAMB-1713879102%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1713281502s%7CNONE%7CvVersion%7C5.0.0
Source: global traffic	HTTP traffic detected: GET /id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1713274301023 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=14639981717196152352028843229767243559
Source: global traffic	HTTP traffic detected: GET /b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s6959995791769?AQB=1&ndh=1&pf=1&t=16%2F3%2F2024%2015%3A31%3A42%202%20-120&mid=14483685490011032432048978651132711855&aamlh=7&ce=UTF-8&cl=34128000&pageName=us%7Coneamex%7Cser%7Chelp&g=https%3A%2F%2Fglobal.americanexpress.com%2Fhelp%3Finav%3DiNUtlContact%26extlink%3Dus-em-serv-footer-helpcenter%26extlink%3Dus-em-serv-footer-helpcenter%26&c.&visitorCheck=VisitorAPI%20Present&cm.&ssf=1&.cm&omn.&lob=ser&country=us&language=en&extlink=us-em-serv-footer-helpcenter&inav=iNUtlContact&.omn&.c&h.&architecture=x86&bitness=64&platformVersion=10.0.0&.h&cc=USD&server=global.americanexpress.com&v0=extlink%3Dus-em-serv-footer-helpcenter&events=event140%2Cevent45&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&h1=us%7Coneamex%7Cser&c3=en&c4=US&c6=D%3Dv6&v8=iNUtlContact&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c19=US%7Coneamex%7Cser&v21=US%3ALegacy%20Non-Search&c24=US%7Coneamex%7Cser&v27=US&c30=US%7Coneamex%7Cser&c31=US&c38=US%7Coneamex%7Cser&c43=New%20Visitor&c44=D%3Dv44&v45=prospect&c46=DLS%20Navigation&c49=Launch-OneAmex%3Av1.4.9-AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-SS%3AY-msuite%3Atrue-PD%3A2024-04-03&c50=non-authenticated&c56=oneamex%3Adesktop&v60=1280&v61=landscape&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v71=us%7Coneamex%7Cser%7Chelp&v72=n%2Fa&v74=us%7Coneamex%7Cser%7Chelp&c75=Launch&v75=14483685490011032432048978651132711855&v94=D%3Dagent-id&v140=UCM%3A%20en-US%7C%20docEle%3A%20en-US%7C&v142=1713274290937A7R6R3LAF697QOVKMJMDGTMITTEUMT0A&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=907&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1 HTTP/1.1Host: omns.americanexpress.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TS0114bdae=0144d4a839586b141b989af62e52371e6fc307f9d3a5061f1757c48d9180280c953015a6c6dc95d5b236407f09d657189c894cb579; agent-id=75ae5b53-68cf-4749-8f79-9c43a50fd031; bm_sz=6F6A31595189F7CEAF8A71424DC072A4~YAAQT2gBF03jz8qOAQAA+PQa5xdLqqvmjQo3qql/RSrk+NqgjmVtGRIpJ5fdyCwxL0VXYKaP3pbR9g9uEQWh5UXeVA9Y7V1m7P4NNPA2wKeGfYWBW+KWNGyMZxqUZSy9uAImtIyhIACEkuWppPtqSOdH4vOm1jvnIpZNwdjJ40gWe4OdNk+2mZF9LZGpSPN5W63KHWQIvJ4iH5vJLvoAaS+w4fiJUQj52oL6gxC2RBjBKPwxow2vambX2wX+CPZjRLt4NZMtr+f2bbmARnFCo/v3eRsPyS0JH12rulCjsr5LIQPNrvwt3MBukJtjlim+A82Bo9I2DgrIS9B1+gITDv42IX5px8tCUDTbVR2J6Yk61l/LMCVXt34MUCVLH7mYt71W1ejDyL4Ow4Ls~3293761~4342328; rxVisitor=1713274290937A7R6R3LAF697QOVKMJMDGTMITTEUMT0A; dtLatC=509; dtSa=-; dtCookie=v_4_srv_104_sn_D31AC96E3DF032551F710E6D44416A15_app-3Af32f70c4a19cb7f4_1_ol_0_perc_100000_mul_1_rcs-3Acss_0; _ab
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=5.0.0&d_fieldgroup=A&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&mid=14483685490011032432048978651132711855&ts=1713274302100 HTTP/1.1Host: omns.americanexpress.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TS0114bdae=0144d4a839586b141b989af62e52371e6fc307f9d3a5061f1757c48d9180280c953015a6c6dc95d5b236407f09d657189c894cb579; agent-id=75ae5b53-68cf-4749-8f79-9c43a50fd031; bm_sz=6F6A31595189F7CEAF8A71424DC072A4~YAAQT2gBF03jz8qOAQAA+PQa5xdLqqvmjQo3qql/RSrk+NqgjmVtGRIpJ5fdyCwxL0VXYKaP3pbR9g9uEQWh5UXeVA9Y7V1m7P4NNPA2wKeGfYWBW+KWNGyMZxqUZSy9uAImtIyhIACEkuWppPtqSOdH4vOm1jvnIpZNwdjJ40gWe4OdNk+2mZF9LZGpSPN5W63KHWQIvJ4iH5vJLvoAaS+w4fiJUQj52oL6gxC2RBjBKPwxow2vambX2wX+CPZjRLt4NZMtr+f2bbmARnFCo/v3eRsPyS0JH12rulCjsr5LIQPNrvwt3MBukJtjlim+A82Bo9I2DgrIS9B1+gITDv42IX5px8tCUDTbVR2J6Yk61l/LMCVXt34MUCVLH7mYt71W1ejDyL4Ow4Ls~3293761~4342328; rxVisitor=1713274290937A7R6R3LAF697QOVKMJMDGTMITTEUMT0A; dtLatC=509; dtSa=-; dtCookie=v_4_srv_104_sn_D31AC96E3DF032551F710E6D44416A15_app-3Af32f70c4a19cb7f4_1_ol_0_perc_100000_mul_1_rcs-3Acss_0; _abck=AD827B41E34AB180244EB157C2E73EBF~0~YAAQUGgBFxym8NWOAQAAohcb5wu2ZGB60GcxQTa+6qpnA6FyqN4LrC5qrO0RImU4BIA5aiW5kpMSaiSyndfm39JpVX1S9C5VrOKKlePm9qqeBP9bYW6Iy7qKpBsP3xUYB36lvGG30+nKugXF2BlliLDzfCwaXSu1mXM8QrQC/1pLZU9IMUL+Xd7YLjPlWK7R8OkqushCcrWmU0Z8UNvySw6H36ckn7kVb74EibUOlgNgtg3l8YqVIigkF1WhtKEz6PsqbZ8oa/aADoHU3xYQBLcjAXjQkb8zA7V6/swvOTxG9IFfROLdI5inH5Ekc1pUAyTn1mvUZihn7Z+D5+RQBw6w7sE/nU7wgoFoU8sLmvC19Zmav3geNzaUhXZ5j7rF/R3U84iksSTiDDNRG6kw2MqWYlSBD4zoUiPFl9c7ypAI~-1~-1~-1; rxvt=1713276099040\|1713274290940; dtPC=$274290934_630h-vCCRUAIBSCBAUJCNRSUGTAFBDWCRAFKQA-0e0; s_pers=%20s_tslv%3D1713274301817%7C1776346301817%3B; s_sess=%20s_tp%3D1568%3B%20s_ppv%3Dus%25257Coneamex%25257Cser%25257Chelp%252C58%252C58%252C907%3B%20omn_extlink%3Dus-em-serv-footer-helpcenter%3B%20omn_inav%3DiNUtlContact%3B; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1; s_ecid=MCMID%7C14483685490011032432048978651132711855; AMCV_5C36123F5245AF470A490D45%40AdobeOrg=870038026%7CMCMID%7C14483685490011032432048978651132711855%7CMCAAMLH-1713879102%7C7%7CMCAAMB-1713879102%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1713281502s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.0.0
Source: global traffic	HTTP traffic detected: GET /b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s6959995791769?AQB=1&ndh=1&pf=1&t=16%2F3%2F2024%2015%3A31%3A42%202%20-120&mid=14483685490011032432048978651132711855&aamlh=7&ce=UTF-8&cl=34128000&pageName=us%7Coneamex%7Cser%7Chelp&g=https%3A%2F%2Fglobal.americanexpress.com%2Fhelp%3Finav%3DiNUtlContact%26extlink%3Dus-em-serv-footer-helpcenter%26extlink%3Dus-em-serv-footer-helpcenter%26&c.&visitorCheck=VisitorAPI%20Present&cm.&ssf=1&.cm&omn.&lob=ser&country=us&language=en&extlink=us-em-serv-footer-helpcenter&inav=iNUtlContact&.omn&.c&h.&architecture=x86&bitness=64&platformVersion=10.0.0&.h&cc=USD&server=global.americanexpress.com&v0=extlink%3Dus-em-serv-footer-helpcenter&events=event140%2Cevent45&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&h1=us%7Coneamex%7Cser&c3=en&c4=US&c6=D%3Dv6&v8=iNUtlContact&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c19=US%7Coneamex%7Cser&v21=US%3ALegacy%20Non-Search&c24=US%7Coneamex%7Cser&v27=US&c30=US%7Coneamex%7Cser&c31=US&c38=US%7Coneamex%7Cser&c43=New%20Visitor&c44=D%3Dv44&v45=prospect&c46=DLS%20Navigation&c49=Launch-OneAmex%3Av1.4.9-AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-SS%3AY-msuite%3Atrue-PD%3A2024-04-03&c50=non-authenticated&c56=oneamex%3Adesktop&v60=1280&v61=landscape&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v71=us%7Coneamex%7Cser%7Chelp&v72=n%2Fa&v74=us%7Coneamex%7Cser%7Chelp&c75=Launch&v75=14483685490011032432048978651132711855&v94=D%3Dagent-id&v140=UCM%3A%20en-US%7C%20docEle%3A%20en-US%7C&v142=1713274290937A7R6R3LAF697QOVKMJMDGTMITTEUMT0A&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=907&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1 HTTP/1.1Host: omns.americanexpress.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TS0114bdae=0144d4a839586b141b989af62e52371e6fc307f9d3a5061f1757c48d9180280c953015a6c6dc95d5b236407f09d657189c894cb579; agent-id=75ae5b53-68cf-4749-8f79-9c43a50fd031; bm_sz=6F6A31595189F7CEAF8A71424DC072A4~YAAQT2gBF03jz8qOAQAA+PQa5xdLqqvmjQo3qql/RSrk+NqgjmVtGRIpJ5fdyCwxL0VXYKaP3pbR9g9uEQWh5UXeVA9Y7V1m7P4NNPA2wKeGfYWBW+KWNGyMZxqUZSy9uAImtIyhIACEkuWppPtqSOdH4vOm1jvnIpZNwdjJ40gWe4OdNk+2mZF9LZGpSPN5W63KHWQIvJ4iH5vJLvoAaS+w4fiJUQj52oL6gxC2RBjBKPwxow2vambX2wX+CPZjRLt4NZMtr+f2bbmARnFCo/v3eRsPyS0JH12rulCjsr5LIQPNrvwt3MBukJtjlim+A82Bo9I2DgrIS9B1+gITDv42IX5px8tCUDTbVR2J6Yk61l/LMCVXt34MUCVLH7mYt71W1ejDyL4Ow4Ls~3293761~4342328; rxVisitor=1713274290937A7R6R3LAF697QOVKMJMDGTMITTEUMT0A; dtLatC=509; dtSa=-; dtCookie=v_4_srv_104_sn_D31AC96E3DF032551F710E6D44416A15_app-3Af32f70c4a19cb7f4_1_ol_0_perc_100000_mul_1_rcs-3Acss_0; _abck=AD827B41E34AB180244EB157C2E73EBF~0~YAAQUGgBFxym8NWOAQAAohcb5wu2ZGB60GcxQTa+6qpnA6FyqN4LrC5qrO0RImU4BIA5aiW5kpMSaiSyndfm39JpVX1S9C5VrOKKlePm9qqeBP9bYW6Iy7qKpBsP3xUYB36lvGG30+nKugXF2BlliLDzfCwaXSu1m
Source: global traffic	HTTP traffic detected: GET /b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s67650161295375?AQB=1&ndh=1&pf=1&t=16%2F3%2F2024%2015%3A31%3A42%202%20-120&mid=14483685490011032432048978651132711855&aamlh=7&ce=UTF-8&cl=34128000&pageName=us%7Coneamex%7Cser%7Chelp&g=https%3A%2F%2Fglobal.americanexpress.com%2Fhelp%3Finav%3DiNUtlContact%26extlink%3Dus-em-serv-footer-helpcenter&c.&cm.&ssf=1&.cm&omn.&identifier=axp-myca-route-config&element=credo-rampup&lob=ser&detail=ineligible&.omn&.c&cc=USD&events=event141&c3=en&c4=US&v4=axp-myca-route-config&v5=us%3E%3Eaxp-myca-route-config%3E%3Eimpression%3E%3Ecredo-rampup%3E%3Eineligible&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=axp-myca-route-config&c22=us%3E%3Eaxp-myca-route-config%3E%3Eimpression%3E%3Ecredo-rampup%3E%3Eineligible&v27=US&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.4.9-AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-SS%3AY-msuite%3Atrue-PD%3A2024-04-03&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=us%7Coneamex%7Cser%7Chelp&v75=14483685490011032432048978651132711855&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=907&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1 HTTP/1.1Host: omns.americanexpress.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TS0114bdae=0144d4a839586b141b989af62e52371e6fc307f9d3a5061f1757c48d9180280c953015a6c6dc95d5b236407f09d657189c894cb579; agent-id=75ae5b53-68cf-4749-8f79-9c43a50fd031; bm_sz=6F6A31595189F7CEAF8A71424DC072A4~YAAQT2gBF03jz8qOAQAA+PQa5xdLqqvmjQo3qql/RSrk+NqgjmVtGRIpJ5fdyCwxL0VXYKaP3pbR9g9uEQWh5UXeVA9Y7V1m7P4NNPA2wKeGfYWBW+KWNGyMZxqUZSy9uAImtIyhIACEkuWppPtqSOdH4vOm1jvnIpZNwdjJ40gWe4OdNk+2mZF9LZGpSPN5W63KHWQIvJ4iH5vJLvoAaS+w4fiJUQj52oL6gxC2RBjBKPwxow2vambX2wX+CPZjRLt4NZMtr+f2bbmARnFCo/v3eRsPyS0JH12rulCjsr5LIQPNrvwt3MBukJtjlim+A82Bo9I2DgrIS9B1+gITDv42IX5px8tCUDTbVR2J6Yk61l/LMCVXt34MUCVLH7mYt71W1ejDyL4Ow4Ls~3293761~4342328; rxVisitor=1713274290937A7R6R3LAF697QOVKMJMDGTMITTEUMT0A; dtLatC=509; dtSa=-; dtCookie=v_4_srv_104_sn_D31AC96E3DF032551F710E6D44416A15_app-3Af32f70c4a19cb7f4_1_ol_0_perc_100000_mul_1_rcs-3Acss_0; _abck=AD827B41E34AB180244EB157C2E73EBF~0~YAAQUGgBFxym8NWOAQAAohcb5wu2ZGB60GcxQTa+6qpnA6FyqN4LrC5qrO0RImU4BIA5aiW5kpMSaiSyndfm39JpVX1S9C5VrOKKlePm9qqeBP9bYW6Iy7qKpBsP3xUYB36lvGG30+nKugXF2BlliLDzfCwaXSu1mXM8QrQC/1pLZU9IMUL+Xd7YLjPlWK7R8OkqushCcrWmU0Z8UNvySw6H36ckn7kVb74EibUOlgNgtg3l8YqVIigkF1WhtKEz6PsqbZ8oa/aADoHU3xYQBLcjAXjQkb8zA7V6/swvOTxG9IFfROLdI5inH5Ekc1pUAyTn1mvUZihn7Z+D5+RQBw6w7sE/nU7wgoFoU8sLmvC19Zmav3geNzaUhXZ5j7rF/R3U84iksSTiDDNRG6kw2MqWYlSBD4zoUi
Source: global traffic	HTTP traffic detected: GET /b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s67650161295375?AQB=1&ndh=1&pf=1&t=16%2F3%2F2024%2015%3A31%3A42%202%20-120&mid=14483685490011032432048978651132711855&aamlh=7&ce=UTF-8&cl=34128000&pageName=us%7Coneamex%7Cser%7Chelp&g=https%3A%2F%2Fglobal.americanexpress.com%2Fhelp%3Finav%3DiNUtlContact%26extlink%3Dus-em-serv-footer-helpcenter&c.&cm.&ssf=1&.cm&omn.&identifier=axp-myca-route-config&element=credo-rampup&lob=ser&detail=ineligible&.omn&.c&cc=USD&events=event141&c3=en&c4=US&v4=axp-myca-route-config&v5=us%3E%3Eaxp-myca-route-config%3E%3Eimpression%3E%3Ecredo-rampup%3E%3Eineligible&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=axp-myca-route-config&c22=us%3E%3Eaxp-myca-route-config%3E%3Eimpression%3E%3Ecredo-rampup%3E%3Eineligible&v27=US&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.4.9-AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-SS%3AY-msuite%3Atrue-PD%3A2024-04-03&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=us%7Coneamex%7Cser%7Chelp&v75=14483685490011032432048978651132711855&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=907&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1 HTTP/1.1Host: omns.americanexpress.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TS0114bdae=0144d4a839586b141b989af62e52371e6fc307f9d3a5061f1757c48d9180280c953015a6c6dc95d5b236407f09d657189c894cb579; agent-id=75ae5b53-68cf-4749-8f79-9c43a50fd031; bm_sz=6F6A31595189F7CEAF8A71424DC072A4~YAAQT2gBF03jz8qOAQAA+PQa5xdLqqvmjQo3qql/RSrk+NqgjmVtGRIpJ5fdyCwxL0VXYKaP3pbR9g9uEQWh5UXeVA9Y7V1m7P4NNPA2wKeGfYWBW+KWNGyMZxqUZSy9uAImtIyhIACEkuWppPtqSOdH4vOm1jvnIpZNwdjJ40gWe4OdNk+2mZF9LZGpSPN5W63KHWQIvJ4iH5vJLvoAaS+w4fiJUQj52oL6gxC2RBjBKPwxow2vambX2wX+CPZjRLt4NZMtr+f2bbmARnFCo/v3eRsPyS0JH12rulCjsr5LIQPNrvwt3MBukJtjlim+A82Bo9I2DgrIS9B1+gITDv42IX5px8tCUDTbVR2J6Yk61l/LMCVXt34MUCVLH7mYt71W1ejDyL4Ow4Ls~3293761~4342328; rxVisitor=1713274290937A7R6R3LAF697QOVKMJMDGTMITTEUMT0A; dtLatC=509; dtSa=-; dtCookie=v_4_srv_104_sn_D31AC96E3DF032551F710E6D44416A15_app-3Af32f70c4a19cb7f4_1_ol_0_perc_100000_mul_1_rcs-3Acss_0; _abck=AD827B41E34AB180244EB157C2E73EBF~0~YAAQUGgBFxym8NWOAQAAohcb5wu2ZGB60GcxQTa+6qpnA6FyqN4LrC5qrO0RImU4BIA5aiW5kpMSaiSyndfm39JpVX1S9C5VrOKKlePm9qqeBP9bYW6Iy7qKpBsP3xUYB36lvGG30+nKugXF2BlliLDzfCwaXSu1mXM8QrQC/1pLZU9IMUL+Xd7YLjPlWK7R8OkqushCcrWmU0Z8UNvySw6H36ckn7kVb74EibUOlgNgtg3l8YqVIigkF1WhtKEz6PsqbZ8oa/aADoHU3xYQBLcjAXjQkb8zA7V6/swvOTxG9IFfROLdI5inH5Ekc1pUAyTn1mvUZihn7Z+D5+RQBw6w7sE/nU7wgoFoU8sLmvC19Zmav3geNzaUhXZ5j7rF/R3U84iksSTiDDNRG6kw2MqWYlSBD4zoUiPFl9c7ypAI~-1~-1~-1; rxvt=1713276099040\|1713274290940; dtPC=$274290934_630h-vCCRUAIBSCBAUJCNRSUGTAFBDWCRAFKQA-0e0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1; s_ecid=MCMID%7C144836854900110324320489
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiSocsBCIWgzQEI3L3NAQjpxc0BCJHKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/ddljson?async=ntp:2 HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiSocsBCIWgzQEI3L3NAQjpxc0BCJHKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sorry/index?continue=https://www.google.com/async/newtab_ogb%3Fhl%3Den-US%26async%3Dfixed:0&hl=en-US&q=EgRRtTk0GNv7-bAGIjCutrdc__jP0Ewy3i-m2egggo-7ZmryQzEGXexmB4-11OBM3nprFLRWxeudB_gRK98yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiSocsBCIWgzQEI3L3NAQjpxc0BCJHKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-04-16-13; NID=513=HiYTcYVFE12zfZ5RF4UZiNIh43EgTh3zpY5SDtyZHLD4cR6h-fHb5eXqkaLQaQss9tPU_nAzWqJ-r8tm2nzuwJVuJgSg8m80omXLQLI9kC-mLI67INlpFzc2Xm6nACmdJHvvKlrhu1n0my3amXjvrdO281LsrYSdSQJKKM41sZY
Source: global traffic	HTTP traffic detected: GET /sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgRRtTk0GNv7-bAGIjDiFp97vxk7IW7qwjFYYBhxwkHmojLuIhALKDnO0DQ2z_YXRZ4ybx5vwHqH-UJyuSIyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-04-16-13; NID=513=ggn58Oi5KKSghXHMWIYnjVKSl7PEG1cKs3hmIzSRQ1Tn7Ea15F50Zfg1_H_HHMd7_w5NryrE4_eTvXY49r5G-ejab8dhmje4SCAwDOesgz5bjWCTGZWonX8-SeCEBBb32Xu0tJ7bttTzafiejNdUEbMwb3nwPE4IF65UK62RK3A
Source: global traffic	HTTP traffic detected: GET /sorry/index?continue=https://www.google.com/async/ddljson%3Fasync%3Dntp:2&q=EgRRtTk0GNv7-bAGIjAB5ca-1h2npjbKyRJrY0x7oVX9EvE_hx3CS29R-qtGI7R0K5dKFNaff9s5a-f5vCUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-04-16-13; NID=513=KR6K9V6ZtjZf1vKqUgOCyawpR6eIS5pHtrHBKK9hd2Rn181bbOmhSJTXvOXsy0He6WiQB6xc2uxrxNpsVJc7iR0T1Sq2l-jZJtKYV9vxzkzWvlEx8rLgeFKLa2eT8r9bC8N6WSS2AirqkYi_QNeD-iS3ZnAW1KNqcfFonpYaKoQ
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiSocsBCIWgzQEI3L3NAQjpxc0BCJHKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-04-16-13; NID=513=KR6K9V6ZtjZf1vKqUgOCyawpR6eIS5pHtrHBKK9hd2Rn181bbOmhSJTXvOXsy0He6WiQB6xc2uxrxNpsVJc7iR0T1Sq2l-jZJtKYV9vxzkzWvlEx8rLgeFKLa2eT8r9bC8N6WSS2AirqkYi_QNeD-iS3ZnAW1KNqcfFonpYaKoQ
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=7&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiSocsBCIWgzQEI3L3NAQjpxc0BCJHKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-04-16-13; NID=513=KR6K9V6ZtjZf1vKqUgOCyawpR6eIS5pHtrHBKK9hd2Rn181bbOmhSJTXvOXsy0He6WiQB6xc2uxrxNpsVJc7iR0T1Sq2l-jZJtKYV9vxzkzWvlEx8rLgeFKLa2eT8r9bC8N6WSS2AirqkYi_QNeD-iS3ZnAW1KNqcfFonpYaKoQ

Source: unknown

DNS traffic detected: queries for: global.americanexpress.com

Source: chromecache_282.1.dr, chromecache_157.1.dr, chromecache_222.1.dr	String found in binary or memory: http://feross.org
Source: chromecache_247.1.dr, chromecache_223.1.dr	String found in binary or memory: http://jedwatson.github.io/classnames
Source: chromecache_245.1.dr	String found in binary or memory: http://underscorejs.org/LICENSE
Source: chromecache_237.1.dr, chromecache_248.1.dr	String found in binary or memory: https://americanexpress.com/en-us/banking/business/checking/accounts/
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/98caf8fccc463fd7e47088b35e73b27720bb5cc1/satelliteLib-4454a9ef97c1c8cd89
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/98caf8fccc463fd7e47088b35e73b27720bb5cc1/satelliteLib-bea3c9697c62409967
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/98caf8fccc463fd7e47088b35e73b27720bb5cc1/satelliteLib-c5299abd23ef05bd6d
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/98caf8fccc463fd7e47088b35e73b27720bb5cc1/satelliteLib-f424e4c1e880782914
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/dcb19cbd6cbf/333b39a46679/launch-df6a13efe609-staging.min.js
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/dcb19cbd6cbf/61650f53735f/launch-77374eae9c9b-staging.min.js
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/dcb19cbd6cbf/66bfa1f1c370/launch-a84bcfcd9f88-staging.min.js
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/dcb19cbd6cbf/6ea2f89ca33d/launch-25c1ded7854b-staging.min.js
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/dcb19cbd6cbf/6ea2f89ca33d/launch-ffeccfbfebd3.min.js
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/dcb19cbd6cbf/8e98299b4e37/launch-186af9da7404-staging.min.js
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/dcb19cbd6cbf/8e98299b4e37/launch-f60a62d583bd.min.js
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/dcb19cbd6cbf/8fe231718838/launch-5a77dcd96b5f-staging.min.js
Source: chromecache_230.1.dr	String found in binary or memory: https://cdaas-dev.americanexpress.com/cdaas/api/axpi/omniture/launch/1.4.9/launch-688f678fbf27-stagi
Source: chromecache_163.1.dr	String found in binary or memory: https://cdaas-dev.americanexpress.com/one/axp-script-supplier/5.1.5/script-supplier.js
Source: chromecache_282.1.dr, chromecache_157.1.dr, chromecache_222.1.dr	String found in binary or memory: https://feross.org/opensource
Source: chromecache_240.1.dr	String found in binary or memory: https://github.com/facebook/regenerator/blob/main/LICENSE
Source: chromecache_244.1.dr, chromecache_284.1.dr, chromecache_222.1.dr	String found in binary or memory: https://github.com/js-cookie/js-cookie
Source: chromecache_237.1.dr, chromecache_248.1.dr	String found in binary or memory: https://global.americanexpress.com/banking/dashboard
Source: chromecache_237.1.dr, chromecache_248.1.dr	String found in binary or memory: https://global.americanexpress.com/card-benefits/view-all?opaqueAccountId=
Source: chromecache_237.1.dr, chromecache_248.1.dr	String found in binary or memory: https://global.americanexpress.com/customer/profile
Source: chromecache_237.1.dr, chromecache_248.1.dr	String found in binary or memory: https://global.americanexpress.com/dashboard
Source: chromecache_237.1.dr, chromecache_248.1.dr	String found in binary or memory: https://global.americanexpress.com/overview
Source: chromecache_258.1.dr, chromecache_151.1.dr	String found in binary or memory: https://global.americanexpress.com/payments/pay
Source: chromecache_216.1.dr	String found in binary or memory: https://iwmapapi.americanexpress.com/beacon
Source: chromecache_245.1.dr	String found in binary or memory: https://lodash.com/
Source: chromecache_245.1.dr	String found in binary or memory: https://lodash.com/license
Source: chromecache_245.1.dr	String found in binary or memory: https://openjsf.org/
Source: chromecache_230.1.dr	String found in binary or memory: https://qwww.aexp-static.com/cdaas/api/axpi/omniture/adobe/launch/intranet/1.4.1/launch-80e343e58fb8
Source: chromecache_230.1.dr	String found in binary or memory: https://qwww.aexp-static.com/cdaas/api/axpi/omniture/launch/1.4.9/launch-688f678fbf27-staging.min.js
Source: chromecache_163.1.dr	String found in binary or memory: https://qwww.aexp-static.com/cdaas/one/axp-script-supplier/5.1.5/script-supplier.js
Source: chromecache_282.1.dr, chromecache_222.1.dr	String found in binary or memory: https://raw.githubusercontent.com/stefanpenner/es6-promise/master/LICENSE
Source: chromecache_240.1.dr	String found in binary or memory: https://ucmapi.americanexpress.com/api/consent/ext/record/
Source: chromecache_240.1.dr	String found in binary or memory: https://ucmapi.americanexpress.com/api/consent/management/
Source: chromecache_163.1.dr	String found in binary or memory: https://ucmapi.americanexpress.com/api/consent/management/report/error
Source: chromecache_240.1.dr	String found in binary or memory: https://ucmapi.americanexpress.com/api/v1/geo_location/check
Source: chromecache_230.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/api/axpi/omniture/adobe/launch/intranet/1.4.1/launch-355955701c68.
Source: chromecache_275.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.4.9/dcb19cbd6cbf/b4385da1798a/74e098123
Source: chromecache_230.1.dr, chromecache_287.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.4.9/launch-b363d6c28b7c.min.js
Source: chromecache_269.1.dr, chromecache_221.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/adobe-wrapper/1.6.6/adobe-wrapper.js
Source: chromecache_191.1.dr, chromecache_140.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/one/axp-chat-bootstrap/1.5.1/chatTaggingBootStrap.js
Source: chromecache_196.1.dr, chromecache_289.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/one/axp-chat-router/1.1.5/chatWrapper.js
Source: chromecache_163.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.5/script-supplier.js
Source: chromecache_252.1.dr, chromecache_156.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.2.0/dxt-script-supplier-helper.js
Source: chromecache_152.1.dr, chromecache_232.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/one/one-stream-data-handler/0.1.2/oneStream.js
Source: chromecache_290.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/one/qualtrics/1.71.0/
Source: chromecache_243.1.dr, chromecache_285.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/one/qualtrics/1.71.0/qualtricsIntercept.js
Source: chromecache_153.1.dr, chromecache_169.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/user-consent-management/ucm/v1.13.0/UCM.js
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/be/fr/legal/politique-cookie.html?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/be/nl/legal/cookiebeleid.html?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/content/dam/amex/us/company/Privacy/California_Privacy_Notice.pdf
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/cz-cz/spolecnost/pravni/centrum-ochrany-osobnich-udaju/o-souborech-c
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/da-dk/selskab/legal/privatlivspolitik/angaende-cookies?showoverlay=f
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/de-at/firma/legal/datenschutz-center/cookie-informationen?showoverla
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/en-ca/company/legal/privacy-centre/about-cookies/?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/en-ca/company/legal/privacy-centre/privacy-statement/?showoverlay=fa
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/en-cz/company/legal/privacy-centre/about-cookies/?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/en-hu/company/legal/privacy-centre/about-cookies/?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/en-pl/company/legal/privacy-centre/about-cookies/?showoverlay=false
Source: chromecache_237.1.dr, chromecache_248.1.dr	String found in binary or memory: https://www.americanexpress.com/en-us/banking/personal/savings/dashboard
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/es/legal/informacion-sobre-los-cookies.html?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/fi/legal/yksityisyys/cookies/index.html?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/fr-ca/societes/legale/centre-de-confidentialite/a-propos-des-cookies
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/fr-ca/societes/legale/centre-de-confidentialite/declaration-de-confi
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/fr/legal/about-cookies.html?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/germany/legal/about_cookies.shtml?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/hu-hu/ceg/jogi/adatvedelem/a-sutikrol/index.html?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/icc/cookies.html?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/italy/legal/about_cookies.shtml?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/nl/about-cookies.html?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/no/legal/personvern/cookies/index.html?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/pl-pl/firma/prawny/centrum-prywatnosci/o-ciasteczkach/?showoverlay=f
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/se/legal/sekretess/cookies/index.html?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/uk/legal/about-cookies.shtml?showoverlay=false
Source: chromecache_258.1.dr, chromecache_151.1.dr	String found in binary or memory: https://www.americanexpress.com/us/credit-cards/
Source: chromecache_258.1.dr, chromecache_151.1.dr	String found in binary or memory: https://www.americanexpress.com/us/merchant/merchant-home.html
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/us/privacy-center/
Source: chromecache_258.1.dr, chromecache_151.1.dr	String found in binary or memory: https://www.americanexpress.com/us/small-business/
Source: chromecache_141.1.dr, chromecache_233.1.dr	String found in binary or memory: https://www.dynatrace.com/company/trust-center/customers/reports/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49697
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49693
Source: unknown	Network traffic detected: HTTP traffic on port 49679 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49693 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900

Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.18:49693 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.18:49697 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.18:49698 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.18:49705 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@15/230@52/11

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://global.americanexpress.com/help?inav=iNUtlContact&extlink=us-em-serv-footer-helpcenter
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1776 --field-trial-handle=1948,i,17101978054004084476,12410038309744272020,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1776 --field-trial-handle=1948,i,17101978054004084476,12410038309744272020,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
63.140.39.72	unknown	United States	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
192.243.240.8	commerce.ss-omtrdc.net	United States	15224	OMNITUREUS	false
52.4.85.254	dcs-public-edge-va6-158015560.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
63.140.38.236	americanexpress.com.ssl.d2.sc.omtrdc.net	United States	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
3.223.253.145	unknown	United States	14618	AMAZON-AESUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
64.233.177.103	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.18
192.168.2.4
192.168.2.6
192.168.2.5

Contacted Domains

Name	IP	Active
dcs-public-edge-va6-158015560.us-east-1.elb.amazonaws.com	52.4.85.254	true
www.google.com	64.233.177.103	true
americanexpress.com.ssl.d2.sc.omtrdc.net	63.140.38.236	true
commerce.ss-omtrdc.net	192.243.240.8	true
sp100500b5.guided.ss-omtrdc.net	unknown	unknown
graph.americanexpress.com	unknown	unknown
assets.adobedtm.com	unknown	unknown
siteintercept.qualtrics.com	unknown	unknown
dynatracepsg.americanexpress.com	unknown	unknown
mycaoneslinger.americanexpress.com	unknown	unknown
iwmapapi.americanexpress.com	unknown	unknown
inbound.americanexpress.com	unknown	unknown
apigw.americanexpress.com	unknown	unknown
omns.americanexpress.com	unknown	unknown
one-xp.americanexpress.com	unknown	unknown
functions.americanexpress.com	unknown	unknown
global.americanexpress.com	unknown	unknown
dpm.demdex.net	unknown	unknown
www.aexp-static.com	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=7&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false	high
https://www.google.com/async/newtab_promos	false	high
https://www.google.com/sorry/index?continue=https://www.google.com/async/ddljson%3Fasync%3Dntp:2&q=EgRRtTk0GNv7-bAGIjAB5ca-1h2npjbKyRJrY0x7oVX9EvE_hx3CS29R-qtGI7R0K5dKFNaff9s5a-f5vCUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM	false	high
https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_ogb%3Fhl%3Den-US%26async%3Dfixed:0&hl=en-US&q=EgRRtTk0GNv7-bAGIjCutrdc__jP0Ewy3i-m2egggo-7ZmryQzEGXexmB4-11OBM3nprFLRWxeudB_gRK98yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM	false	high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false	high
https://www.google.com/async/ddljson?async=ntp:2	false	high
https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgRRtTk0GNv7-bAGIjDiFp97vxk7IW7qwjFYYBhxwkHmojLuIhALKDnO0DQ2z_YXRZ4ybx5vwHqH-UJyuSIyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM	false	high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false	high
https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1713274301023	false	high
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1713274301023	false	high
https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0	false	high

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 16 12:31:29 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide	9605D0D46C324E8C22065EE1F6EF3349	A646C3B8945E05BFE52D61024E07EB2A332E453E	DAD9D10B1E9E6D99CA3B388ABF2A06479AE38B56FEC64C1BDC37988E16AAF280
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 16 12:31:28 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide	F75B96DDC7C4DB17A398B358FC6EA6F7	2FE7247F123CB18B477C783FAF5D92CC1C5D2023	DD8C7B2A2A9515E32C65E3465C66A1C285AEF2B1785788503B37759D76FE4090
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 09:23:19 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide	12B035EE9D34CFE32C85204DA7D3F48F	63865207A8F822307C668CD026D5DB775D0CA40A	D92BCAFCFF2811237E27F7E1533065BF87636CEFA18CCACEEF936457A3F65DE9
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 16 12:31:28 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide	55CB3AD2EAF26B14F20B96B4FE6ED35F	A66AF5796849BC0D9B22C7F5505A3D413B542217	61CCE03385F14894A2CEB01BE3BC9CA03F48B045116414AF6B2A629E0F3C84B6
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 16 12:31:28 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide	B78FD461D34D2B16A39BC600FE3DC72C	71C712255888A26DAA2B6474C84C7CE2483DBFED	06F89015149EAA3E9CDB60F127FA2D88CBB3D4F9A1885935B6C4C2A3DF2DFEB9
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 16 12:31:28 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide	98D28EACEAE5483E9BAB89C5E4A8486A	A9EF56C9A9FDCD73C479ACB23F4C7821E2E15F99	23EBABC911C99467D58A960D0358D8F5734646BD1BE058D5A6E980E1D3F44B63
Chrome Cache Entry: 140	JSON data	A4AB9F0C2F8408A0818D4844956F5F6C	3E44C4928E114A9606BA14B358A738F9131907E8	28F0C4EFA9766F9DCB0D4AF99B18712CD4FBCEBAD0E6A08CE5CB2453AC687233
Chrome Cache Entry: 141	ASCII text, with very long lines (680)	CDB83B59516DFEA9F21B126EFBEFA7D2	A163016416623AE63CCCF81B73337108F9507392	BC7B03745F761929AF869C573481E525E7BA55DD53EFC6E3DBA9C498FE6D65C4
Chrome Cache Entry: 142	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 143	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 144	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 145	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 146	SVG Scalable Vector Graphics image	56ADDBA553083EB384B100CBB7E8632F	F718526F1EF720E5D361536615595D5BFC3C9688	5E60A20DA0F769A6260D4ED755D615DA930B87C62436F807A6FF32D000017D18
Chrome Cache Entry: 147	ASCII text, with very long lines (41012)	7982201F3E9F745713CF05B4F1465856	B917702ECE16A99E47739593097B4B39C832CD98	4BB807147DDC9DC841CC85CD82A6FA358F7026EB816FFDDE9DEE28BBB9D139E3
Chrome Cache Entry: 148	SVG Scalable Vector Graphics image	EBBBAFAE5BDC09D7DED7CEF405413AC5	7A635ABED6420B798397C62270D2DF8B084CD8A8	C39E8554624A4B74E596D2BFA96BDD4D30DBC395532AB32E67591C0E929080E9
Chrome Cache Entry: 149	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 150	Unicode text, UTF-8 text, with very long lines (40329), with NEL line terminators	381DA5E0B14ECE1C087AECD3B0D2D848	89FE842A21A3BA7C1DC5C7088AD6D11F9D8784B3	B0AB52F743FC882135C31B4A91E07812A5867913A4FF18FCF94FA27B698B6423
Chrome Cache Entry: 151	JSON data	9E068F69BD8A51028FBA9B1C0455D8C9	A7766CE3FC948F609A877AB9638AE2700566B792	697E7578FA14BCB5A73427770C46DD902BFD15C51E505122FFF1C7D7136F8F4F
Chrome Cache Entry: 152	JSON data	A83FEDC7AE7025DAB4E758A079961BDE	0BB8BBEB90F1683C410FEFB27CB0FD2750E87E9D	19A9D930E0E8C2D6C16D7D296CF2D5D341B4CA9D6DF2F815E6AB11456DE8FF1E
Chrome Cache Entry: 153	JSON data	916F4DEB59BD17DE8B5474BCCB93C39F	198C8B3A77F4647A87FFDDC549ACB82B99CB2DE3	40ED13E02BA025D1293A29A08A785179FF0B4A21F6802CB39711023FF6B915E8
Chrome Cache Entry: 154	ASCII text, with very long lines (12703)	86501B2C04C72959CD4AD824AE804771	36A7AC2A80F511DAB377BBDDF3D1BBE30EC0F3B9	CCB3CF1A9B2D8CCC5DCFD5CF80751D6139BBFE2BEB888D833BE2D28C20C99C7E
Chrome Cache Entry: 155	ASCII text, with very long lines (65536), with no line terminators	D4F6C3591835EB7DD537E0B4DC46B49D	402D69BFC83C2477B72FA978D01045A124E5BAF5	5697EC2A5B964C283B604E35B4B9A8E550014FD6EBD602A849FD85038113D78B
Chrome Cache Entry: 156	JSON data	3C3FFDD00A241A4637D5C36435AED73C	399BC3C37EC9C8BF2772EB4ACA35D0E0921CC0B3	DDBE6A3D2794E31BBB8D7F118DCA9C6F8E6770DAE7F4C9AC9FAE08B1EC6BDFC0
Chrome Cache Entry: 157	Unicode text, UTF-8 text, with very long lines (65136), with no line terminators	3460B0C59C7707177C8100A8D7F5D925	81D9DF4663E40737C665D082D05802FF82D9A40C	13687146052EC7F8A23CD264CF738DDE092C6942518393E1D930216B937B849A
Chrome Cache Entry: 158	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 159	ASCII text, with very long lines (44065)	8AEB4299F600809BE0740DD93FDBE970	F0BA67105B388D4B9DA780A4834C536267E4BF7B	3255E264E95AD7288BCD07523494D314E8D248F7187E9AEDFE379D8EB4CC2277
Chrome Cache Entry: 160	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 161	ASCII text, with very long lines (6634)	11035D0E5B17C7D24618CC621868835B	FAD32FE8FC600ECCE0B068C6280093EDA0267799	F449F148911AE735D587601C573A6552193C154666AE58390ABB3517A3368719
Chrome Cache Entry: 162	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 163	ASCII text, with very long lines (4077)	DB08D8B5895C0DD60233A9B11B8C156A	0660A05DEB8AFBB27394D3AFC8378F8673D74CDC	EAED4F52B8EA307E4EE27BE3AA82190943C46CB3F231AD2DADCAFEDF57E336AB
Chrome Cache Entry: 164	ASCII text, with no line terminators	C3F64CB2A8B00CBBC30CE2908208A29D	E4AA7CAB67F4CF5FA52371DDC25A75AAFD4D0CCC	391601283994BCD9486160BF8A5637410D280E1BDDD3AEF5428454976E193E81
Chrome Cache Entry: 165	ASCII text, with very long lines (798)	0C7474E943BA61BC15220EFC747603F3	B0E8818001473C56A2F1A263897D5063D645F8D4	235AA8E1E12E66C66A1C3E94D813796101342C8C020141F452838EA9CB0A6122
Chrome Cache Entry: 166	SVG Scalable Vector Graphics image	EBBBAFAE5BDC09D7DED7CEF405413AC5	7A635ABED6420B798397C62270D2DF8B084CD8A8	C39E8554624A4B74E596D2BFA96BDD4D30DBC395532AB32E67591C0E929080E9
Chrome Cache Entry: 167	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 168	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 169	JSON data	916F4DEB59BD17DE8B5474BCCB93C39F	198C8B3A77F4647A87FFDDC549ACB82B99CB2DE3	40ED13E02BA025D1293A29A08A785179FF0B4A21F6802CB39711023FF6B915E8
Chrome Cache Entry: 170	Unicode text, UTF-8 text, with very long lines (59929), with no line terminators	6D75E7E599BE3E8E4D734CC065828542	E49EF347960015029A81D76B018B442B5A51D6A6	508F9192CCCE348B4D9C32B457786E379179ACD8A2E9A713F854AF51633026EB
Chrome Cache Entry: 171	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 172	SVG Scalable Vector Graphics image	7C6C3493F958764FD6B2A550A98AB676	0D89801FF7089BCFDDDA2F22AB37DA7155948FF7	56B8E90244C34621E294D3357EDFEF9A1467E501773ED21B25DC6367AB3D7803
Chrome Cache Entry: 173	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 174	SVG Scalable Vector Graphics image	56ADDBA553083EB384B100CBB7E8632F	F718526F1EF720E5D361536615595D5BFC3C9688	5E60A20DA0F769A6260D4ED755D615DA930B87C62436F807A6FF32D000017D18
Chrome Cache Entry: 175	SVG Scalable Vector Graphics image	3BEAADDE493A5B5E04CF63A8EDCFD843	65D4ACB7F820FB9A138051BF1D3A05C64C99254F	29653CF655DF984EEE259080F3070A84E439E90366E8FD3C151EE86160061747
Chrome Cache Entry: 176	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 177	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 178	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 179	Unicode text, UTF-8 text, with very long lines (3256), with no line terminators	906BFED938B60BC6BF81C2920DF2A978	BAA18C98FC9CD22DA63B84F20FD59FC145DD3A46	FD1CFCBE8D0296731FE667940D29BBD235EBDA7D1CC3B21690D01FD84F09B30B
Chrome Cache Entry: 180	SVG Scalable Vector Graphics image	D97D46FE48D19D2C4F236B9A2CFEE5F3	A164F3588BB4B601C472461A24A6EEC265BCF8C8	028F643755987211BF2F3ADD6C62AE1870A888CF2F4FE3040A4FAC7DCE2543AB
Chrome Cache Entry: 181	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 182	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 183	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 184	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 185	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 186	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 187	Web Open Font Format, TrueType, length 37153, version 1.0	C0E3B5653C803F69C05862736A765E4A	4AE2328614D48C62388C8409CBD1D9E7B5D4DFDA	48050D8EEB740BB31AAAD9EB82BCD4A493B474C9385EEDA5FC2CA2EA279CFFAD
Chrome Cache Entry: 188	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 189	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 190	Unicode text, UTF-8 text, with very long lines (32812), with NEL line terminators	80436D637186C9393945809AED3CE060	A34249A5B495227E7782AF17AE86C42E19238EAC	4136A35E827BB847FEEB39E2141BB4139249A4774CE39882A40BEC733A1AB307
Chrome Cache Entry: 191	JSON data	A4AB9F0C2F8408A0818D4844956F5F6C	3E44C4928E114A9606BA14B358A738F9131907E8	28F0C4EFA9766F9DCB0D4AF99B18712CD4FBCEBAD0E6A08CE5CB2453AC687233
Chrome Cache Entry: 192	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 193	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 194	JSON data	0B50EF449E4F7E2F144227475599FE01	669B5FC411E5ADB05A71A56A6F6BE28606622642	FC0EE9476197548DBFB6314915F5E97A80D1983E7DD441572CA23771F351A5C5
Chrome Cache Entry: 195	SVG Scalable Vector Graphics image	3BEAADDE493A5B5E04CF63A8EDCFD843	65D4ACB7F820FB9A138051BF1D3A05C64C99254F	29653CF655DF984EEE259080F3070A84E439E90366E8FD3C151EE86160061747
Chrome Cache Entry: 196	JSON data	43836660FEFC8C72510A2BF8881F551B	B77D0ECBABB28D9D4FD94293E5D27F7E285B832B	AFEA722CC0278A1A895A3F506947C0A8A2520AAEFBD03E1DFA688E7235CFF1B8
Chrome Cache Entry: 197	JSON data	D508204EE7EB6DF4D7A47B7CDD3F56C1	A2F23E0121566C927AEE5171ACAEAC46E05AB1F1	71E6151A83E306E55577261697D8A2298690C1BA07DE1DE2464AB894D20A4CC3
Chrome Cache Entry: 198	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 199	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 200	ASCII text, with very long lines (41245)	38F67E29166A634C520F5B41E58FF2D8	1415DD7EFBC3707B283CFD3AF9C6C45CFE8098CC	13B79BC533B3DE8BE0C39D86F90623BB650718569217AD3BDD2F5FD94AA99CC3
Chrome Cache Entry: 201	Unicode text, UTF-8 text, with very long lines (3704)	C80EAA6578FDB3CF7020602F8306492F	B1967B90B3CCFE93DFEDB05F2057C9D4E08D9046	185445EBC4FA6C96D29D2A94E90406520DC12A6C004C31D6A677BA767B3C4997
Chrome Cache Entry: 202	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 203	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 204	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 205	ASCII text, with very long lines (778), with no line terminators	9A59FF63C7818D514B830C4733D9C19A	0029EABC7789BADE11DB53C5B119C35A72205166	0CF1B3DF784F9838113D88249540B79A515441FEFB3549081AF0C2AA77197B41
Chrome Cache Entry: 206	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 207	Web Open Font Format, TrueType, length 69766, version 1.0	A07548869B852060E0F08B37CC570261	9FD27C5D71ACC069E5AFAC2BDA57BAC61222FE73	B1F37B2F1CC26EF70671E3C2D345CFFDCC06F02E72FCD6063C350094265426B9
Chrome Cache Entry: 208	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 209	ASCII text, with very long lines (44208)	9D0F6639B5F5081EC9406DE5D31CB697	B0FE533937DDBBF4D481CC47087C976401B37ED8	BA3CDCEF077A43E640288BC24CE6865203B8798885632AB966A435ACFFA14B13
Chrome Cache Entry: 210	ASCII text, with very long lines (43906)	6EE16AEDAA380176DBA75ABE2FB51F09	DB6E8440CF9E4557D07533025453B089E22EB57E	864A3C79A18B4ED8D38572A7349AE3352203839E86FB52E9C3AD67B70F3C5A0D
Chrome Cache Entry: 211	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 212	Web Open Font Format, TrueType, length 37153, version 1.0	C0E3B5653C803F69C05862736A765E4A	4AE2328614D48C62388C8409CBD1D9E7B5D4DFDA	48050D8EEB740BB31AAAD9EB82BCD4A493B474C9385EEDA5FC2CA2EA279CFFAD
Chrome Cache Entry: 213	ASCII text, with very long lines (15984), with no line terminators	C6CCD302D5A00A34E1851C2CC4E609D4	86A93913A5EB3F803AC41BF6255E2E3FF31B609E	F1C2FDA9627351E28491AB6832E1B716B32DDD416DA7E2715F62140721866F91
Chrome Cache Entry: 214	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 215	Unicode text, UTF-8 text, with very long lines (32966), with LF, NEL line terminators	96D87B40A0EC72F20D01BA5A0FDD70D0	C9933F1F49F55EEBB6047DCE76801178B093B2E3	312577467FB86DD73F87E09045FE6443CBD84FA16CBA4A9BD912AF41D5A04CAF
Chrome Cache Entry: 216	ASCII text, with very long lines (2026)	81CA69EE0C7A348E5ED11BE5B6395BFD	96E75F390E58252F49CD24E57B32224089FF593E	ABFC249F54BFEEE500682E375F1B07D4B5719688A7775330C68CC371E1A5223C
Chrome Cache Entry: 217	JSON data	B3624A905E586A7A3E00237D0975A3D3	4EE342DDDF66374E7C2E79BC9959A285FA0E3613	493F4F22BFEE070A20C8792AF39DE32964FA2CE4EF9801A85D5886F2135D89A0
Chrome Cache Entry: 218	Unicode text, UTF-8 text, with very long lines (45542)	97346592E3EB1A9C0F50240403752D8F	D6F51946193DBB82529EA1704B0BF67AB3A5929B	1794E579DD5854636B734EF7544C1181BE46EB5F7C731792E27F0EB62E155B2F
Chrome Cache Entry: 219	JSON data	B3624A905E586A7A3E00237D0975A3D3	4EE342DDDF66374E7C2E79BC9959A285FA0E3613	493F4F22BFEE070A20C8792AF39DE32964FA2CE4EF9801A85D5886F2135D89A0
Chrome Cache Entry: 220	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 221	JSON data	47218B12258489F9471291B194883FF4	16681AC4AF3F8AF18A4E860A97F5BC68C7F64EC9	1A3FB2A8BDA1301D49AAE0C5E21D91E2FA5F96D19C1DEF2E1BF284F33C4C7BE0
Chrome Cache Entry: 222	ASCII text, with very long lines (65536), with no line terminators	D99486CB043F8729311C782A7631F3A7	FAFDAFA34A752059E187E07EF5F11A504798182A	3AC8C6B27FEB78E1916CAB39B0F693D9EF43ED190536474911DFA70E36586771
Chrome Cache Entry: 223	ASCII text, with very long lines (33449)	88D9A8659D2DDF959192247E72C72D4F	89D3CC7B204ADEB5A4C6D3C810647868FCED7708	D7AB50A62B47E89218F59ADA31B23E2680E59EBAC7296DFB412E36ACDA48CAB1
Chrome Cache Entry: 224	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 225	ASCII text, with very long lines (65536), with no line terminators, with escape sequences	E6CD979EBABED3C6CDCB8A0758FF0CB0	CFA622DF9B6AF272382EF9A4D0395D37F7B3A8EE	31178CD83F454E5FE4234393201B84F5A766B5AD64EC88FFB5B6EEE4A6A5FAC3
Chrome Cache Entry: 226	SVG Scalable Vector Graphics image	78AF472D7F07AACD83D8E224C119950A	B04F7889C9277106B40EF90B7B19C1091884D876	FC69234936C0DF004440641A5DF9EE1E3C3532DF5780984F0F636E85E8788519
Chrome Cache Entry: 227	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 228	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 229	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 230	ASCII text, with very long lines (3960)	695D125ACCD65C79295710518B5A0044	CD8E5670358F9CECC242C0C8A9F1509740EF42C4	084DD46DC302D2047631A5B788A4ACA672CCCA4D44092B861F0C3899F1439D09
Chrome Cache Entry: 231	Unicode text, UTF-8 text, with very long lines (50713), with NEL line terminators	F720E49B34AA1110E89FE22C8B018EC7	AA2A61F54A7B3C6A7A3341A900699EF6CF4F8A8E	77166E2033CC977E5F8397E64BC0398FF43237BAB55D4C807148184FBA9FA4B1
Chrome Cache Entry: 232	JSON data	A83FEDC7AE7025DAB4E758A079961BDE	0BB8BBEB90F1683C410FEFB27CB0FD2750E87E9D	19A9D930E0E8C2D6C16D7D296CF2D5D341B4CA9D6DF2F815E6AB11456DE8FF1E
Chrome Cache Entry: 233	ASCII text, with very long lines (2009)	11688BC19D2FA9090C626BEFFF5062B9	8481E98D1B924B78CCFC8568D9691055CF13AF5A	F21F90F0F1DE1219B6D20C6133EA5F442BB68A18F8A81B055E33DF1880AB4B28
Chrome Cache Entry: 234	data	68E1A9898398CC8F3BB2D71562EDE5B3	5CC9A614092B6F5E3613D051B63023207CA13B0C	E0C4CEE8D1375507B6D8870152384782720C21F15E1AEAF8130FB49D23ACB592
Chrome Cache Entry: 235	JSON data	BAEDB67A83479DBF0F30936FE28DAB54	6CBF6C310D972F63462172D190CD91E03145A485	644DE828EF901AEE6B2279CEE1ADBFA11EC9E8EE18F0DDA97E8F4020C31C3609
Chrome Cache Entry: 236	SVG Scalable Vector Graphics image	D97D46FE48D19D2C4F236B9A2CFEE5F3	A164F3588BB4B601C472461A24A6EEC265BCF8C8	028F643755987211BF2F3ADD6C62AE1870A888CF2F4FE3040A4FAC7DCE2543AB
Chrome Cache Entry: 237	JSON data	3B07EA07E57E0DA709C256224D5EC1DD	B912DC42F7943649DFBD876ECBB0D4D2E6E26578	326DEA47F7CD2AAF1F5DC9A8BE9103EB282AEFB50A6B2D76F4256EB54A070233
Chrome Cache Entry: 238	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 239	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 240	Unicode text, UTF-8 text, with very long lines (41211), with LF, NEL line terminators	57AE1D958042CC8EC2AA3013918E0ABB	823F22D5C41EC934D5E8ECB9F07D21EA0F7E4D23	9E132670E82B75096193AA981F828376B85B3F9002F2ED24EC2CF0109743B182
Chrome Cache Entry: 241	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 242	ASCII text, with very long lines (64772)	CDD5D4A45C98B91C244E0EACB3206AD7	288F792A1A3B4BF0DC934058F506A3E6D6DCCB4C	D2E7CAAA213D56F6B9528BB61F9B3FA4C842EAE70A90C1BEEB22C60AB41B1CDA
Chrome Cache Entry: 243	JSON data	65BE367FFE272ED2D34889BF7EE53263	EA28802282CB61E59A6469CC1393F50422EC91F5	E4975BE7A823EE4FF14C61A92F0232C2D1D89DD9B441139110EC0422836E3C2F
Chrome Cache Entry: 244	Unicode text, UTF-8 text, with very long lines (34692)	880B713323BD8942601F6D03B191042B	3853D8C0C20248A108E99AD80E859254E445C402	8C69AF833EC7699DDB915078F2E67CF47E96BA91769775D1D0E24B589F958324
Chrome Cache Entry: 245	Unicode text, UTF-8 text, with very long lines (46587)	93313DDD893A06B69A61945291042E26	5334E08B64A1E2260F18CB0E1C59CE2379501454	63CBF9DDD66945B4EF570DCCA5935F662BBBF10C98B9582D5213192065296861
Chrome Cache Entry: 246	ASCII text, with very long lines (9025), with no line terminators	36CDA26A0AF2390855709B23F8D0FEB7	5A26874BFD06F1D8169DB4660753A68801A91D1C	7D053C84242DA3809D364817DBF80E3BB35F8075A8C1E53CBEEA9322074E3ABD
Chrome Cache Entry: 247	ASCII text, with very long lines (39720)	6BD6577A5C0B82406C3DFA346D7E3C3E	64CC30F989F87D78479B1A8681832842B6FCE747	6513973EB294A92FE6F9144425950A6C96BB54255AA31E136917DF34BACB0FCC
Chrome Cache Entry: 248	JSON data	3B07EA07E57E0DA709C256224D5EC1DD	B912DC42F7943649DFBD876ECBB0D4D2E6E26578	326DEA47F7CD2AAF1F5DC9A8BE9103EB282AEFB50A6B2D76F4256EB54A070233
Chrome Cache Entry: 249	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 250	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 251	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 252	JSON data	3C3FFDD00A241A4637D5C36435AED73C	399BC3C37EC9C8BF2772EB4ACA35D0E0921CC0B3	DDBE6A3D2794E31BBB8D7F118DCA9C6F8E6770DAE7F4C9AC9FAE08B1EC6BDFC0
Chrome Cache Entry: 253	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 254	ASCII text, with very long lines (59970)	376FC01BF053EEE4ABBA1AF9CAA8788D	E4E1646B2730DFDACDAF04D39A8994E773D50F41	B1117BDE2EAF7B76E0A1F12CAA53990DDBE0649A56431EE041D31378A9E0A6DC
Chrome Cache Entry: 255	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 256	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 257	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 258	JSON data	9E068F69BD8A51028FBA9B1C0455D8C9	A7766CE3FC948F609A877AB9638AE2700566B792	697E7578FA14BCB5A73427770C46DD902BFD15C51E505122FFF1C7D7136F8F4F
Chrome Cache Entry: 259	ASCII text, with very long lines (36023)	435610F9F0581D2F2EC8A73A5DCE8F14	F301448E641408888C9B2D11D612C0009B20D1BF	AB2616CBCD438C83F593BC99E8944B51C7748156679325C86E4F190F947DF9D8
Chrome Cache Entry: 260	ASCII text, with very long lines (1680)	06459F8F2211ECFBAF773F95ED1918B2	B4B04D631441A5C908009243C4970B85632D4E61	1E45B6E32B1923F8E3744896ED466317016805C164C1A6E42202BA5803F95AE5
Chrome Cache Entry: 261	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 262	ASCII text, with very long lines (46099)	02019DE51A04C361D268110575AB658D	A795AC4ED834527F2E3209578D9CB36D957A79B9	8AACE09F3FE28D8A291F63AF3BE8C6FE6925980D94817A1EA14F40696D5551A9
Chrome Cache Entry: 263	ASCII text, with very long lines (44597)	15F225D02170B30DF026A73653D6F012	197B48CDAA0D13F24869390BBF4458B796E919AC	409BC9447BBE7079FE1EA8F1E94A89F67F13BC04E871AB8549DFA4105E72F1C5
Chrome Cache Entry: 264	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 265	ASCII text, with very long lines (37328)	DD8C500A4B9E9594158A2423E6674537	800C53AF7D19DBF177D42CFF9276FEC7FEAF6022	5C80F838A28A543883C26D47F6AEAA302EE0D0DDC41B72692BD74EAB49528971
Chrome Cache Entry: 266	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 267	JSON data	BAEDB67A83479DBF0F30936FE28DAB54	6CBF6C310D972F63462172D190CD91E03145A485	644DE828EF901AEE6B2279CEE1ADBFA11EC9E8EE18F0DDA97E8F4020C31C3609
Chrome Cache Entry: 268	SVG Scalable Vector Graphics image	56ADDBA553083EB384B100CBB7E8632F	F718526F1EF720E5D361536615595D5BFC3C9688	5E60A20DA0F769A6260D4ED755D615DA930B87C62436F807A6FF32D000017D18
Chrome Cache Entry: 269	JSON data	47218B12258489F9471291B194883FF4	16681AC4AF3F8AF18A4E860A97F5BC68C7F64EC9	1A3FB2A8BDA1301D49AAE0C5E21D91E2FA5F96D19C1DEF2E1BF284F33C4C7BE0
Chrome Cache Entry: 270	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 271	ASCII text, with very long lines (41290)	228F7920338A6225EA70F1340FCAA675	F29A22FA174ECB3FBF50F877962A09C1168071B5	03C09600A0564362F9FAE2435894BFE9484DA253538D350514241EC6F4DC3A87
Chrome Cache Entry: 272	ASCII text, with very long lines (65536), with no line terminators	604DCA84D6A03FB5A322F2F31901B7A8	B950078AE57FA5625777DC920E723DA9F7442636	E7180F0A73A3F0957763B4AF3530ED9D5F0C6A523CC0F005FBF6E36196928843
Chrome Cache Entry: 273	SVG Scalable Vector Graphics image	7C6C3493F958764FD6B2A550A98AB676	0D89801FF7089BCFDDDA2F22AB37DA7155948FF7	56B8E90244C34621E294D3357EDFEF9A1467E501773ED21B25DC6367AB3D7803
Chrome Cache Entry: 274	ASCII text, with very long lines (28410)	EA09CB5B6821E6B4D824B30FA6830039	88D953AF4772A99D3EF2041963C8F5FA0A14B52B	5B5E7E7DB1F6198ACC82F666322D79131821DDD4CDAC35B8BDF30077F5FD3917
Chrome Cache Entry: 275	ASCII text, with very long lines (32092), with CRLF line terminators	289D5AC7BC28C5DBCED03A38D2D59420	6162CC0200EFEADE667EF660E81053B404CB0A0C	EDE20A36B682BB11E6705DB547356DF875EB07B93A1AB64AE47C705F9CA24816
Chrome Cache Entry: 276	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 277	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 278	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 279	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 280	ASCII text, with very long lines (65536), with no line terminators	D4F6C3591835EB7DD537E0B4DC46B49D	402D69BFC83C2477B72FA978D01045A124E5BAF5	5697EC2A5B964C283B604E35B4B9A8E550014FD6EBD602A849FD85038113D78B
Chrome Cache Entry: 281	SVG Scalable Vector Graphics image	78AF472D7F07AACD83D8E224C119950A	B04F7889C9277106B40EF90B7B19C1091884D876	FC69234936C0DF004440641A5DF9EE1E3C3532DF5780984F0F636E85E8788519
Chrome Cache Entry: 282	ASCII text, with very long lines (65536), with no line terminators	16FD8FCE5D0B5F49025D8B1C2E9F7AA5	204919BF2DC1509A46EB75267D794F37171F2B01	4704A5DE4617A18FE96FCEA174E78FFDB530907417BC9964C14912F293E124B4
Chrome Cache Entry: 283	SVG Scalable Vector Graphics image	56ADDBA553083EB384B100CBB7E8632F	F718526F1EF720E5D361536615595D5BFC3C9688	5E60A20DA0F769A6260D4ED755D615DA930B87C62436F807A6FF32D000017D18
Chrome Cache Entry: 284	ASCII text, with very long lines (31865)	595879BCBB4299126A67689E044BA625	A9DD56B33CCFFCAEE1780ED861B9D7C3C7636248	25C21D15F28ABE252FD4C9844B27BE9E89D9D08EECF378DB4CE7D5B72D82E649
Chrome Cache Entry: 285	JSON data	65BE367FFE272ED2D34889BF7EE53263	EA28802282CB61E59A6469CC1393F50422EC91F5	E4975BE7A823EE4FF14C61A92F0232C2D1D89DD9B441139110EC0422836E3C2F
Chrome Cache Entry: 286	ASCII text, with no line terminators	7FC8633AB4063FC68D1E25FA8A90C53D	C3EAC2CF2AE24B5B11E94FD882B5EA0144FE728D	6EC1D233D26BC2F7A2F292476FD567238FFBB188582250325E68E22914CAD031
Chrome Cache Entry: 287	ASCII text, with very long lines (31923), with CRLF line terminators	4BCA4EA1CEEA06EF75AF710832B239A0	F310BED2271FDCD0BA7A962E75769D8BCE286DE4	8D87473C8E2D25564D0BB02751D779E97B48B0FB61B898DC5BE4B6AF57C0B298
Chrome Cache Entry: 288	Unicode text, UTF-8 text, with very long lines (3704)	C80EAA6578FDB3CF7020602F8306492F	B1967B90B3CCFE93DFEDB05F2057C9D4E08D9046	185445EBC4FA6C96D29D2A94E90406520DC12A6C004C31D6A677BA767B3C4997
Chrome Cache Entry: 289	JSON data	43836660FEFC8C72510A2BF8881F551B	B77D0ECBABB28D9D4FD94293E5D27F7E285B832B	AFEA722CC0278A1A895A3F506947C0A8A2520AAEFBD03E1DFA688E7235CFF1B8
Chrome Cache Entry: 290	ASCII text, with very long lines (2693), with no line terminators	3C6742374D4A35EA65CF09C23BFB6097	C79F2953D08F9FEB221713147BB27A2BFB19D77F	41029EA4BA33803A2F020354931D35EA37A6EADE8D9936EA134718F4F24BE935

HTML body with high number of embedded images detected

Source: https://global.americanexpress.com/help?inav=iNUtlContact&extlink=us-em-serv-footer-helpcenter

HTTP Parser: Total embedded image size: 15606

Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.18:49693 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.18:49697 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.18:49698 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.18:49705 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 23.79.187.180
Source: unknown	TCP traffic detected without corresponding DNS query: 23.76.32.107
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26

Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=s+M7GxcDtlbET9Y&MD=DFrtxrWu HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=s+M7GxcDtlbET9Y&MD=DFrtxrWu HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1713274301023 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://global.americanexpress.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1713274301023 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://global.americanexpress.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=14639981717196152352028843229767243559
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=5.0.0&d_fieldgroup=A&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&mid=14483685490011032432048978651132711855&ts=1713274302100 HTTP/1.1Host: omns.americanexpress.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://global.americanexpress.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TS0114bdae=0144d4a839586b141b989af62e52371e6fc307f9d3a5061f1757c48d9180280c953015a6c6dc95d5b236407f09d657189c894cb579; agent-id=75ae5b53-68cf-4749-8f79-9c43a50fd031; bm_sz=6F6A31595189F7CEAF8A71424DC072A4~YAAQT2gBF03jz8qOAQAA+PQa5xdLqqvmjQo3qql/RSrk+NqgjmVtGRIpJ5fdyCwxL0VXYKaP3pbR9g9uEQWh5UXeVA9Y7V1m7P4NNPA2wKeGfYWBW+KWNGyMZxqUZSy9uAImtIyhIACEkuWppPtqSOdH4vOm1jvnIpZNwdjJ40gWe4OdNk+2mZF9LZGpSPN5W63KHWQIvJ4iH5vJLvoAaS+w4fiJUQj52oL6gxC2RBjBKPwxow2vambX2wX+CPZjRLt4NZMtr+f2bbmARnFCo/v3eRsPyS0JH12rulCjsr5LIQPNrvwt3MBukJtjlim+A82Bo9I2DgrIS9B1+gITDv42IX5px8tCUDTbVR2J6Yk61l/LMCVXt34MUCVLH7mYt71W1ejDyL4Ow4Ls~3293761~4342328; rxVisitor=1713274290937A7R6R3LAF697QOVKMJMDGTMITTEUMT0A; dtLatC=509; dtSa=-; dtCookie=v_4_srv_104_sn_D31AC96E3DF032551F710E6D44416A15_app-3Af32f70c4a19cb7f4_1_ol_0_perc_100000_mul_1_rcs-3Acss_0; _abck=AD827B41E34AB180244EB157C2E73EBF~0~YAAQUGgBFxym8NWOAQAAohcb5wu2ZGB60GcxQTa+6qpnA6FyqN4LrC5qrO0RImU4BIA5aiW5kpMSaiSyndfm39JpVX1S9C5VrOKKlePm9qqeBP9bYW6Iy7qKpBsP3xUYB36lvGG30+nKugXF2BlliLDzfCwaXSu1mXM8QrQC/1pLZU9IMUL+Xd7YLjPlWK7R8OkqushCcrWmU0Z8UNvySw6H36ckn7kVb74EibUOlgNgtg3l8YqVIigkF1WhtKEz6PsqbZ8oa/aADoHU3xYQBLcjAXjQkb8zA7V6/swvOTxG9IFfROLdI5inH5Ekc1pUAyTn1mvUZihn7Z+D5+RQBw6w7sE/nU7wgoFoU8sLmvC19Zmav3geNzaUhXZ5j7rF/R3U84iksSTiDDNRG6kw2MqWYlSBD4zoUiPFl9c7ypAI~-1~-1~-1; rxvt=1713276099040\|1713274290940; dtPC=$274290934_630h-vCCRUAIBSCBAUJCNRSUGTAFBDWCRAFKQA-0e0; s_pers=%20s_tslv%3D1713274301817%7C1776346301817%3B; s_sess=%20s_tp%3D1568%3B%20s_ppv%3Dus%25257Coneamex%25257Cser%25257Chelp%252C58%252C58%252C907%3B%20omn_extlink%3Dus-em-serv-footer-helpcenter%3B%20omn_inav%3DiNUtlContact%3B; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1; AMCV_5C36123F5245AF470A490D45%40AdobeOrg=870038026%7CMCMID%7C14483685490011032432048978651132711855%7CMCAAMLH-1713879102%7C7%7CMCAAMB-1713879102%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1713281502s%7CNONE%7CvVersion%7C5.0.0
Source: global traffic	HTTP traffic detected: GET /id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1713274301023 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=14639981717196152352028843229767243559
Source: global traffic	HTTP traffic detected: GET /b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s6959995791769?AQB=1&ndh=1&pf=1&t=16%2F3%2F2024%2015%3A31%3A42%202%20-120&mid=14483685490011032432048978651132711855&aamlh=7&ce=UTF-8&cl=34128000&pageName=us%7Coneamex%7Cser%7Chelp&g=https%3A%2F%2Fglobal.americanexpress.com%2Fhelp%3Finav%3DiNUtlContact%26extlink%3Dus-em-serv-footer-helpcenter%26extlink%3Dus-em-serv-footer-helpcenter%26&c.&visitorCheck=VisitorAPI%20Present&cm.&ssf=1&.cm&omn.&lob=ser&country=us&language=en&extlink=us-em-serv-footer-helpcenter&inav=iNUtlContact&.omn&.c&h.&architecture=x86&bitness=64&platformVersion=10.0.0&.h&cc=USD&server=global.americanexpress.com&v0=extlink%3Dus-em-serv-footer-helpcenter&events=event140%2Cevent45&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&h1=us%7Coneamex%7Cser&c3=en&c4=US&c6=D%3Dv6&v8=iNUtlContact&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c19=US%7Coneamex%7Cser&v21=US%3ALegacy%20Non-Search&c24=US%7Coneamex%7Cser&v27=US&c30=US%7Coneamex%7Cser&c31=US&c38=US%7Coneamex%7Cser&c43=New%20Visitor&c44=D%3Dv44&v45=prospect&c46=DLS%20Navigation&c49=Launch-OneAmex%3Av1.4.9-AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-SS%3AY-msuite%3Atrue-PD%3A2024-04-03&c50=non-authenticated&c56=oneamex%3Adesktop&v60=1280&v61=landscape&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v71=us%7Coneamex%7Cser%7Chelp&v72=n%2Fa&v74=us%7Coneamex%7Cser%7Chelp&c75=Launch&v75=14483685490011032432048978651132711855&v94=D%3Dagent-id&v140=UCM%3A%20en-US%7C%20docEle%3A%20en-US%7C&v142=1713274290937A7R6R3LAF697QOVKMJMDGTMITTEUMT0A&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=907&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1 HTTP/1.1Host: omns.americanexpress.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TS0114bdae=0144d4a839586b141b989af62e52371e6fc307f9d3a5061f1757c48d9180280c953015a6c6dc95d5b236407f09d657189c894cb579; agent-id=75ae5b53-68cf-4749-8f79-9c43a50fd031; bm_sz=6F6A31595189F7CEAF8A71424DC072A4~YAAQT2gBF03jz8qOAQAA+PQa5xdLqqvmjQo3qql/RSrk+NqgjmVtGRIpJ5fdyCwxL0VXYKaP3pbR9g9uEQWh5UXeVA9Y7V1m7P4NNPA2wKeGfYWBW+KWNGyMZxqUZSy9uAImtIyhIACEkuWppPtqSOdH4vOm1jvnIpZNwdjJ40gWe4OdNk+2mZF9LZGpSPN5W63KHWQIvJ4iH5vJLvoAaS+w4fiJUQj52oL6gxC2RBjBKPwxow2vambX2wX+CPZjRLt4NZMtr+f2bbmARnFCo/v3eRsPyS0JH12rulCjsr5LIQPNrvwt3MBukJtjlim+A82Bo9I2DgrIS9B1+gITDv42IX5px8tCUDTbVR2J6Yk61l/LMCVXt34MUCVLH7mYt71W1ejDyL4Ow4Ls~3293761~4342328; rxVisitor=1713274290937A7R6R3LAF697QOVKMJMDGTMITTEUMT0A; dtLatC=509; dtSa=-; dtCookie=v_4_srv_104_sn_D31AC96E3DF032551F710E6D44416A15_app-3Af32f70c4a19cb7f4_1_ol_0_perc_100000_mul_1_rcs-3Acss_0; _ab
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=5.0.0&d_fieldgroup=A&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&mid=14483685490011032432048978651132711855&ts=1713274302100 HTTP/1.1Host: omns.americanexpress.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TS0114bdae=0144d4a839586b141b989af62e52371e6fc307f9d3a5061f1757c48d9180280c953015a6c6dc95d5b236407f09d657189c894cb579; agent-id=75ae5b53-68cf-4749-8f79-9c43a50fd031; bm_sz=6F6A31595189F7CEAF8A71424DC072A4~YAAQT2gBF03jz8qOAQAA+PQa5xdLqqvmjQo3qql/RSrk+NqgjmVtGRIpJ5fdyCwxL0VXYKaP3pbR9g9uEQWh5UXeVA9Y7V1m7P4NNPA2wKeGfYWBW+KWNGyMZxqUZSy9uAImtIyhIACEkuWppPtqSOdH4vOm1jvnIpZNwdjJ40gWe4OdNk+2mZF9LZGpSPN5W63KHWQIvJ4iH5vJLvoAaS+w4fiJUQj52oL6gxC2RBjBKPwxow2vambX2wX+CPZjRLt4NZMtr+f2bbmARnFCo/v3eRsPyS0JH12rulCjsr5LIQPNrvwt3MBukJtjlim+A82Bo9I2DgrIS9B1+gITDv42IX5px8tCUDTbVR2J6Yk61l/LMCVXt34MUCVLH7mYt71W1ejDyL4Ow4Ls~3293761~4342328; rxVisitor=1713274290937A7R6R3LAF697QOVKMJMDGTMITTEUMT0A; dtLatC=509; dtSa=-; dtCookie=v_4_srv_104_sn_D31AC96E3DF032551F710E6D44416A15_app-3Af32f70c4a19cb7f4_1_ol_0_perc_100000_mul_1_rcs-3Acss_0; _abck=AD827B41E34AB180244EB157C2E73EBF~0~YAAQUGgBFxym8NWOAQAAohcb5wu2ZGB60GcxQTa+6qpnA6FyqN4LrC5qrO0RImU4BIA5aiW5kpMSaiSyndfm39JpVX1S9C5VrOKKlePm9qqeBP9bYW6Iy7qKpBsP3xUYB36lvGG30+nKugXF2BlliLDzfCwaXSu1mXM8QrQC/1pLZU9IMUL+Xd7YLjPlWK7R8OkqushCcrWmU0Z8UNvySw6H36ckn7kVb74EibUOlgNgtg3l8YqVIigkF1WhtKEz6PsqbZ8oa/aADoHU3xYQBLcjAXjQkb8zA7V6/swvOTxG9IFfROLdI5inH5Ekc1pUAyTn1mvUZihn7Z+D5+RQBw6w7sE/nU7wgoFoU8sLmvC19Zmav3geNzaUhXZ5j7rF/R3U84iksSTiDDNRG6kw2MqWYlSBD4zoUiPFl9c7ypAI~-1~-1~-1; rxvt=1713276099040\|1713274290940; dtPC=$274290934_630h-vCCRUAIBSCBAUJCNRSUGTAFBDWCRAFKQA-0e0; s_pers=%20s_tslv%3D1713274301817%7C1776346301817%3B; s_sess=%20s_tp%3D1568%3B%20s_ppv%3Dus%25257Coneamex%25257Cser%25257Chelp%252C58%252C58%252C907%3B%20omn_extlink%3Dus-em-serv-footer-helpcenter%3B%20omn_inav%3DiNUtlContact%3B; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1; s_ecid=MCMID%7C14483685490011032432048978651132711855; AMCV_5C36123F5245AF470A490D45%40AdobeOrg=870038026%7CMCMID%7C14483685490011032432048978651132711855%7CMCAAMLH-1713879102%7C7%7CMCAAMB-1713879102%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1713281502s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.0.0
Source: global traffic	HTTP traffic detected: GET /b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s6959995791769?AQB=1&ndh=1&pf=1&t=16%2F3%2F2024%2015%3A31%3A42%202%20-120&mid=14483685490011032432048978651132711855&aamlh=7&ce=UTF-8&cl=34128000&pageName=us%7Coneamex%7Cser%7Chelp&g=https%3A%2F%2Fglobal.americanexpress.com%2Fhelp%3Finav%3DiNUtlContact%26extlink%3Dus-em-serv-footer-helpcenter%26extlink%3Dus-em-serv-footer-helpcenter%26&c.&visitorCheck=VisitorAPI%20Present&cm.&ssf=1&.cm&omn.&lob=ser&country=us&language=en&extlink=us-em-serv-footer-helpcenter&inav=iNUtlContact&.omn&.c&h.&architecture=x86&bitness=64&platformVersion=10.0.0&.h&cc=USD&server=global.americanexpress.com&v0=extlink%3Dus-em-serv-footer-helpcenter&events=event140%2Cevent45&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&h1=us%7Coneamex%7Cser&c3=en&c4=US&c6=D%3Dv6&v8=iNUtlContact&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c19=US%7Coneamex%7Cser&v21=US%3ALegacy%20Non-Search&c24=US%7Coneamex%7Cser&v27=US&c30=US%7Coneamex%7Cser&c31=US&c38=US%7Coneamex%7Cser&c43=New%20Visitor&c44=D%3Dv44&v45=prospect&c46=DLS%20Navigation&c49=Launch-OneAmex%3Av1.4.9-AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-SS%3AY-msuite%3Atrue-PD%3A2024-04-03&c50=non-authenticated&c56=oneamex%3Adesktop&v60=1280&v61=landscape&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v71=us%7Coneamex%7Cser%7Chelp&v72=n%2Fa&v74=us%7Coneamex%7Cser%7Chelp&c75=Launch&v75=14483685490011032432048978651132711855&v94=D%3Dagent-id&v140=UCM%3A%20en-US%7C%20docEle%3A%20en-US%7C&v142=1713274290937A7R6R3LAF697QOVKMJMDGTMITTEUMT0A&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=907&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1 HTTP/1.1Host: omns.americanexpress.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TS0114bdae=0144d4a839586b141b989af62e52371e6fc307f9d3a5061f1757c48d9180280c953015a6c6dc95d5b236407f09d657189c894cb579; agent-id=75ae5b53-68cf-4749-8f79-9c43a50fd031; bm_sz=6F6A31595189F7CEAF8A71424DC072A4~YAAQT2gBF03jz8qOAQAA+PQa5xdLqqvmjQo3qql/RSrk+NqgjmVtGRIpJ5fdyCwxL0VXYKaP3pbR9g9uEQWh5UXeVA9Y7V1m7P4NNPA2wKeGfYWBW+KWNGyMZxqUZSy9uAImtIyhIACEkuWppPtqSOdH4vOm1jvnIpZNwdjJ40gWe4OdNk+2mZF9LZGpSPN5W63KHWQIvJ4iH5vJLvoAaS+w4fiJUQj52oL6gxC2RBjBKPwxow2vambX2wX+CPZjRLt4NZMtr+f2bbmARnFCo/v3eRsPyS0JH12rulCjsr5LIQPNrvwt3MBukJtjlim+A82Bo9I2DgrIS9B1+gITDv42IX5px8tCUDTbVR2J6Yk61l/LMCVXt34MUCVLH7mYt71W1ejDyL4Ow4Ls~3293761~4342328; rxVisitor=1713274290937A7R6R3LAF697QOVKMJMDGTMITTEUMT0A; dtLatC=509; dtSa=-; dtCookie=v_4_srv_104_sn_D31AC96E3DF032551F710E6D44416A15_app-3Af32f70c4a19cb7f4_1_ol_0_perc_100000_mul_1_rcs-3Acss_0; _abck=AD827B41E34AB180244EB157C2E73EBF~0~YAAQUGgBFxym8NWOAQAAohcb5wu2ZGB60GcxQTa+6qpnA6FyqN4LrC5qrO0RImU4BIA5aiW5kpMSaiSyndfm39JpVX1S9C5VrOKKlePm9qqeBP9bYW6Iy7qKpBsP3xUYB36lvGG30+nKugXF2BlliLDzfCwaXSu1m
Source: global traffic	HTTP traffic detected: GET /b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s67650161295375?AQB=1&ndh=1&pf=1&t=16%2F3%2F2024%2015%3A31%3A42%202%20-120&mid=14483685490011032432048978651132711855&aamlh=7&ce=UTF-8&cl=34128000&pageName=us%7Coneamex%7Cser%7Chelp&g=https%3A%2F%2Fglobal.americanexpress.com%2Fhelp%3Finav%3DiNUtlContact%26extlink%3Dus-em-serv-footer-helpcenter&c.&cm.&ssf=1&.cm&omn.&identifier=axp-myca-route-config&element=credo-rampup&lob=ser&detail=ineligible&.omn&.c&cc=USD&events=event141&c3=en&c4=US&v4=axp-myca-route-config&v5=us%3E%3Eaxp-myca-route-config%3E%3Eimpression%3E%3Ecredo-rampup%3E%3Eineligible&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=axp-myca-route-config&c22=us%3E%3Eaxp-myca-route-config%3E%3Eimpression%3E%3Ecredo-rampup%3E%3Eineligible&v27=US&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.4.9-AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-SS%3AY-msuite%3Atrue-PD%3A2024-04-03&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=us%7Coneamex%7Cser%7Chelp&v75=14483685490011032432048978651132711855&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=907&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1 HTTP/1.1Host: omns.americanexpress.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TS0114bdae=0144d4a839586b141b989af62e52371e6fc307f9d3a5061f1757c48d9180280c953015a6c6dc95d5b236407f09d657189c894cb579; agent-id=75ae5b53-68cf-4749-8f79-9c43a50fd031; bm_sz=6F6A31595189F7CEAF8A71424DC072A4~YAAQT2gBF03jz8qOAQAA+PQa5xdLqqvmjQo3qql/RSrk+NqgjmVtGRIpJ5fdyCwxL0VXYKaP3pbR9g9uEQWh5UXeVA9Y7V1m7P4NNPA2wKeGfYWBW+KWNGyMZxqUZSy9uAImtIyhIACEkuWppPtqSOdH4vOm1jvnIpZNwdjJ40gWe4OdNk+2mZF9LZGpSPN5W63KHWQIvJ4iH5vJLvoAaS+w4fiJUQj52oL6gxC2RBjBKPwxow2vambX2wX+CPZjRLt4NZMtr+f2bbmARnFCo/v3eRsPyS0JH12rulCjsr5LIQPNrvwt3MBukJtjlim+A82Bo9I2DgrIS9B1+gITDv42IX5px8tCUDTbVR2J6Yk61l/LMCVXt34MUCVLH7mYt71W1ejDyL4Ow4Ls~3293761~4342328; rxVisitor=1713274290937A7R6R3LAF697QOVKMJMDGTMITTEUMT0A; dtLatC=509; dtSa=-; dtCookie=v_4_srv_104_sn_D31AC96E3DF032551F710E6D44416A15_app-3Af32f70c4a19cb7f4_1_ol_0_perc_100000_mul_1_rcs-3Acss_0; _abck=AD827B41E34AB180244EB157C2E73EBF~0~YAAQUGgBFxym8NWOAQAAohcb5wu2ZGB60GcxQTa+6qpnA6FyqN4LrC5qrO0RImU4BIA5aiW5kpMSaiSyndfm39JpVX1S9C5VrOKKlePm9qqeBP9bYW6Iy7qKpBsP3xUYB36lvGG30+nKugXF2BlliLDzfCwaXSu1mXM8QrQC/1pLZU9IMUL+Xd7YLjPlWK7R8OkqushCcrWmU0Z8UNvySw6H36ckn7kVb74EibUOlgNgtg3l8YqVIigkF1WhtKEz6PsqbZ8oa/aADoHU3xYQBLcjAXjQkb8zA7V6/swvOTxG9IFfROLdI5inH5Ekc1pUAyTn1mvUZihn7Z+D5+RQBw6w7sE/nU7wgoFoU8sLmvC19Zmav3geNzaUhXZ5j7rF/R3U84iksSTiDDNRG6kw2MqWYlSBD4zoUi
Source: global traffic	HTTP traffic detected: GET /b/ss/amexpressenterpriseprod/1/JS-2.23.0-LDQM/s67650161295375?AQB=1&ndh=1&pf=1&t=16%2F3%2F2024%2015%3A31%3A42%202%20-120&mid=14483685490011032432048978651132711855&aamlh=7&ce=UTF-8&cl=34128000&pageName=us%7Coneamex%7Cser%7Chelp&g=https%3A%2F%2Fglobal.americanexpress.com%2Fhelp%3Finav%3DiNUtlContact%26extlink%3Dus-em-serv-footer-helpcenter&c.&cm.&ssf=1&.cm&omn.&identifier=axp-myca-route-config&element=credo-rampup&lob=ser&detail=ineligible&.omn&.c&cc=USD&events=event141&c3=en&c4=US&v4=axp-myca-route-config&v5=us%3E%3Eaxp-myca-route-config%3E%3Eimpression%3E%3Ecredo-rampup%3E%3Eineligible&c6=D%3Dv6&c10=prospect&c12=D%3Dv12&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c21=axp-myca-route-config&c22=us%3E%3Eaxp-myca-route-config%3E%3Eimpression%3E%3Ecredo-rampup%3E%3Eineligible&v27=US&c44=D%3Dv44&c49=Launch-OneAmex%3Av1.4.9-AM%3A2.23.0-VISID%3A5.0.0-DIL%3ANA-SS%3AY-msuite%3Atrue-PD%3A2024-04-03&c56=oneamex%3Adesktop&c64=D%3Dv64&c65=D%3Dv65&c67=D%3Dv67&c69=D%3Dv69&v74=us%7Coneamex%7Cser%7Chelp&v75=14483685490011032432048978651132711855&pe=lnk_o&pev2=Dynamic%20Page%20Action&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=907&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1 HTTP/1.1Host: omns.americanexpress.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TS0114bdae=0144d4a839586b141b989af62e52371e6fc307f9d3a5061f1757c48d9180280c953015a6c6dc95d5b236407f09d657189c894cb579; agent-id=75ae5b53-68cf-4749-8f79-9c43a50fd031; bm_sz=6F6A31595189F7CEAF8A71424DC072A4~YAAQT2gBF03jz8qOAQAA+PQa5xdLqqvmjQo3qql/RSrk+NqgjmVtGRIpJ5fdyCwxL0VXYKaP3pbR9g9uEQWh5UXeVA9Y7V1m7P4NNPA2wKeGfYWBW+KWNGyMZxqUZSy9uAImtIyhIACEkuWppPtqSOdH4vOm1jvnIpZNwdjJ40gWe4OdNk+2mZF9LZGpSPN5W63KHWQIvJ4iH5vJLvoAaS+w4fiJUQj52oL6gxC2RBjBKPwxow2vambX2wX+CPZjRLt4NZMtr+f2bbmARnFCo/v3eRsPyS0JH12rulCjsr5LIQPNrvwt3MBukJtjlim+A82Bo9I2DgrIS9B1+gITDv42IX5px8tCUDTbVR2J6Yk61l/LMCVXt34MUCVLH7mYt71W1ejDyL4Ow4Ls~3293761~4342328; rxVisitor=1713274290937A7R6R3LAF697QOVKMJMDGTMITTEUMT0A; dtLatC=509; dtSa=-; dtCookie=v_4_srv_104_sn_D31AC96E3DF032551F710E6D44416A15_app-3Af32f70c4a19cb7f4_1_ol_0_perc_100000_mul_1_rcs-3Acss_0; _abck=AD827B41E34AB180244EB157C2E73EBF~0~YAAQUGgBFxym8NWOAQAAohcb5wu2ZGB60GcxQTa+6qpnA6FyqN4LrC5qrO0RImU4BIA5aiW5kpMSaiSyndfm39JpVX1S9C5VrOKKlePm9qqeBP9bYW6Iy7qKpBsP3xUYB36lvGG30+nKugXF2BlliLDzfCwaXSu1mXM8QrQC/1pLZU9IMUL+Xd7YLjPlWK7R8OkqushCcrWmU0Z8UNvySw6H36ckn7kVb74EibUOlgNgtg3l8YqVIigkF1WhtKEz6PsqbZ8oa/aADoHU3xYQBLcjAXjQkb8zA7V6/swvOTxG9IFfROLdI5inH5Ekc1pUAyTn1mvUZihn7Z+D5+RQBw6w7sE/nU7wgoFoU8sLmvC19Zmav3geNzaUhXZ5j7rF/R3U84iksSTiDDNRG6kw2MqWYlSBD4zoUiPFl9c7ypAI~-1~-1~-1; rxvt=1713276099040\|1713274290940; dtPC=$274290934_630h-vCCRUAIBSCBAUJCNRSUGTAFBDWCRAFKQA-0e0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1; s_ecid=MCMID%7C144836854900110324320489
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiSocsBCIWgzQEI3L3NAQjpxc0BCJHKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/ddljson?async=ntp:2 HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiSocsBCIWgzQEI3L3NAQjpxc0BCJHKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sorry/index?continue=https://www.google.com/async/newtab_ogb%3Fhl%3Den-US%26async%3Dfixed:0&hl=en-US&q=EgRRtTk0GNv7-bAGIjCutrdc__jP0Ewy3i-m2egggo-7ZmryQzEGXexmB4-11OBM3nprFLRWxeudB_gRK98yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiSocsBCIWgzQEI3L3NAQjpxc0BCJHKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-04-16-13; NID=513=HiYTcYVFE12zfZ5RF4UZiNIh43EgTh3zpY5SDtyZHLD4cR6h-fHb5eXqkaLQaQss9tPU_nAzWqJ-r8tm2nzuwJVuJgSg8m80omXLQLI9kC-mLI67INlpFzc2Xm6nACmdJHvvKlrhu1n0my3amXjvrdO281LsrYSdSQJKKM41sZY
Source: global traffic	HTTP traffic detected: GET /sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgRRtTk0GNv7-bAGIjDiFp97vxk7IW7qwjFYYBhxwkHmojLuIhALKDnO0DQ2z_YXRZ4ybx5vwHqH-UJyuSIyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-04-16-13; NID=513=ggn58Oi5KKSghXHMWIYnjVKSl7PEG1cKs3hmIzSRQ1Tn7Ea15F50Zfg1_H_HHMd7_w5NryrE4_eTvXY49r5G-ejab8dhmje4SCAwDOesgz5bjWCTGZWonX8-SeCEBBb32Xu0tJ7bttTzafiejNdUEbMwb3nwPE4IF65UK62RK3A
Source: global traffic	HTTP traffic detected: GET /sorry/index?continue=https://www.google.com/async/ddljson%3Fasync%3Dntp:2&q=EgRRtTk0GNv7-bAGIjAB5ca-1h2npjbKyRJrY0x7oVX9EvE_hx3CS29R-qtGI7R0K5dKFNaff9s5a-f5vCUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-04-16-13; NID=513=KR6K9V6ZtjZf1vKqUgOCyawpR6eIS5pHtrHBKK9hd2Rn181bbOmhSJTXvOXsy0He6WiQB6xc2uxrxNpsVJc7iR0T1Sq2l-jZJtKYV9vxzkzWvlEx8rLgeFKLa2eT8r9bC8N6WSS2AirqkYi_QNeD-iS3ZnAW1KNqcfFonpYaKoQ
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiSocsBCIWgzQEI3L3NAQjpxc0BCJHKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-04-16-13; NID=513=KR6K9V6ZtjZf1vKqUgOCyawpR6eIS5pHtrHBKK9hd2Rn181bbOmhSJTXvOXsy0He6WiQB6xc2uxrxNpsVJc7iR0T1Sq2l-jZJtKYV9vxzkzWvlEx8rLgeFKLa2eT8r9bC8N6WSS2AirqkYi_QNeD-iS3ZnAW1KNqcfFonpYaKoQ
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=7&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiSocsBCIWgzQEI3L3NAQjpxc0BCJHKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-04-16-13; NID=513=KR6K9V6ZtjZf1vKqUgOCyawpR6eIS5pHtrHBKK9hd2Rn181bbOmhSJTXvOXsy0He6WiQB6xc2uxrxNpsVJc7iR0T1Sq2l-jZJtKYV9vxzkzWvlEx8rLgeFKLa2eT8r9bC8N6WSS2AirqkYi_QNeD-iS3ZnAW1KNqcfFonpYaKoQ

Source: unknown

DNS traffic detected: queries for: global.americanexpress.com

Source: chromecache_282.1.dr, chromecache_157.1.dr, chromecache_222.1.dr	String found in binary or memory: http://feross.org
Source: chromecache_247.1.dr, chromecache_223.1.dr	String found in binary or memory: http://jedwatson.github.io/classnames
Source: chromecache_245.1.dr	String found in binary or memory: http://underscorejs.org/LICENSE
Source: chromecache_237.1.dr, chromecache_248.1.dr	String found in binary or memory: https://americanexpress.com/en-us/banking/business/checking/accounts/
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/98caf8fccc463fd7e47088b35e73b27720bb5cc1/satelliteLib-4454a9ef97c1c8cd89
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/98caf8fccc463fd7e47088b35e73b27720bb5cc1/satelliteLib-bea3c9697c62409967
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/98caf8fccc463fd7e47088b35e73b27720bb5cc1/satelliteLib-c5299abd23ef05bd6d
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/98caf8fccc463fd7e47088b35e73b27720bb5cc1/satelliteLib-f424e4c1e880782914
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/dcb19cbd6cbf/333b39a46679/launch-df6a13efe609-staging.min.js
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/dcb19cbd6cbf/61650f53735f/launch-77374eae9c9b-staging.min.js
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/dcb19cbd6cbf/66bfa1f1c370/launch-a84bcfcd9f88-staging.min.js
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/dcb19cbd6cbf/6ea2f89ca33d/launch-25c1ded7854b-staging.min.js
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/dcb19cbd6cbf/6ea2f89ca33d/launch-ffeccfbfebd3.min.js
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/dcb19cbd6cbf/8e98299b4e37/launch-186af9da7404-staging.min.js
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/dcb19cbd6cbf/8e98299b4e37/launch-f60a62d583bd.min.js
Source: chromecache_230.1.dr	String found in binary or memory: https://assets.adobedtm.com/dcb19cbd6cbf/8fe231718838/launch-5a77dcd96b5f-staging.min.js
Source: chromecache_230.1.dr	String found in binary or memory: https://cdaas-dev.americanexpress.com/cdaas/api/axpi/omniture/launch/1.4.9/launch-688f678fbf27-stagi
Source: chromecache_163.1.dr	String found in binary or memory: https://cdaas-dev.americanexpress.com/one/axp-script-supplier/5.1.5/script-supplier.js
Source: chromecache_282.1.dr, chromecache_157.1.dr, chromecache_222.1.dr	String found in binary or memory: https://feross.org/opensource
Source: chromecache_240.1.dr	String found in binary or memory: https://github.com/facebook/regenerator/blob/main/LICENSE
Source: chromecache_244.1.dr, chromecache_284.1.dr, chromecache_222.1.dr	String found in binary or memory: https://github.com/js-cookie/js-cookie
Source: chromecache_237.1.dr, chromecache_248.1.dr	String found in binary or memory: https://global.americanexpress.com/banking/dashboard
Source: chromecache_237.1.dr, chromecache_248.1.dr	String found in binary or memory: https://global.americanexpress.com/card-benefits/view-all?opaqueAccountId=
Source: chromecache_237.1.dr, chromecache_248.1.dr	String found in binary or memory: https://global.americanexpress.com/customer/profile
Source: chromecache_237.1.dr, chromecache_248.1.dr	String found in binary or memory: https://global.americanexpress.com/dashboard
Source: chromecache_237.1.dr, chromecache_248.1.dr	String found in binary or memory: https://global.americanexpress.com/overview
Source: chromecache_258.1.dr, chromecache_151.1.dr	String found in binary or memory: https://global.americanexpress.com/payments/pay
Source: chromecache_216.1.dr	String found in binary or memory: https://iwmapapi.americanexpress.com/beacon
Source: chromecache_245.1.dr	String found in binary or memory: https://lodash.com/
Source: chromecache_245.1.dr	String found in binary or memory: https://lodash.com/license
Source: chromecache_245.1.dr	String found in binary or memory: https://openjsf.org/
Source: chromecache_230.1.dr	String found in binary or memory: https://qwww.aexp-static.com/cdaas/api/axpi/omniture/adobe/launch/intranet/1.4.1/launch-80e343e58fb8
Source: chromecache_230.1.dr	String found in binary or memory: https://qwww.aexp-static.com/cdaas/api/axpi/omniture/launch/1.4.9/launch-688f678fbf27-staging.min.js
Source: chromecache_163.1.dr	String found in binary or memory: https://qwww.aexp-static.com/cdaas/one/axp-script-supplier/5.1.5/script-supplier.js
Source: chromecache_282.1.dr, chromecache_222.1.dr	String found in binary or memory: https://raw.githubusercontent.com/stefanpenner/es6-promise/master/LICENSE
Source: chromecache_240.1.dr	String found in binary or memory: https://ucmapi.americanexpress.com/api/consent/ext/record/
Source: chromecache_240.1.dr	String found in binary or memory: https://ucmapi.americanexpress.com/api/consent/management/
Source: chromecache_163.1.dr	String found in binary or memory: https://ucmapi.americanexpress.com/api/consent/management/report/error
Source: chromecache_240.1.dr	String found in binary or memory: https://ucmapi.americanexpress.com/api/v1/geo_location/check
Source: chromecache_230.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/api/axpi/omniture/adobe/launch/intranet/1.4.1/launch-355955701c68.
Source: chromecache_275.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.4.9/dcb19cbd6cbf/b4385da1798a/74e098123
Source: chromecache_230.1.dr, chromecache_287.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/api/axpi/omniture/launch/1.4.9/launch-b363d6c28b7c.min.js
Source: chromecache_269.1.dr, chromecache_221.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/dxt-vendor-shared-scripts/adobe-wrapper/1.6.6/adobe-wrapper.js
Source: chromecache_191.1.dr, chromecache_140.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/one/axp-chat-bootstrap/1.5.1/chatTaggingBootStrap.js
Source: chromecache_196.1.dr, chromecache_289.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/one/axp-chat-router/1.1.5/chatWrapper.js
Source: chromecache_163.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/one/axp-script-supplier/5.1.5/script-supplier.js
Source: chromecache_252.1.dr, chromecache_156.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/one/dxt-script-supplier-helper/1.2.0/dxt-script-supplier-helper.js
Source: chromecache_152.1.dr, chromecache_232.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/one/one-stream-data-handler/0.1.2/oneStream.js
Source: chromecache_290.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/one/qualtrics/1.71.0/
Source: chromecache_243.1.dr, chromecache_285.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/one/qualtrics/1.71.0/qualtricsIntercept.js
Source: chromecache_153.1.dr, chromecache_169.1.dr	String found in binary or memory: https://www.aexp-static.com/cdaas/user-consent-management/ucm/v1.13.0/UCM.js
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/be/fr/legal/politique-cookie.html?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/be/nl/legal/cookiebeleid.html?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/content/dam/amex/us/company/Privacy/California_Privacy_Notice.pdf
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/cz-cz/spolecnost/pravni/centrum-ochrany-osobnich-udaju/o-souborech-c
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/da-dk/selskab/legal/privatlivspolitik/angaende-cookies?showoverlay=f
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/de-at/firma/legal/datenschutz-center/cookie-informationen?showoverla
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/en-ca/company/legal/privacy-centre/about-cookies/?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/en-ca/company/legal/privacy-centre/privacy-statement/?showoverlay=fa
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/en-cz/company/legal/privacy-centre/about-cookies/?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/en-hu/company/legal/privacy-centre/about-cookies/?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/en-pl/company/legal/privacy-centre/about-cookies/?showoverlay=false
Source: chromecache_237.1.dr, chromecache_248.1.dr	String found in binary or memory: https://www.americanexpress.com/en-us/banking/personal/savings/dashboard
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/es/legal/informacion-sobre-los-cookies.html?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/fi/legal/yksityisyys/cookies/index.html?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/fr-ca/societes/legale/centre-de-confidentialite/a-propos-des-cookies
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/fr-ca/societes/legale/centre-de-confidentialite/declaration-de-confi
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/fr/legal/about-cookies.html?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/germany/legal/about_cookies.shtml?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/hu-hu/ceg/jogi/adatvedelem/a-sutikrol/index.html?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/icc/cookies.html?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/italy/legal/about_cookies.shtml?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/nl/about-cookies.html?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/no/legal/personvern/cookies/index.html?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/pl-pl/firma/prawny/centrum-prywatnosci/o-ciasteczkach/?showoverlay=f
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/se/legal/sekretess/cookies/index.html?showoverlay=false
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/uk/legal/about-cookies.shtml?showoverlay=false
Source: chromecache_258.1.dr, chromecache_151.1.dr	String found in binary or memory: https://www.americanexpress.com/us/credit-cards/
Source: chromecache_258.1.dr, chromecache_151.1.dr	String found in binary or memory: https://www.americanexpress.com/us/merchant/merchant-home.html
Source: chromecache_240.1.dr	String found in binary or memory: https://www.americanexpress.com/us/privacy-center/
Source: chromecache_258.1.dr, chromecache_151.1.dr	String found in binary or memory: https://www.americanexpress.com/us/small-business/
Source: chromecache_141.1.dr, chromecache_233.1.dr	String found in binary or memory: https://www.dynatrace.com/company/trust-center/customers/reports/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49697
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49693
Source: unknown	Network traffic detected: HTTP traffic on port 49679 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49693 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900

Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.18:49693 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.18:49697 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.18:49698 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.18:49705 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@15/230@52/11

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://global.americanexpress.com/help?inav=iNUtlContact&extlink=us-em-serv-footer-helpcenter
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1776 --field-trial-handle=1948,i,17101978054004084476,12410038309744272020,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1776 --field-trial-handle=1948,i,17101978054004084476,12410038309744272020,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

ID:	1426758
Product:	CloudBasic
Start time:	15:29:46
Start date:	16.04.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://global.americanexpress.com/help?inav=iNUtlContact&extlink=us-em-serv-footer-helpcenter

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://global.americanexpress.com/help?inav=iNUtlContact&extlink=us-em-serv-footer-helpcenter

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://global.americanexpress.com/help?inav=iNUtlContact&extlink=us-em-serv-footer-helpcenter