Windows Analysis Report
http://decktop.us/gORiyf

Overview

General Information

Sample URL:	http://decktop.us/gORiyf
Analysis ID:	1431449
Infos:

Detection

HTMLPhisher

Score:	60
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Yara detected HtmlPhish44

HTML page contains suspicious base64 encoded javascript

HTML page contains hidden URLs or javascript code

Classification

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://decktop.us/gORiyf

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Phishing

Yara detected HtmlPhish44

Source: Yara match

File source: dropped/chromecache_96, type: DROPPED

HTML page contains suspicious base64 encoded javascript

Source: https://bgqak.ciatice.com/i3Ht5RuB/	HTTP Parser: Base64 decoded: <script>
Source: https://bgqak.ciatice.com/i3Ht5RuB/	HTTP Parser: Base64 decoded: <script>
Source: https://bgqak.ciatice.com/i3Ht5RuB/	HTTP Parser: Base64 decoded: <script>

HTML page contains hidden URLs or javascript code

Source: https://bgqak.ciatice.com/i3Ht5RuB/

HTTP Parser: Base64 decoded: <!DOCTYPE html><html lang="en"><head> <script src="https://code.jquery.com/jquery-3.6.0.min.js"></script> <script src="https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit"></script> <meta http-equiv="X-UA-Compatible" c...

Source: https://td.doubleclick.net/td/rul/10970373263?random=1714017149343&cv=11&fst=1714017149343&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v893181767z8830215601za201&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&hn=www.googleadservices.com&frm=0&tiba=Decktopus%20%7C%20Create%20Better%20Presentations%20%7C%20AI%20Presentation%20Assistant&npa=0&pscdl=noapi&auid=1046904707.1714017147&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1	HTTP Parser: No favicon
Source: https://bgqak.ciatice.com/i3Ht5RuB/	HTTP Parser: No favicon
Source: https://bgqak.ciatice.com/i3Ht5RuB/	HTTP Parser: No favicon
Source: https://bgqak.ciatice.com/i3Ht5RuB/	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/eds75/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/eds75/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tl9jh/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tl9jh/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6jl94/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6jl94/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.4:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.4:49754 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /share/gORiyf HTTP/1.1Host: app.decktopus.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/css/main.c90d0be1.css HTTP/1.1Host: app.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://app.decktopus.com/share/gORiyfAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /env.js HTTP/1.1Host: app.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/share/gORiyfAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/js/main.3cf0d5c7.js HTTP/1.1Host: app.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/share/gORiyfAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/public/decks/gORiyf HTTP/1.1Host: apiv21.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://app.decktopus.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /static/media/Sailec-Medium.d5050408323b1d11f631.woff2 HTTP/1.1Host: app.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.decktopus.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.decktopus.com/static/css/main.c90d0be1.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D
Source: global traffic	HTTP traffic detected: GET /api/public/decks/3885546/slides/16344280/data/2273489 HTTP/1.1Host: apiv21.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://app.decktopus.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /nr.js HTTP/1.1Host: app.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/share/gORiyfAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D
Source: global traffic	HTTP traffic detected: GET /static/media/watermark.b49f9fb0a26da9372a32352cbddc8bfd.svg HTTP/1.1Host: app.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.decktopus.com/share/gORiyf/1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D
Source: global traffic	HTTP traffic detected: GET /static/recorder.js?v=1.125.0 HTTP/1.1Host: us-assets.i.posthog.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /39888134.js HTTP/1.1Host: js.hs-scripts.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/public/decks/gORiyf HTTP/1.1Host: apiv21.decktopus.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D
Source: global traffic	HTTP traffic detected: GET /eval/65dc8b71b13dd50fd060d125/eyJraW5kIjoidXNlciIsImtleSI6IlVTRVJfQU5OTVlTIiwibmFtZSI6IlVzZXIgQW5vbnltb3VzIiwiZW1haWwiOiJ1c2VyX2Fubm15c0BkZWNrdG9wdXMuY29tIn0 HTTP/1.1Host: clientstream.launchdarkly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: text/event-streamCache-Control: no-cachesec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://app.decktopus.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rw.js HTTP/1.1Host: affiliate.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D
Source: global traffic	HTTP traffic detected: GET /e/?ip=1&_=1714017144672&ver=1.125.0&compression=base64 HTTP/1.1Host: us.i.posthog.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /decide/?v=3&ip=1&_=1714017144582&ver=1.125.0&compression=base64 HTTP/1.1Host: us.i.posthog.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/public/decks/3885546/visit HTTP/1.1Host: apiv21.decktopus.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D
Source: global traffic	HTTP traffic detected: GET /users/2363735/cdf600e1-7f65-4067-9b01-73712f5e6ad4.png?Expires=1714103548&Key-Pair-Id=K295BWQCL741S6&Signature=PWpYThYjrl~GnamQ-eyzk-Jl8Tllq4D3axvx4upscpSm0zeGTpjtdbjsDkmvD84Bi873THbxmtqYvU9xHOjWIUqhT1gB5lI7~jwX7nixtTwmQIpksGPA9gVleOfDLtgsUBpVIqgkSHB0DvlfnO4AkSRnbQ~p6lgD8TwI1dBvYvSYqM-80ly6rFVc8Q0z51dsTxqjZqiMIZML6j5b5ahNNP7-D6-2b~oyi772kRZIReft8fV4eRXwagpEjKZOlDDxIFHu43nXTteVqZ79bKjG0Z-gO83aFsICsBfxXvc52FmfGjC7JpG4kS3yMFq9jtekRqhlNjNK4uRudB-sxKQ5GA__ HTTP/1.1Host: cfv21.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D
Source: global traffic	HTTP traffic detected: GET /v2/39888134/banner.js HTTP/1.1Host: js.hs-banner.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /conversations-embed.js HTTP/1.1Host: js.usemessages.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /feedbackweb-new.js HTTP/1.1Host: js.hubspotfeedback.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.decktopus.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /collectedforms.js HTTP/1.1Host: js.hscollectedforms.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.decktopus.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /analytics/1714017000000/39888134.js HTTP/1.1Host: js.hs-analytics.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/public/decks/3885546/slides/16344280/data/2273489 HTTP/1.1Host: apiv21.decktopus.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D; _gcl_au=1.1.1046904707.1714017147
Source: global traffic	HTTP traffic detected: GET /collected-forms/v1/config/json?portalId=39888134&utk= HTTP/1.1Host: forms.hscollectedforms.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://app.decktopus.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/public/decks/3885546/visit HTTP/1.1Host: apiv21.decktopus.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D; _gcl_au=1.1.1046904707.1714017147
Source: global traffic	HTTP traffic detected: GET /static/media/watermark.b49f9fb0a26da9372a32352cbddc8bfd.svg HTTP/1.1Host: app.decktopus.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D; _gcl_au=1.1.1046904707.1714017147
Source: global traffic	HTTP traffic detected: GET /td/ga/rul?tid=G-RDRSM8WPZJ&gacid=460078857.1714017148&gtm=45je44o0v893194734z8830215601za200&dma=0&gcd=13l3l3l3l1&npa=0&pscdl=noapi&aip=1&fledge=1&z=1827080068 HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /users/2363735/cdf600e1-7f65-4067-9b01-73712f5e6ad4.png?Expires=1714103548&Key-Pair-Id=K295BWQCL741S6&Signature=PWpYThYjrl~GnamQ-eyzk-Jl8Tllq4D3axvx4upscpSm0zeGTpjtdbjsDkmvD84Bi873THbxmtqYvU9xHOjWIUqhT1gB5lI7~jwX7nixtTwmQIpksGPA9gVleOfDLtgsUBpVIqgkSHB0DvlfnO4AkSRnbQ~p6lgD8TwI1dBvYvSYqM-80ly6rFVc8Q0z51dsTxqjZqiMIZML6j5b5ahNNP7-D6-2b~oyi772kRZIReft8fV4eRXwagpEjKZOlDDxIFHu43nXTteVqZ79bKjG0Z-gO83aFsICsBfxXvc52FmfGjC7JpG4kS3yMFq9jtekRqhlNjNK4uRudB-sxKQ5GA__ HTTP/1.1Host: cfv21.decktopus.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D; _gcl_au=1.1.1046904707.1714017147; _ga=GA1.1.460078857.1714017148; _ga_RDRSM8WPZJ=GS1.1.1714017147.1.0.1714017148.59.0.0
Source: global traffic	HTTP traffic detected: GET /livechat-public/v1/message/public?portalId=39888134&conversations-embed=static-1.16153&mobile=false&messagesUtk=2c6e3debbd374847afd7a324cc0a8c06&traceId=2c6e3debbd374847afd7a324cc0a8c06 HTTP/1.1Host: api.hubspot.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0X-HubSpot-Messages-Uri: https://app.decktopus.com/share/gORiyf/1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://app.decktopus.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/public/decks/3885546/visit HTTP/1.1Host: apiv21.decktopus.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D; _gcl_au=1.1.1046904707.1714017147; _ga=GA1.1.460078857.1714017148; _ga_RDRSM8WPZJ=GS1.1.1714017147.1.0.1714017148.59.0.0
Source: global traffic	HTTP traffic detected: GET /collected-forms/v1/config/json?portalId=39888134&utk= HTTP/1.1Host: forms.hscollectedforms.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /manifest.json HTTP/1.1Host: app.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://app.decktopus.com/share/gORiyf/1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /livechat-public/v1/message/public?portalId=39888134&conversations-embed=static-1.16153&mobile=false&messagesUtk=2c6e3debbd374847afd7a324cc0a8c06&traceId=2c6e3debbd374847afd7a324cc0a8c06 HTTP/1.1Host: api.hubspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/10970373263?random=1714017149343&cv=11&fst=1714017149343&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v893181767z8830215601za201&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&hn=www.googleadservices.com&frm=0&tiba=Decktopus%20%7C%20Create%20Better%20Presentations%20%7C%20AI%20Presentation%20Assistant&npa=0&pscdl=noapi&auid=1046904707.1714017147&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1 HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/10970373263/?random=1714017149343&cv=11&fst=1714017149343&bg=ffffff&guid=ON&async=1&gtm=45be44o0v893181767z8830215601za201&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&hn=www.googleadservices.com&frm=0&tiba=Decktopus%20%7C%20Create%20Better%20Presentations%20%7C%20AI%20Presentation%20Assistant&npa=0&pscdl=noapi&auid=1046904707.1714017147&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/10970373263/?random=1714017149343&cv=11&fst=1714014000000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v893181767z8830215601za201&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&hn=www.googleadservices.com&frm=0&tiba=Decktopus%20%7C%20Create%20Better%20Presentations%20%7C%20AI%20Presentation%20Assistant&npa=0&pscdl=noapi&auid=1046904707.1714017147&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqwaH6pzOFv3ie7PF3m3h_BW9J80LYdtbeBJRAyjPhCzcvGXn_&random=4099846240&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/10970373263/?random=1714017149343&cv=11&fst=1714014000000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v893181767z8830215601za201&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&hn=www.googleadservices.com&frm=0&tiba=Decktopus%20%7C%20Create%20Better%20Presentations%20%7C%20AI%20Presentation%20Assistant&npa=0&pscdl=noapi&auid=1046904707.1714017147&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqwaH6pzOFv3ie7PF3m3h_BW9J80LYdtbeBJRAyjPhCzcvGXn_&random=4099846240&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1976953477&v=1.1&a=39888134&pu=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&t=Decktopus+%7C+Create+Better+Presentations+%7C+AI+Presentation+Assistant&cts=1714017150738&vi=fa465bb3f17deeb8f39eca49244ed014&nc=true&u=51700406.fa465bb3f17deeb8f39eca49244ed014.1714017150730.1714017150730.1714017150730.1&b=51700406.1.1714017150730&cc=15 HTTP/1.1Host: track.hubspot.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=M4bXQ_tp4HTJ_823oFIp3mjxiLQIwhQKYAgHk7lpcpU-1714017150-1.0.1.1-D.loorurWQkFrplgZ_PQkuQb.guRNISnePU5FO_AExahkXj1ZGq0nT5OxQia9b9degRQu253OVzTsRNFJ22wpw; _cfuvid=1ZOzQ08cxiz3nJm_WZUwwGKOuwne4wjFo054HPRXwnM-1714017150904-0.0.1.1-604800000
Source: global traffic	HTTP traffic detected: GET /nr-spa-1.250.0.min.js HTTP/1.1Host: js-agent.newrelic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.decktopus.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /feedback-web-fetcher HTTP/1.1Host: app.hubspot.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=M4bXQ_tp4HTJ_823oFIp3mjxiLQIwhQKYAgHk7lpcpU-1714017150-1.0.1.1-D.loorurWQkFrplgZ_PQkuQb.guRNISnePU5FO_AExahkXj1ZGq0nT5OxQia9b9degRQu253OVzTsRNFJ22wpw; _cfuvid=1ZOzQ08cxiz3nJm_WZUwwGKOuwne4wjFo054HPRXwnM-1714017150904-0.0.1.1-604800000
Source: global traffic	HTTP traffic detected: GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1976953477&v=1.1&a=39888134&pu=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&t=Decktopus+%7C+Create+Better+Presentations+%7C+AI+Presentation+Assistant&cts=1714017150738&vi=fa465bb3f17deeb8f39eca49244ed014&nc=true&u=51700406.fa465bb3f17deeb8f39eca49244ed014.1714017150730.1714017150730.1714017150730.1&b=51700406.1.1714017150730&cc=15 HTTP/1.1Host: track.hubspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=M4bXQ_tp4HTJ_823oFIp3mjxiLQIwhQKYAgHk7lpcpU-1714017150-1.0.1.1-D.loorurWQkFrplgZ_PQkuQb.guRNISnePU5FO_AExahkXj1ZGq0nT5OxQia9b9degRQu253OVzTsRNFJ22wpw; _cfuvid=1ZOzQ08cxiz3nJm_WZUwwGKOuwne4wjFo054HPRXwnM-1714017150904-0.0.1.1-604800000
Source: global traffic	HTTP traffic detected: GET /feedback-web-renderer-ui/static-1.19005/bundles/fetcher.js HTTP/1.1Host: static.hsappstatic.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hubspot.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.hubspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: app.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.decktopus.com/share/gORiyf/1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gcl_au=1.1.1046904707.1714017147; _ga=GA1.1.460078857.1714017148; _ga_RDRSM8WPZJ=GS1.1.1714017147.1.0.1714017148.59.0.0; __hstc=51700406.fa465bb3f17deeb8f39eca49244ed014.1714017150730.1714017150730.1714017150730.1; hubspotutk=fa465bb3f17deeb8f39eca49244ed014; __hssrc=1; __hssc=51700406.1.1714017150730; ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017153564%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D
Source: global traffic	HTTP traffic detected: GET /1/NRJS-43e56c8b880ca8453b7?a=1134428518&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=10547&ck=0&s=202cb01225f5cec1&ref=https://app.decktopus.com/share/gORiyf/1&hr=0&af=err,xhr,stn,ins,spa&be=1260&fe=8431&dc=2235&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1714017141066,%22n%22:0,%22f%22:417,%22dn%22:419,%22dne%22:533,%22c%22:533,%22s%22:533,%22ce%22:765,%22rq%22:765,%22rp%22:1261,%22rpe%22:1262,%22di%22:1883,%22ds%22:3492,%22de%22:3495,%22dc%22:9654,%22l%22:9654,%22le%22:9691%7D,%22navigation%22:%7B%7D%7D&fp=4737&fcp=4737 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/?ip=1&_=1714017153565&ver=1.125.0&compression=gzip-js HTTP/1.1Host: us.i.posthog.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resources/1/NRJS-43e56c8b880ca8453b7?a=1134428518&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=12833&ck=0&s=202cb01225f5cec1&ref=https://app.decktopus.com/share/gORiyf/1&st=1714017141066&hr=0&fts=1714017141066&n=26&fsh=1 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /events/1/NRJS-43e56c8b880ca8453b7?a=1134428518&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=12840&ck=0&s=202cb01225f5cec1&ref=https://app.decktopus.com/share/gORiyf/1&hr=0 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: app.decktopus.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gcl_au=1.1.1046904707.1714017147; _ga=GA1.1.460078857.1714017148; _ga_RDRSM8WPZJ=GS1.1.1714017147.1.0.1714017148.59.0.0; __hstc=51700406.fa465bb3f17deeb8f39eca49244ed014.1714017150730.1714017150730.1714017150730.1; hubspotutk=fa465bb3f17deeb8f39eca49244ed014; __hssrc=1; __hssc=51700406.1.1714017150730; ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017154103%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D
Source: global traffic	HTTP traffic detected: GET /feedback/public/v1/web-config?portalId=39888134&utk=fa465bb3f17deeb8f39eca49244ed014&bundleVersion=1.19005&currentUrl=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&pageUrl=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1 HTTP/1.1Host: feedback.hubapi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-HS-Referer: https://app.decktopus.com/share/gORiyf/1sec-ch-ua-platform: "Windows"Accept: /Origin: https://app.hubspot.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.hubspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /feedback/public/v1/web-config?portalId=39888134&utk=fa465bb3f17deeb8f39eca49244ed014&bundleVersion=1.19005&currentUrl=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&pageUrl=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1 HTTP/1.1Host: feedback.hubapi.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i3Ht5RuB/ HTTP/1.1Host: bgqak.ciatice.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bgqak.ciatice.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bgqak.ciatice.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/471dc2adc340/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bgqak.ciatice.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/eds75/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://bgqak.ciatice.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/?ip=1&_=1714017157463&ver=1.125.0&compression=gzip-js HTTP/1.1Host: us.i.posthog.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879b61b54f49ad71 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/eds75/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/eds75/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: bgqak.ciatice.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bgqak.ciatice.com/i3Ht5RuB/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYxaGpVZUk1eStoeENTWTVFQTBXZVE9PSIsInZhbHVlIjoib2dQUW1JSEFzeHNUbzFsb3FtN01KeTlHdnZDRDd3QlVkeUxPRlFDWGdOVHN3YzVPWGtibklHYUdTWW1SYkFmdlUwNWJxUWFnRzNTR1R4eUIvVWdodTFKZTNYdDZwSitXYngvdU4vdzRHQnJsUW5haFRsR1ZreFl0VWdHbnhzYkciLCJtYWMiOiI4ZDM1MTBiODZmNmJkOTIzZTcyMzZjMjY3ZWNlOTIyMDZiZTUxZThlNjU2ZTkxYzM0NTliOTEyZDEyNTk3ZWFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZiK1VDMWtLM1lLYWI1QUUvbDFlVlE9PSIsInZhbHVlIjoid29KNng0bnRSSFNKbExDTVJQZ0JNZDFzc3o1K3JCZ2ZxWk1JcTVSQzBSM05TRStmczV1bkxWY3ZXc1NZNzZ2YVVjWGJFVmtQVlYzNGc4RnBYbWZSNjhDQmFIL2V3eFpmVWJSN2F0b0pxU1gwRHdkbm1JSFlzSkFaa3NzTi9sK1giLCJtYWMiOiI4NWIzZjU2MjA5NjBlMTBmNTVmOGMzOWZjYTU2YjczZjZmOTNlZGNiOGFiYjYyOTU2NzkzYmJkNTE5ZGY4MjhmIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1677002190:1714015744:NTToJbtJ0X8CCsA-a5E9lbT-2hWkxViLfQA7XMNF_JM/879b61b54f49ad71/8c1082b5020ed45 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879b61b54f49ad71/1714017162245/k8WraW2E42mlx2t HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/eds75/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879b61b54f49ad71/1714017162245/k8WraW2E42mlx2t HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/879b61b54f49ad71/1714017162247/ddea79bec3e2b9031efa5dd8758735f9c58744fef2204f94127320d04b10907d/GELtzUJwSlgGcjO HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/eds75/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/?ip=1&_=1714017162430&ver=1.125.0&compression=gzip-js HTTP/1.1Host: us.i.posthog.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1677002190:1714015744:NTToJbtJ0X8CCsA-a5E9lbT-2hWkxViLfQA7XMNF_JM/879b61b54f49ad71/8c1082b5020ed45 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i3Ht5RuB/ HTTP/1.1Host: bgqak.ciatice.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYxaGpVZUk1eStoeENTWTVFQTBXZVE9PSIsInZhbHVlIjoib2dQUW1JSEFzeHNUbzFsb3FtN01KeTlHdnZDRDd3QlVkeUxPRlFDWGdOVHN3YzVPWGtibklHYUdTWW1SYkFmdlUwNWJxUWFnRzNTR1R4eUIvVWdodTFKZTNYdDZwSitXYngvdU4vdzRHQnJsUW5haFRsR1ZreFl0VWdHbnhzYkciLCJtYWMiOiI4ZDM1MTBiODZmNmJkOTIzZTcyMzZjMjY3ZWNlOTIyMDZiZTUxZThlNjU2ZTkxYzM0NTliOTEyZDEyNTk3ZWFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZiK1VDMWtLM1lLYWI1QUUvbDFlVlE9PSIsInZhbHVlIjoid29KNng0bnRSSFNKbExDTVJQZ0JNZDFzc3o1K3JCZ2ZxWk1JcTVSQzBSM05TRStmczV1bkxWY3ZXc1NZNzZ2YVVjWGJFVmtQVlYzNGc4RnBYbWZSNjhDQmFIL2V3eFpmVWJSN2F0b0pxU1gwRHdkbm1JSFlzSkFaa3NzTi9sK1giLCJtYWMiOiI4NWIzZjU2MjA5NjBlMTBmNTVmOGMzOWZjYTU2YjczZjZmOTNlZGNiOGFiYjYyOTU2NzkzYmJkNTE5ZGY4MjhmIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tl9jh/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://bgqak.ciatice.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879b62024cf1455d HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tl9jh/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1753492581:1714015401:r7lJdHBShC6vXG_mVesy8pLxRXrBhOb7awKcKBR9CrM/879b62024cf1455d/67cbcf709383fc7 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/879b62024cf1455d/1714017174452/9021aaa1508526fe390cdccd05bbb8fc3348643f5166bf0aa3efe8bfbeaf098c/ACR4oOPV8ggl_Tg HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tl9jh/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879b62024cf1455d/1714017174452/Ipur5QhvtVLCcmA HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tl9jh/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879b62024cf1455d/1714017174452/Ipur5QhvtVLCcmA HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1753492581:1714015401:r7lJdHBShC6vXG_mVesy8pLxRXrBhOb7awKcKBR9CrM/879b62024cf1455d/67cbcf709383fc7 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i3Ht5RuB/ HTTP/1.1Host: bgqak.ciatice.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlB1cUFicDlZbzdQZUlkSXB6Wm5tblE9PSIsInZhbHVlIjoiV2dXeFVZUHJZK3ZBU0RsaEJMNXNLeWtzcWNmWFllVWdnLzF0YmgvSXVQejVlNjRGbkFxZExSODhkMWZsMG41aGkweU9HaWx2Q3RuVnhWbC9FWHdKOUNqRTRTNDRlTGwxSnFjVFlsUW9YSzR4NTByM0RVQlpkZGF0MUVLcldrMm0iLCJtYWMiOiI1ZjU1YWI0Mjc0ZjcxMTIxY2E3YjFjMzk4NTlmNzdlMzA2MDU2ZDcxOTkyMTNlMjhkMzFiOTMyY2ZkNGQ5ODEwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjIzOTVHMCtldXlwVldDNmRJREVWd2c9PSIsInZhbHVlIjoiaXlUZlpMazk3OU16TWNQNVROOTduZzBxRS8xYlpLRElwclVWZWhNVkUxbVpsSnR5M2djenFibHhCVkJvaWl2MENwYklQeWRaWjhsanZ0WXdWNXdmVnNGYVMyQUwvaTNPV09LNHp3c2toNXZpRi8vOENGREkzdmN0Q0VLRE5oUHMiLCJtYWMiOiIyYzFhMjU3ODExYmYxZmQyNGMxZTY1NzQ5YzI2Mjg0NGM3MTU2NTNiMmIxNzk1Mzk2M2YxODc1NDY0NjFkZWZkIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6jl94/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://bgqak.ciatice.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879b627a3d9853d3 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6jl94/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1811120096:1714015610:2WyXF2ElUs7nlUb96w5EO0APfkOX1pjT873Zp3siA5A/879b627a3d9853d3/5ed7a33bdf5a2d8 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/879b627a3d9853d3/1714017193913/18bf2f44da43e020a23b135adc151df113c04039083059c98a4365e4e667899c/A-Tv_jU3xYUHGis HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6jl94/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879b627a3d9853d3/1714017193916/jkdObPPHRk0TBGX HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6jl94/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879b627a3d9853d3/1714017193916/jkdObPPHRk0TBGX HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1811120096:1714015610:2WyXF2ElUs7nlUb96w5EO0APfkOX1pjT873Zp3siA5A/879b627a3d9853d3/5ed7a33bdf5a2d8 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /gORiyf HTTP/1.1Host: decktop.usConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: chromecache_140.2.dr	String found in binary or memory: Math.round(p);v["gtm.videoCurrentTime"]=Math.round(q);v["gtm.videoElapsedTime"]=Math.round(f);v["gtm.videoPercent"]=r;v["gtm.videoVisible"]=t;return v},Qj:function(){e=zb()},sd:function(){d()}}};var dc=ka(["data-gtm-yt-inspected-"]),AC=["www.youtube.com","www.youtube-nocookie.com"],BC,CC=!1; equals www.youtube.com (Youtube)
Source: chromecache_99.2.dr	String found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var h=iA(a,c,e);M(121);if("https://www.facebook.com/tr/"===h["gtm.elementUrl"])return M(122),!0;if(d&&f){for(var m=Jb(b,g.length),n=0;n<g.length;++n)g[n](h,m);return m.done}for(var p=0;p<g.length;++p)g[p](h,function(){});return!0},lA=function(){var a=[],b=function(c){return pb(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
Source: chromecache_140.2.dr	String found in binary or memory: e\|\|f\|\|g.length\|\|h.length))return;var n={Xg:d,Vg:e,Wg:f,Ih:g,Jh:h,ye:m,Ab:b},p=D.YT,q=function(){IC(n)};if(p)return p.ready&&p.ready(q),b;var r=D.onYouTubeIframeAPIReady;D.onYouTubeIframeAPIReady=function(){r&&r();q()};I(function(){for(var t=H.getElementsByTagName("script"),u=t.length,v=0;v<u;v++){var w=t[v].getAttribute("src");if(LC(w,"iframe_api")\|\|LC(w,"player_api"))return b}for(var x=H.getElementsByTagName("iframe"),y=x.length,A=0;A<y;A++)if(!CC&&JC(x[A],n.ye))return tc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: chromecache_137.2.dr, chromecache_130.2.dr	String found in binary or memory: function(h){return h.form===g})};return{store:function(g,h){var m=f(g);m?m.button=h:e.push({form:g,button:h})},get:function(g){var h=f(g);return h?h.button:null}}}function d(e,f,g,h,m){var n=Jz("fsl",g?"nv.mwt":"mwt",0),p;p=g?Jz("fsl","nv.ids",[]):Jz("fsl","ids",[]);if(!p.length)return!0;var q=Fz(e,"gtm.formSubmit",p),r=e.action;r&&r.tagName&&(r=e.cloneNode(!1).action);q["gtm.elementUrl"]=r;M(121);if("https://www.facebook.com/tr/"===r)return M(122),!0;m&&(q["gtm.formSubmitElement"]=m);if(h&&n){if(!vI(q, equals www.facebook.com (Facebook)
Source: chromecache_137.2.dr, chromecache_130.2.dr, chromecache_99.2.dr	String found in binary or memory: return b}yC.J="internal.enableAutoEventOnTimer";var dc=ka(["data-gtm-yt-inspected-"]),AC=["www.youtube.com","www.youtube-nocookie.com"],BC,CC=!1; equals www.youtube.com (Youtube)
Source: chromecache_99.2.dr	String found in binary or memory: var NB=function(a,b,c,d,e){var f=Jz("fsl",c?"nv.mwt":"mwt",0),g;g=c?Jz("fsl","nv.ids",[]):Jz("fsl","ids",[]);if(!g.length)return!0;var h=Fz(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);M(121);if("https://www.facebook.com/tr/"===m)return M(122),!0;h["gtm.elementUrl"]=m;h["gtm.formCanceled"]=c;null!=a.getAttribute("name")&&(h["gtm.interactedFormName"]=a.getAttribute("name"));e&&(h["gtm.formSubmitElement"]=e,h["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!uy(h,vy(b, equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: decktop.us
Source: global traffic	DNS traffic detected: DNS query: app.decktopus.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: us.i.posthog.com
Source: global traffic	DNS traffic detected: DNS query: app.launchdarkly.com
Source: global traffic	DNS traffic detected: DNS query: apiv21.decktopus.com
Source: global traffic	DNS traffic detected: DNS query: clientstream.launchdarkly.com
Source: global traffic	DNS traffic detected: DNS query: js.hs-scripts.com
Source: global traffic	DNS traffic detected: DNS query: affiliate.decktopus.com
Source: global traffic	DNS traffic detected: DNS query: us-assets.i.posthog.com
Source: global traffic	DNS traffic detected: DNS query: cfv21.decktopus.com
Source: global traffic	DNS traffic detected: DNS query: js.hscollectedforms.net
Source: global traffic	DNS traffic detected: DNS query: js.hs-banner.com
Source: global traffic	DNS traffic detected: DNS query: js.hs-analytics.net
Source: global traffic	DNS traffic detected: DNS query: js.hubspotfeedback.com
Source: global traffic	DNS traffic detected: DNS query: js.usemessages.com
Source: global traffic	DNS traffic detected: DNS query: api.hubspot.com
Source: global traffic	DNS traffic detected: DNS query: forms.hscollectedforms.net
Source: global traffic	DNS traffic detected: DNS query: td.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: analytics.google.com
Source: global traffic	DNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: events.launchdarkly.com
Source: global traffic	DNS traffic detected: DNS query: js-agent.newrelic.com
Source: global traffic	DNS traffic detected: DNS query: app.hubspot.com
Source: global traffic	DNS traffic detected: DNS query: track.hubspot.com
Source: global traffic	DNS traffic detected: DNS query: static.hsappstatic.net
Source: global traffic	DNS traffic detected: DNS query: bam.nr-data.net
Source: global traffic	DNS traffic detected: DNS query: feedback.hubapi.com
Source: global traffic	DNS traffic detected: DNS query: bgqak.ciatice.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com

Source: unknown

HTTP traffic detected: POST /decide/?v=3&ip=1&_=1714017144582&ver=1.125.0&compression=base64 HTTP/1.1Host: us.i.posthog.comConnection: keep-aliveContent-Length: 177sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: */*Origin: https://app.decktopus.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 25 Apr 2024 03:52:27 GMTContent-Type: application/json; charset=utf-8Content-Length: 93Connection: closeContent-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requestsCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Referrer-Policy: no-referrerStrict-Transport-Security: max-age=15552000; includeSubDomainsX-Content-Type-Options: nosniffX-DNS-Prefetch-Control: offX-Download-Options: noopenX-Frame-Options: SAMEORIGINX-Permitted-Cross-Domain-Policies: noneX-XSS-Protection: 0Access-Control-Allow-Origin: *ETag: W/"5d-ytbv1PkALXK01rHipeCccFs81MI"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 25 Apr 2024 03:52:29 GMTContent-Type: application/json; charset=utf-8Content-Length: 93Connection: closeContent-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requestsCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Referrer-Policy: no-referrerStrict-Transport-Security: max-age=15552000; includeSubDomainsX-Content-Type-Options: nosniffX-DNS-Prefetch-Control: offX-Download-Options: noopenX-Frame-Options: SAMEORIGINX-Permitted-Cross-Domain-Policies: noneX-XSS-Protection: 0Access-Control-Allow-Origin: *ETag: W/"5d-ytbv1PkALXK01rHipeCccFs81MI"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 25 Apr 2024 03:52:30 GMTContent-Type: application/json; charset=utf-8Content-Length: 93Connection: closeContent-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requestsCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Referrer-Policy: no-referrerStrict-Transport-Security: max-age=15552000; includeSubDomainsX-Content-Type-Options: nosniffX-DNS-Prefetch-Control: offX-Download-Options: noopenX-Frame-Options: SAMEORIGINX-Permitted-Cross-Domain-Policies: noneX-XSS-Protection: 0Access-Control-Allow-Origin: *ETag: W/"5d-ytbv1PkALXK01rHipeCccFs81MI"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 25 Apr 2024 03:52:41 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AuIdPnyCy1YPs4s3Bg1LjdiJYaPoSoosUIiIkPDQD62%2F5NRJrxVLcnnjiibv8SDK7yFQcr5EY8J2Pn50YIPUv9ELKwveOc9vReTrlZBuDkheGwzdl0z0WDURjaHVsg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-Encodingalt-svc: h3=":443"; ma=86400CF-Cache-Status: HITAge: 5410Server: cloudflareCF-RAY: 879b61bdd91944e3-ATL

Source: chromecache_107.2.dr	String found in binary or memory: http://hubs.ly/H0702_H0
Source: chromecache_134.2.dr, chromecache_88.2.dr	String found in binary or memory: http://www.hubspot.com
Source: chromecache_140.2.dr, chromecache_137.2.dr, chromecache_130.2.dr, chromecache_99.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_140.2.dr, chromecache_137.2.dr, chromecache_130.2.dr, chromecache_99.2.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_108.2.dr	String found in binary or memory: https://apiv21.decktopus.com/api/
Source: chromecache_90.2.dr, chromecache_83.2.dr	String found in binary or memory: https://bgqak.ciatice.com/i3Ht5RuB/
Source: chromecache_140.2.dr, chromecache_137.2.dr, chromecache_130.2.dr, chromecache_99.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_137.2.dr, chromecache_130.2.dr	String found in binary or memory: https://cdn.taboola.com/libtrc/unip/
Source: chromecache_90.2.dr	String found in binary or memory: https://cfv21.decktopus.com/users/2363735/cdf600e1-7f65-4067-9b01-73712f5e6ad4.png?Expires=171410354
Source: chromecache_83.2.dr	String found in binary or memory: https://cfv21.decktopus.com/users/2363735/cdf600e1-7f65-4067-9b01-73712f5e6ad4.png?Expires=171410355
Source: chromecache_137.2.dr, chromecache_130.2.dr	String found in binary or memory: https://connect.facebook.net/en_US/fbevents.js
Source: chromecache_147.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/chewy/v18/uK_94ruUb-k-wn52KjI.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1pL7SUc.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2JL7SUc.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2ZL7SUc.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2)
Source: chromecache_147.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2)
Source: chromecache_147.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-cSZMZ-Y.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-cyZMZ-Y.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-eCZMZ-Y.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf1jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf2jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf3jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf8jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7NWPf1jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7NWPf2jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7NWPf3jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7NWPf8jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff1jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff2jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff3jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff8jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZAf-LHrw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZBf-LHrw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZDf-LHrw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZKf-LHrw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZV8f6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZVcf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZVsf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZXMf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZV8f6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZVcf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZVsf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZXMf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZV8f6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZVcf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZXMf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofIMeaBXso.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofIO-aBXso.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofIOOaBXso.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofIOuaBXso.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/nunito/v26/XRXX3I6Li01BKofIMNaDRs4.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/nunito/v26/XRXX3I6Li01BKofIMNaHRs71cA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/nunito/v26/XRXX3I6Li01BKofIMNaMRs71cA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/nunito/v26/XRXX3I6Li01BKofIMNaNRs71cA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/nunito/v26/XRXX3I6Li01BKofIMNaORs71cA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqW106F15M.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWt06F15M.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtE6F15M.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtU6F15M.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtk6F15M.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWu06F15M.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuk6F15M.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWvU6F15M.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWxU6F15M.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSOmu1aB.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTPYgFE_.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTjYgFE_.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v37/nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v37/nuFkD-vYSZviVYUb_rj3ij__anPXDTnohkk72xU.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v37/nuFkD-vYSZviVYUb_rj3ij__anPXDTnojEk72xU.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v37/nuFkD-vYSZviVYUb_rj3ij__anPXDTnojUk72xU.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v29/1Ptsg8zYS_SKggPNyCg4Q4FqPfE.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v29/1Ptsg8zYS_SKggPNyCg4QIFqPfE.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v29/1Ptsg8zYS_SKggPNyCg4QoFqPfE.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v29/1Ptsg8zYS_SKggPNyCg4SYFqPfE.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v29/1Ptsg8zYS_SKggPNyCg4TYFq.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyCAIT5lu.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyCIIT5lu.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyCMIT5lu.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyCkIT5lu.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEz0dL_nz.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEz4dL_nz.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEz8dL_nz.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzMdL_nz.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzQdL_nz.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzwdL_nz.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc-CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc0CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc1CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc2CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc3CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc5CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc-CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc0CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc1CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc2CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc3CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc5CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc-CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc0CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc1CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc2CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc3CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc5CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic-CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic0CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic1CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic2CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic3CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic5CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxEIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxFIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxGIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxHIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxLIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxMIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xEIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xFIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xGIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xHIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xLIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCRc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBxc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCBc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCRc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfABc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBxc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfCBc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfCRc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfCxc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_99.2.dr	String found in binary or memory: https://google.com
Source: chromecache_99.2.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_134.2.dr	String found in binary or memory: https://js-na1.hs-scripts.com/39888134.js
Source: chromecache_107.2.dr	String found in binary or memory: https://js.hs-analytics.net/analytics/1714017000000/39888134.js
Source: chromecache_88.2.dr	String found in binary or memory: https://js.hs-banner.com/v2
Source: chromecache_107.2.dr	String found in binary or memory: https://js.hs-banner.com/v2/39888134/banner.js
Source: chromecache_107.2.dr	String found in binary or memory: https://js.hscollectedforms.net/collectedforms.js
Source: chromecache_107.2.dr	String found in binary or memory: https://js.hubspotfeedback.com/feedbackweb-new.js
Source: chromecache_107.2.dr	String found in binary or memory: https://js.usemessages.com/conversations-embed.js
Source: chromecache_99.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_118.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204/?id=turtlex_join_ig&tx_jig=$
Source: chromecache_140.2.dr, chromecache_137.2.dr, chromecache_130.2.dr, chromecache_99.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_85.2.dr	String found in binary or memory: https://quilljs.com/
Source: chromecache_137.2.dr, chromecache_130.2.dr	String found in binary or memory: https://snap.licdn.com/li.lms-analytics/insight.min.js
Source: chromecache_140.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_140.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_118.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_118.2.dr	String found in binary or memory: https://td.doubleclick.net/td/bjs
Source: chromecache_118.2.dr	String found in binary or memory: https://td.doubleclick.net/td/bts
Source: chromecache_118.2.dr	String found in binary or memory: https://td.doubleclick.net/td/buyer.wasm
Source: chromecache_118.2.dr	String found in binary or memory: https://td.doubleclick.net/td/update?ig_name=1j7336096761
Source: chromecache_118.2.dr	String found in binary or memory: https://td.doubleclick.net/td/update?ig_name=1j7348647275
Source: chromecache_118.2.dr	String found in binary or memory: https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=161030276560
Source: chromecache_137.2.dr, chromecache_130.2.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_99.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_126.2.dr	String found in binary or memory: https://www.google.com/pagead/1p-user-list/10970373263/?random
Source: chromecache_99.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_140.2.dr, chromecache_137.2.dr, chromecache_130.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_140.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_137.2.dr, chromecache_130.2.dr	String found in binary or memory: https://www.redditstatic.com/ads/pixel.js
Source: chromecache_140.2.dr	String found in binary or memory: https://www.youtube.com/iframe_api

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.4:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.4:49754 version: TLS 1.2

Source: classification engine

Classification label: mal60.phis.win@26/109@100/37

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1996,i,16913931398528617657,17088334043610471503,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://decktop.us/gORiyf"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1996,i,16913931398528617657,17088334043610471503,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
35.174.189.20	events.launchdarkly.com	United States	14618	AMAZON-AESUS	false
3.163.115.85	app.decktopus.com	United States	16509	AMAZON-02US	false
3.233.16.70	unknown	United States	14618	AMAZON-AESUS	false
104.17.3.184	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
104.16.118.116	track.hubspot.com	United States	13335	CLOUDFLARENETUS	false
104.16.78.142	js.usemessages.com	United States	13335	CLOUDFLARENETUS	false
104.16.107.254	forms.hscollectedforms.net	United States	13335	CLOUDFLARENETUS	false
108.138.64.28	unknown	United States	16509	AMAZON-02US	false
161.35.235.194	domains.rewardful.com	United States	14061	DIGITALOCEAN-ASNUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
104.18.244.108	feedback.hubapi.com	United States	13335	CLOUDFLARENETUS	false
162.247.243.39	js-agent.newrelic.com	United States	13335	CLOUDFLARENETUS	false
74.125.138.154	stats.g.doubleclick.net	United States	15169	GOOGLEUS	false
142.250.9.99	unknown	United States	15169	GOOGLEUS	false
44.216.113.21	decktop.us	United States	14618	AMAZON-AESUS	false
74.125.138.156	td.doubleclick.net	United States	15169	GOOGLEUS	false
142.251.15.105	unknown	United States	15169	GOOGLEUS	false
74.125.138.99	www.google.com	United States	15169	GOOGLEUS	false
108.156.152.22	cfv21.decktopus.com	United States	16509	AMAZON-02US	false
104.16.140.209	js.hs-scripts.com	United States	13335	CLOUDFLARENETUS	false
172.67.214.97	bgqak.ciatice.com	United States	13335	CLOUDFLARENETUS	false
104.18.34.229	js.hs-banner.com	United States	13335	CLOUDFLARENETUS	false
216.239.32.181	analytics-alv.google.com	United States	15169	GOOGLEUS	false
107.22.211.194	apiv21.decktopus.com	United States	14618	AMAZON-AESUS	false
104.18.64.124	js.hubspotfeedback.com	United States	13335	CLOUDFLARENETUS	false
172.67.40.50	us-assets.i.posthog.com	United States	13335	CLOUDFLARENETUS	false
3.163.115.113	unknown	United States	16509	AMAZON-02US	false
151.101.2.137	code.jquery.com	United States	54113	FASTLYUS	false
3.216.69.202	posthog-ingress-prod-us-256455477.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
142.251.15.154	googleads.g.doubleclick.net	United States	15169	GOOGLEUS	false
104.17.175.201	js.hs-analytics.net	United States	13335	CLOUDFLARENETUS	false
76.223.31.44	clientstream-ga.launchdarkly.com	United States	16509	AMAZON-02US	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
162.247.243.29	fastly-tls12-bam.nr-data.net	United States	13335	CLOUDFLARENETUS	false
104.17.175.91	static.hsappstatic.net	United States	13335	CLOUDFLARENETUS	false
104.16.117.116	unknown	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
decktop.us	44.216.113.21	true
fastly-tls12-bam.nr-data.net	162.247.243.29	true
apiv21.decktopus.com	107.22.211.194	true
us-assets.i.posthog.com	172.67.40.50	true
events.launchdarkly.com	35.174.189.20	true
js.hs-analytics.net	104.17.175.201	true
fp2e7a.wpc.phicdn.net	192.229.211.108	true
stats.g.doubleclick.net	74.125.138.154	true
track.hubspot.com	104.16.118.116	true
code.jquery.com	151.101.2.137	true
forms.hscollectedforms.net	104.16.107.254	true
js.hs-scripts.com	104.16.140.209	true
www.google.com	74.125.138.99	true
js.usemessages.com	104.16.78.142	true
js.hubspotfeedback.com	104.18.64.124	true
js.hs-banner.com	104.18.34.229	true
a.nel.cloudflare.com	35.190.80.1	true
static.hsappstatic.net	104.17.175.91	true
app.hubspot.com	104.16.118.116	true
feedback.hubapi.com	104.18.244.108	true
clientstream-ga.launchdarkly.com	76.223.31.44	true
js-agent.newrelic.com	162.247.243.39	true
domains.rewardful.com	161.35.235.194	true
app.decktopus.com	3.163.115.85	true
api.hubspot.com	104.16.118.116	true
analytics-alv.google.com	216.239.32.181	true
googleads.g.doubleclick.net	142.251.15.154	true
challenges.cloudflare.com	104.17.3.184	true
posthog-ingress-prod-us-256455477.us-east-1.elb.amazonaws.com	3.216.69.202	true
td.doubleclick.net	74.125.138.156	true
bgqak.ciatice.com	172.67.214.97	true
cfv21.decktopus.com	108.156.152.22	true
js.hscollectedforms.net	104.16.107.254	true
us.i.posthog.com	unknown	unknown
affiliate.decktopus.com	unknown	unknown
clientstream.launchdarkly.com	unknown	unknown
app.launchdarkly.com	unknown	unknown
bam.nr-data.net	unknown	unknown
analytics.google.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://us.i.posthog.com/s/?ip=1&_=1714017157463&ver=1.125.0&compression=gzip-js	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1677002190:1714015744:NTToJbtJ0X8CCsA-a5E9lbT-2hWkxViLfQA7XMNF_JM/879b61b54f49ad71/8c1082b5020ed45	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6jl94/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal	false		high
https://code.jquery.com/jquery-3.6.0.min.js	false		high
https://app.decktopus.com/static/js/main.3cf0d5c7.js	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879b61b54f49ad71/1714017162245/k8WraW2E42mlx2t	false		high
https://js.hs-scripts.com/39888134.js	false		high
https://a.nel.cloudflare.com/report/v4?s=mOP%2Fpw%2BNJ4kGOTp8cNqDF6jvQpo%2BXEOIjtlYEVtOZniDwRWNH0NJEgNFT1bxMKtKHidRtp%2B9%2BweM7fjlZGEWjwLbzWcSNxf9OzqtT6oEzO3EoffhmGUFIvzWxTjFkQ%3D%3D	false		high
https://us-assets.i.posthog.com/static/recorder.js?v=1.125.0	false	Avira URL Cloud: safe	unknown
https://js.usemessages.com/conversations-embed.js	false	URL Reputation: safe	unknown
https://apiv21.decktopus.com/api/public/decks/gORiyf	false	Avira URL Cloud: safe	unknown
https://app.decktopus.com/nr.js	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/eds75/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal	false		high
https://app.decktopus.com/manifest.json	false	Avira URL Cloud: safe	unknown
https://bam.nr-data.net/events/1/NRJS-43e56c8b880ca8453b7?a=1134428518&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=12840&ck=0&s=202cb01225f5cec1&ref=https://app.decktopus.com/share/gORiyf/1&hr=0	false	Avira URL Cloud: safe	unknown
https://events.launchdarkly.com/events/bulk/65dc8b71b13dd50fd060d125	false		high
about:blank	false	Avira URL Cloud: safe	low
https://td.doubleclick.net/td/ga/rul?tid=G-RDRSM8WPZJ&gacid=460078857.1714017148&gtm=45je44o0v893194734z8830215601za200&dma=0&gcd=13l3l3l3l1&npa=0&pscdl=noapi&aip=1&fledge=1&z=1827080068	false		high
https://affiliate.decktopus.com/rw.js	false	Avira URL Cloud: safe	unknown
https://track.hubspot.com/__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1976953477&v=1.1&a=39888134&pu=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&t=Decktopus+%7C+Create+Better+Presentations+%7C+AI+Presentation+Assistant&cts=1714017150738&vi=fa465bb3f17deeb8f39eca49244ed014&nc=true&u=51700406.fa465bb3f17deeb8f39eca49244ed014.1714017150730.1714017150730.1714017150730.1&b=51700406.1.1714017150730&cc=15	false		high
https://bgqak.ciatice.com/favicon.ico	false	Avira URL Cloud: safe	unknown
https://js-agent.newrelic.com/nr-spa-1.250.0.min.js	false		high
http://decktop.us/gORiyf	true		unknown
https://app.hubspot.com/feedback-web-fetcher	false		high
https://js.hs-banner.com/v2/39888134/banner.js	false	Avira URL Cloud: safe	unknown
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RDRSM8WPZJ&cid=460078857.1714017148&gtm=45je44o0v893194734z8830215601za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0	false		high
https://js.hscollectedforms.net/collectedforms.js	false	URL Reputation: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879b62024cf1455d/1714017174452/9021aaa1508526fe390cdccd05bbb8fc3348643f5166bf0aa3efe8bfbeaf098c/ACR4oOPV8ggl_Tg	false		high
https://api.hubspot.com/livechat-public/v1/message/public?portalId=39888134&conversations-embed=static-1.16153&mobile=false&messagesUtk=2c6e3debbd374847afd7a324cc0a8c06&traceId=2c6e3debbd374847afd7a324cc0a8c06	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tl9jh/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal	false		high
https://app.decktopus.com/env.js	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879b62024cf1455d	false		high
https://apiv21.decktopus.com/api/public/decks/3885546/slides/16344280/data/2273489	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D	false		high
https://js.hubspotfeedback.com/feedbackweb-new.js	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://feedback.hubapi.com/feedback/public/v1/web-config?portalId=39888134&utk=fa465bb3f17deeb8f39eca49244ed014&bundleVersion=1.19005&currentUrl=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&pageUrl=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1	false		high
https://app.decktopus.com/share/gORiyf	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879b62024cf1455d/1714017174452/Ipur5QhvtVLCcmA	false		high
https://analytics.google.com/g/collect?v=2&tid=G-RDRSM8WPZJ&gtm=45je44o0v893194734z8830215601za200&_p=1714017144657&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=460078857.1714017148&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_s=1&sid=1714017147&sct=1&seg=0&dl=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&dt=Decktopus%20%7C%20Create%20Better%20Presentations%20%7C%20AI%20Presentation%20Assistant&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=6934	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879b627a3d9853d3/1714017193916/jkdObPPHRk0TBGX	false		high
https://us.i.posthog.com/s/?ip=1&_=1714017162430&ver=1.125.0&compression=gzip-js	false	Avira URL Cloud: safe	unknown
https://js.hs-analytics.net/analytics/1714017000000/39888134.js	false	Avira URL Cloud: safe	unknown
https://us.i.posthog.com/e/?ip=1&_=1714017144672&ver=1.125.0&compression=base64	false	Avira URL Cloud: safe	unknown
https://apiv21.decktopus.com/api/public/decks/3885546/visit	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879b627a3d9853d3	false		high
https://analytics.google.com/g/collect?v=2&tid=G-RDRSM8WPZJ&gtm=45je44o0v893194734za200&_p=1714017144657&gcd=13l3l3l3l1&npa=0&dma=0&cid=460078857.1714017148&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=AEA&_s=2&sid=1714017147&sct=1&seg=0&dl=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&dt=Decktopus%20%7C%20Create%20Better%20Presentations%20%7C%20AI%20Presentation%20Assistant&en=scroll&epn.percent_scrolled=90&_et=101&tfd=12569	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879b61b54f49ad71/1714017162247/ddea79bec3e2b9031efa5dd8758735f9c58744fef2204f94127320d04b10907d/GELtzUJwSlgGcjO	false		high
https://a.nel.cloudflare.com/report/v4?s=e%2Biur1txtl9C0N153F2kV3iCC%2B93MpSuaEVSSFynb%2BHTjFp%2FicywjkNrb0byEaO%2FytOqcv2MQ8djJTYXgfP2J4lTfwrtLtBEAGG24BrSWF793kcwCRbecJ2cSJ6b35Brgw%3D%3D	false		high
https://us.i.posthog.com/s/?ip=1&_=1714017153565&ver=1.125.0&compression=gzip-js	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879b627a3d9853d3/1714017193913/18bf2f44da43e020a23b135adc151df113c04039083059c98a4365e4e667899c/A-Tv_jU3xYUHGis	false		high
https://a.nel.cloudflare.com/report/v4?s=1H2hLzj0G83fk2NotpqBhw6YlnLDN%2BTLBCLmn6GHvh0ukZVW7wl1EbxYDKK7Gvnn6d3VmdTSLf9W%2Fd0b3gGok8REYPtN045MyffW7lcKnzy4aaPG6Dec5ljS4jAxYEGbPe0IlDk%3D	false		high
https://bam.nr-data.net/resources/1/NRJS-43e56c8b880ca8453b7?a=1134428518&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=12833&ck=0&s=202cb01225f5cec1&ref=https://app.decktopus.com/share/gORiyf/1&st=1714017141066&hr=0&fts=1714017141066&n=26&fsh=1	false	Avira URL Cloud: safe	unknown
https://app.decktopus.com/static/css/main.c90d0be1.css	false	Avira URL Cloud: safe	unknown
https://clientstream.launchdarkly.com/eval/65dc8b71b13dd50fd060d125/eyJraW5kIjoidXNlciIsImtleSI6IlVTRVJfQU5OTVlTIiwibmFtZSI6IlVzZXIgQW5vbnltb3VzIiwiZW1haWwiOiJ1c2VyX2Fubm15c0BkZWNrdG9wdXMuY29tIn0	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1811120096:1714015610:2WyXF2ElUs7nlUb96w5EO0APfkOX1pjT873Zp3siA5A/879b627a3d9853d3/5ed7a33bdf5a2d8	false		high
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=39888134&utk=	false	Avira URL Cloud: safe	unknown
https://app.decktopus.com/share/gORiyf/1	false		unknown
https://us.i.posthog.com/decide/?v=3&ip=1&_=1714017144582&ver=1.125.0&compression=base64	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1753492581:1714015401:r7lJdHBShC6vXG_mVesy8pLxRXrBhOb7awKcKBR9CrM/879b62024cf1455d/67cbcf709383fc7	false		high
https://bam.nr-data.net/1/NRJS-43e56c8b880ca8453b7?a=1134428518&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=10547&ck=0&s=202cb01225f5cec1&ref=https://app.decktopus.com/share/gORiyf/1&hr=0&af=err,xhr,stn,ins,spa&be=1260&fe=8431&dc=2235&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1714017141066,%22n%22:0,%22f%22:417,%22dn%22:419,%22dne%22:533,%22c%22:533,%22s%22:533,%22ce%22:765,%22rq%22:765,%22rp%22:1261,%22rpe%22:1262,%22di%22:1883,%22ds%22:3492,%22de%22:3495,%22dc%22:9654,%22l%22:9654,%22le%22:9691%7D,%22navigation%22:%7B%7D%7D&fp=4737&fcp=4737	false	Avira URL Cloud: safe	unknown
https://app.decktopus.com/static/media/Sailec-Medium.d5050408323b1d11f631.woff2	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879b61b54f49ad71	false		high
https://static.hsappstatic.net/feedback-web-renderer-ui/static-1.19005/bundles/fetcher.js	false	Avira URL Cloud: safe	unknown
https://app.decktopus.com/favicon.ico	false	Avira URL Cloud: safe	unknown
https://events.launchdarkly.com/events/diagnostic/65dc8b71b13dd50fd060d125	false		high
https://bgqak.ciatice.com/i3Ht5RuB/	true		unknown
https://app.decktopus.com/static/media/watermark.b49f9fb0a26da9372a32352cbddc8bfd.svg	false	Avira URL Cloud: safe	unknown
https://a.nel.cloudflare.com/report/v4?s=Q0ovEYPOlR32KqP%2B9o9norXbBppDBfvK9L0MOK%2FdOQ%2BBt67XHnQxZB8fuD9bD%2BwWkq%2BeRSORJ%2B27QngAEnIEz%2FdDzGZ4tXorwfE1NCfaqS9OWsdocEv7JEOrWQu7ueLD9w%3D%3D	false		high

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 100	JSON data	82237324D78F728FBF142D3762CBE6D9	BCBE63AB8153323EF2675001FC90501ADB8F50E4	1F84E4F9371636AA551C5E1AE6292392B03C454848346B3C0BB753555279718D
Chrome Cache Entry: 101	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
Chrome Cache Entry: 102	ASCII text, with very long lines (65536), with no line terminators	1CA1EAF54688389A257F3F3B03F442C5	0025E89747783A34999D5720F9A37906844DFB85	F18A909EFABF1FF789F032CDD4A6D6D1DDE2C35BCEEEC68577327978B326600C
Chrome Cache Entry: 103	ASCII text, with very long lines (65460)	6E3B65F7F44FA4B3BF86D1F0187490CE	F4006909A11A6DA5A573AF47CB63283A249E80D3	8AAF0AF04BAF8EAA35B1AC46ED02D131A8D3C44896B92A45FA1555C70EBC94C9
Chrome Cache Entry: 104	PNG image data, 40 x 83, 8-bit/color RGB, non-interlaced	E4B09680257663E86EB13B44B2B64E52	EEEFBC173BCD0D695FC1F7773C4E89AA41FF1CE8	410723228373CE408F87F658B97B1D3AF35D0E2D14A888C3033C5ED4D5B64213
Chrome Cache Entry: 105	Web Open Font Format (Version 2), TrueType, length 19920, version 1.0	754C4DEF845E64948E4E2DB385078C00	49365281BE547C02A001FB7909CDFAD1BA518AFE	5FB894030E4ADE4D9F76EDE985BC96D468BCB923FCD4B908A5D8E38178819DC4
Chrome Cache Entry: 106	PNG image data, 31 x 74, 8-bit/color RGB, non-interlaced	0E15E35F5B441577D02FCEF9B66270E2	02270A65317BB38AE0151B627C16804970335274	C8360AFB9621BEC2A35D4AECCB0A509246F27D65B1552650EBD5570967F8E6B3
Chrome Cache Entry: 107	ASCII text, with very long lines (563)	EA0604C81D413B5942C95E537BDCF727	98372D3B4EA1F097D26EF1F369B5CE5EE341973A	85FD7CA2479EFE525AF5D7D850D466AB981BADA29ECFEBACC83D74BC8F467130
Chrome Cache Entry: 108	ASCII text	7ED618CBAB6320D2ECB6535568BB0061	9B97F9478EE411A426F2A3FA45D874D310F3AB3C	71F7497F5B93FA5A674EBED830A3FCDF9EC4DB66478D5118D5E154D139FC0652
Chrome Cache Entry: 109	Unicode text, UTF-8 text, with very long lines (15973)	DEAA0BF580743768B543AE82C7C29294	11C1646B5E266F9898D76D992B571EDD539C3968	8989380AD0699892FD12937521650FFF4D499394844792FBDE9F06ABAB370EEC
Chrome Cache Entry: 110	SVG Scalable Vector Graphics image	12A3102D6CA2735204CFCD44DEB0258F	510F4FB5B013FB94C32D21A768E3A29A6003C484	8343749A2DB88AC13B2137B39BBF79806CC4A72D12E4B0C3376FFB66F930A8E6
Chrome Cache Entry: 111	GIF image data, version 89a, 1 x 1	BC32ED98D624ACB4008F986349A20D26	2D3DF8C11D2168CE2C27E0937421D11D85016361	0C9CF152A0AD00D4F102C93C613C104914BE5517AC8F8E0831727F8BFBE8B300
Chrome Cache Entry: 112	ASCII text, with very long lines (65465)	B76349E11B15A1179C55B99899C378C6	741CEC904C40D1622F30DE12A369F46B2AB9C1AB	2496749921B85326840198B3D9602288387DD56D706E1E97BA83D6545F2EE6F1
Chrome Cache Entry: 113	MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel	F876FB771CD1CC7327915C2542713BC4	433F852C24CE5EE2928E61F3F2B3F64C947ADFDB	858F37B7DEC134CE29A167B7D41C057BD6E99493DE03CBF4FCA0B06771688D1E
Chrome Cache Entry: 114	Unicode text, UTF-8 text, with very long lines (65392), with no line terminators	020909A609CF986B4A8A88CFB577A8DB	B433B99760F44C8A494A5C13A07AA1A9933D0179	5C76DD89A767AFD512CE6C6370424F39A632EBB736C16AC37952FBFD97575448
Chrome Cache Entry: 115	JSON data	D68AF199886C0A6BD6BFCC818E59CF70	0B3036188BAE17E2E841FF0D1D12F31271E238F4	59672A9EA44C2B920DD901821AD367AF43BAEF9696B7FFDDF49A9BDE9796C82F
Chrome Cache Entry: 116	PNG image data, 1586 x 343, 8-bit/color RGBA, non-interlaced	A01FE9D8F3B326A0AF45349E610473F7	25E111CFE06A2A6FA947FFB45F797C36BBBEA3FC	0D6F74899A9ED0ED8A5E7FF8E2282A8254562C2582EAA2B0682DA88AB1F55DC3
Chrome Cache Entry: 117	PNG image data, 41 x 60, 8-bit/color RGB, non-interlaced	C5BAA41A61B0F8D31C427302ED365D48	948B5CE07536194989A101E8A4577C2D6BF0C09A	3AFA2EE96AB67128ED97E982A19192C408CC0F6F6777FB7DFF6A97C048CD28DE
Chrome Cache Entry: 118	HTML document, ASCII text, with very long lines (2862), with no line terminators	BDEBF2F328FB7AC09D094278C041F51F	596C54283B846C42B9DAA9EB34582DAEBF8AF350	AF2CE4795AE3F9467DC5A82A3318188294D98FD9CBC8C4F011A7842BAB80AFCA
Chrome Cache Entry: 119	HTML document, ASCII text, with very long lines (1316), with no line terminators	F659DFAE9A6CB0F8117781F702C7969F	49389343A3679A758F9797E52E87352EEE24627C	28AA51BC6D55C791D96034E22B869C65E028EC715AF18B171FE8F308C835659F
Chrome Cache Entry: 120	JSON data	E7B24D7F7004DADA927541BAC8E64F61	8E2C8FF8D31FF23578295B5DD16388EBC9B5E221	FC2B5905D112F0A2DD43A26F04B095C513C5EFEF460B5C19A5A6B81EDF5CB055
Chrome Cache Entry: 121	ASCII text, with very long lines (42414)	F94A2211CE789A95A7C67E8C660D63E8	F1FC19B6BCB96D0A905BF3192AAFF0885FF9F36F	926DC3302F99EC05E4206E965DDEB7250F5910A8C38E82C7BEAFB724BBAAF37B
Chrome Cache Entry: 122	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 123	ASCII text, with very long lines (65447)	8FB8FEE4FCC3CC86FF6C724154C49C42	B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4	FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
Chrome Cache Entry: 124	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
Chrome Cache Entry: 125	JSON data	0133A1F266F4740A5D50DE1410FC1CA5	64955AA4F31415A69929B984665530F3C8C65E1D	94C5140FFBCABF14891B919CB87810EF0B7307CFE424DFFE47D25FB5FD6A551C
Chrome Cache Entry: 126	ASCII text, with very long lines (2639), with no line terminators	856A716C2F3CF134A05083EBDEDE9B2F	01E09FE19802236DE85A7CF3D2CA4B86ED2D46A6	8B59B1FFEEE54EF48B5D098F94377E3E8C42B3578B6F61C210C650DFC6099230
Chrome Cache Entry: 127	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 128	JSON data	B54272991B3AF4FD16376F34CC548264	741AE3E9CCCD0BAA5EA620E503E07FBAEF3D29C1	E7A09A1EC958493B37E9208D184868B408E039E5DD304E4CA5B8337A1863B8B3
Chrome Cache Entry: 129	JSON data	0133A1F266F4740A5D50DE1410FC1CA5	64955AA4F31415A69929B984665530F3C8C65E1D	94C5140FFBCABF14891B919CB87810EF0B7307CFE424DFFE47D25FB5FD6A551C
Chrome Cache Entry: 130	ASCII text, with very long lines (31113)	53BBF7791DA996A7E87176DBEA28BF42	F0DA18588492A90F356DC61EACE6C237A9D8B7F4	0C2A3DDFA5CE6AADE7FCFAB664BA22461B4B60F4A8FA7CB5E1BCE2C243DE0A09
Chrome Cache Entry: 131	Web Open Font Format (Version 2), TrueType, length 20904, version 1.0	D459699D69AF3B24388D694EB4239795	5AEC299F605D69A73B63BBEDF9167393F3927085	73D2E6AAAE336FAB2355978D228DC8B5BB32046023488290EE0559FD67AAB113
Chrome Cache Entry: 132	PNG image data, 31 x 74, 8-bit/color RGB, non-interlaced	0E15E35F5B441577D02FCEF9B66270E2	02270A65317BB38AE0151B627C16804970335274	C8360AFB9621BEC2A35D4AECCB0A509246F27D65B1552650EBD5570967F8E6B3
Chrome Cache Entry: 133	PNG image data, 1586 x 343, 8-bit/color RGBA, non-interlaced	A01FE9D8F3B326A0AF45349E610473F7	25E111CFE06A2A6FA947FFB45F797C36BBBEA3FC	0D6F74899A9ED0ED8A5E7FF8E2282A8254562C2582EAA2B0682DA88AB1F55DC3
Chrome Cache Entry: 134	ASCII text, with very long lines (64739)	2B50E96949C31DEE72D619943BB99EC1	55F4A10FDBB490D371E5CC2FCF8659BBEC6C5846	90B2DE54221D146DADBD0A8CA9CDF64E450AC02F947B62864DB06CFED806BAA0
Chrome Cache Entry: 135	ASCII text, with no line terminators	C3F64CB2A8B00CBBC30CE2908208A29D	E4AA7CAB67F4CF5FA52371DDC25A75AAFD4D0CCC	391601283994BCD9486160BF8A5637410D280E1BDDD3AEF5428454976E193E81
Chrome Cache Entry: 136	JSON data	D68AF199886C0A6BD6BFCC818E59CF70	0B3036188BAE17E2E841FF0D1D12F31271E238F4	59672A9EA44C2B920DD901821AD367AF43BAEF9696B7FFDDF49A9BDE9796C82F
Chrome Cache Entry: 137	ASCII text, with very long lines (31113)	11364B6F867D75CA1DA1A79F3A8B0B2F	9AA326C1D90523A5C8ABC7A026713F2FC60979D6	B8740A30B5077455BD2B67568F6D7BBC0CBFD1CF1B04DF00180DCEA443201220
Chrome Cache Entry: 138	MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel	F876FB771CD1CC7327915C2542713BC4	433F852C24CE5EE2928E61F3F2B3F64C947ADFDB	858F37B7DEC134CE29A167B7D41C057BD6E99493DE03CBF4FCA0B06771688D1E
Chrome Cache Entry: 139	HTML document, ASCII text, with no line terminators	C83301425B2AD1D496473A5FF3D9ECCA	941EFB7368E46B27B937D34B07FC4D41DA01B002	B633A587C652D02386C4F16F8C6F6AAB7352D97F16367C3C40576214372DD628
Chrome Cache Entry: 140	ASCII text, with very long lines (25651)	29293AB468F1E8449557230D329AC48E	7A414BCB03257F528703D412751F6303FCF0FE36	6BD50B8FF3E71A154725A62E2EDDE6A707217C88E4D5140D700AE15BE2520358
Chrome Cache Entry: 141	ASCII text, with very long lines (55466)	EC770AE06E31DEDFD2C6AFB1C2E2D85F	D327CF6FEF433839D7AF9B7D3204D279404167E7	055F91FE7B5AB083756BFD27A1859E9E00781737BF5C9DD5A8F09F83781681D2
Chrome Cache Entry: 142	JSON data	B6BA82C37C780E791616F8F4D5CA5772	EFA54D817926FA08DEAA77DB53DBD93521D97B39	7B23628656640102C1C313D5CC07B5C4747AEBE0C14B8AA0F2B0773E5B0FD197
Chrome Cache Entry: 143	JSON data	8E3DB10AF5A3E1CABE7AA67674E21188	E2314B0038DF2D49DDBE461F33A6797D4586CDE0	87ECD5BABD6FD9F4F6F796D745AA38751FAF3985E3B55F87A2F53E506FE07362
Chrome Cache Entry: 144	JSON data	41FA719FC03C9A3593302108544C544A	CAD6EFD4F9002D72B4D6B1E2A5E09C705B3CD4C2	646B841257B90B55A774BF7FD70D7055E458CE229A8370933F319315C30270F0
Chrome Cache Entry: 145	GIF image data, version 89a, 1 x 1	BC32ED98D624ACB4008F986349A20D26	2D3DF8C11D2168CE2C27E0937421D11D85016361	0C9CF152A0AD00D4F102C93C613C104914BE5517AC8F8E0831727F8BFBE8B300
Chrome Cache Entry: 146	SVG Scalable Vector Graphics image	12A3102D6CA2735204CFCD44DEB0258F	510F4FB5B013FB94C32D21A768E3A29A6003C484	8343749A2DB88AC13B2137B39BBF79806CC4A72D12E4B0C3376FFB66F930A8E6
Chrome Cache Entry: 147	ASCII text	BB250F1DFD8843B47BC9E349FAA1B53E	00539C62783736BCFB3F09DD8CF50427F53A3D4A	E551028FAB5A4F9D14A13286DC0813D480C309B59C83ED769843E29A6316F155
Chrome Cache Entry: 83	HTML document, ASCII text, with very long lines (1885), with no line terminators	04E61CDD5969E29FA5BB1E33AEA1969E	5E9F4C48D6D53EA99D10E412DAC128BDB98E37E9	85A42ACB1BC853BDB5A8031EF2562FA60D236DC2F6794084ECEE321B25ADAADE
Chrome Cache Entry: 84	Unicode text, UTF-8 text, with very long lines (28182)	43787C0B584F4ACD04CC45938793F0DD	BDFD4C4853046338A936D2D12C7E4602CA856F0E	F0297DE75F16CD89BC46DF7CA5BFD2792FFE130D6FC17B9DBBE1B5BA38EA8384
Chrome Cache Entry: 85	ASCII text, with very long lines (29874)	2B59D6FDA62E8DD9737163256B8174D1	CA0A0F3CC66E6E26664D5B2578E32A6DA1E46F15	E38FFFA7416E3348180F32C4D655C4CD191B8410648880B81FE7BB0302AD5228
Chrome Cache Entry: 86	ASCII text, with very long lines (1572)	734DF6EC38A032B9E84006CDA985ACC5	742E4B93D05824D361866E69BD14EF3ADB90191F	DA7FDFCC0A23DD0B671B879656AEC7919D4885DDD77EC2AC5C130973E9656BCC
Chrome Cache Entry: 87	JSON data	E7B24D7F7004DADA927541BAC8E64F61	8E2C8FF8D31FF23578295B5DD16388EBC9B5E221	FC2B5905D112F0A2DD43A26F04B095C513C5EFEF460B5C19A5A6B81EDF5CB055
Chrome Cache Entry: 88	ASCII text, with very long lines (64997)	1F35A6B9703762BCED8D4C90A6F9087A	80E0AC30D4E33B1CF4682AAB60D3E028569CED3A	DA78F1D6DFE5EC07BFDDBB621F71DB48ACF768478F9AD4990166A28E417477DD
Chrome Cache Entry: 89	PNG image data, 40 x 83, 8-bit/color RGB, non-interlaced	E4B09680257663E86EB13B44B2B64E52	EEEFBC173BCD0D695FC1F7773C4E89AA41FF1CE8	410723228373CE408F87F658B97B1D3AF35D0E2D14A888C3033C5ED4D5B64213
Chrome Cache Entry: 90	HTML document, ASCII text, with very long lines (1885), with no line terminators	A12DC3675A771C8F4E7F0D12557FD11B	56657DE3AECCB40B17FEB01812FEBA9AEE126E89	49E1E7D5BD03555A46EE91A2378972DD096EB78F98C0A706DEB6133B5DB575A1
Chrome Cache Entry: 91	PNG image data, 41 x 60, 8-bit/color RGB, non-interlaced	C5BAA41A61B0F8D31C427302ED365D48	948B5CE07536194989A101E8A4577C2D6BF0C09A	3AFA2EE96AB67128ED97E982A19192C408CC0F6F6777FB7DFF6A97C048CD28DE
Chrome Cache Entry: 92	ASCII text, with no line terminators	46DF3E5E2D15256CA16616EBFDA5427F	BE8F9B307E458075DA0D43585A05F1D451469182	AF3248D0B278571EFF9A22F8ED1CEB54B70D202B44FD70ECA4CA13A5771CECC3
Chrome Cache Entry: 93	JSON data	0133A1F266F4740A5D50DE1410FC1CA5	64955AA4F31415A69929B984665530F3C8C65E1D	94C5140FFBCABF14891B919CB87810EF0B7307CFE424DFFE47D25FB5FD6A551C
Chrome Cache Entry: 94	JSON data	0133A1F266F4740A5D50DE1410FC1CA5	64955AA4F31415A69929B984665530F3C8C65E1D	94C5140FFBCABF14891B919CB87810EF0B7307CFE424DFFE47D25FB5FD6A551C
Chrome Cache Entry: 95	JSON data	B54272991B3AF4FD16376F34CC548264	741AE3E9CCCD0BAA5EA620E503E07FBAEF3D29C1	E7A09A1EC958493B37E9208D184868B408E039E5DD304E4CA5B8337A1863B8B3
Chrome Cache Entry: 96	HTML document, ASCII text, with very long lines (6102), with no line terminators	F9DAEF2E29C3FE47D7FE2E5016DF378E	72FA4B8CA2E9A4D4442A059341ADF26A9229CD03	13C25B6516BAA8B1D3E40705E4A20646B8EFA53A5071F53D1C87F727D8B3A824
Chrome Cache Entry: 97	ASCII text, with very long lines (65536), with no line terminators	C2B7C918E866C23B79B255542318F5F5	BAE5F2F59C68A28EF330DAED48680B10C60825F2	5AC83E3B8386638A7638CE4ECFA007FC552039C6610A73C245924AEB061F33C7
Chrome Cache Entry: 98	ASCII text, with very long lines (18422)	40F192A58D4F7705868023E97DC8D02B	69ECED4B4D0CA85AAF7A9819584393918DCB9BFE	7EE47D16278AB59402BAAAB9FA5F5C99320EDE5B39F323B49DD282BC8D97CF9F
Chrome Cache Entry: 99	ASCII text, with very long lines (4179)	872D6C854F9DC68C7645169B482FC58B	A603F50F62DFEC880F048025A24A82CEB9234CFB	86A261CA38505010193ABB27DBE60AC4074A9F3943A08D521D3AD0D32844CB78

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://decktop.us/gORiyf

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Phishing

Yara detected HtmlPhish44

Source: Yara match

File source: dropped/chromecache_96, type: DROPPED

HTML page contains suspicious base64 encoded javascript

Source: https://bgqak.ciatice.com/i3Ht5RuB/	HTTP Parser: Base64 decoded: <script>
Source: https://bgqak.ciatice.com/i3Ht5RuB/	HTTP Parser: Base64 decoded: <script>
Source: https://bgqak.ciatice.com/i3Ht5RuB/	HTTP Parser: Base64 decoded: <script>

HTML page contains hidden URLs or javascript code

Source: https://bgqak.ciatice.com/i3Ht5RuB/

Source: https://td.doubleclick.net/td/rul/10970373263?random=1714017149343&cv=11&fst=1714017149343&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v893181767z8830215601za201&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&hn=www.googleadservices.com&frm=0&tiba=Decktopus%20%7C%20Create%20Better%20Presentations%20%7C%20AI%20Presentation%20Assistant&npa=0&pscdl=noapi&auid=1046904707.1714017147&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1	HTTP Parser: No favicon
Source: https://bgqak.ciatice.com/i3Ht5RuB/	HTTP Parser: No favicon
Source: https://bgqak.ciatice.com/i3Ht5RuB/	HTTP Parser: No favicon
Source: https://bgqak.ciatice.com/i3Ht5RuB/	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/eds75/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/eds75/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tl9jh/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tl9jh/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6jl94/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6jl94/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.4:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.4:49754 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /share/gORiyf HTTP/1.1Host: app.decktopus.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/css/main.c90d0be1.css HTTP/1.1Host: app.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://app.decktopus.com/share/gORiyfAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /env.js HTTP/1.1Host: app.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/share/gORiyfAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/js/main.3cf0d5c7.js HTTP/1.1Host: app.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/share/gORiyfAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/public/decks/gORiyf HTTP/1.1Host: apiv21.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://app.decktopus.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /static/media/Sailec-Medium.d5050408323b1d11f631.woff2 HTTP/1.1Host: app.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.decktopus.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.decktopus.com/static/css/main.c90d0be1.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D
Source: global traffic	HTTP traffic detected: GET /api/public/decks/3885546/slides/16344280/data/2273489 HTTP/1.1Host: apiv21.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://app.decktopus.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /nr.js HTTP/1.1Host: app.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/share/gORiyfAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D
Source: global traffic	HTTP traffic detected: GET /static/media/watermark.b49f9fb0a26da9372a32352cbddc8bfd.svg HTTP/1.1Host: app.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.decktopus.com/share/gORiyf/1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D
Source: global traffic	HTTP traffic detected: GET /static/recorder.js?v=1.125.0 HTTP/1.1Host: us-assets.i.posthog.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /39888134.js HTTP/1.1Host: js.hs-scripts.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/public/decks/gORiyf HTTP/1.1Host: apiv21.decktopus.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D
Source: global traffic	HTTP traffic detected: GET /eval/65dc8b71b13dd50fd060d125/eyJraW5kIjoidXNlciIsImtleSI6IlVTRVJfQU5OTVlTIiwibmFtZSI6IlVzZXIgQW5vbnltb3VzIiwiZW1haWwiOiJ1c2VyX2Fubm15c0BkZWNrdG9wdXMuY29tIn0 HTTP/1.1Host: clientstream.launchdarkly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: text/event-streamCache-Control: no-cachesec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://app.decktopus.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rw.js HTTP/1.1Host: affiliate.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D
Source: global traffic	HTTP traffic detected: GET /e/?ip=1&_=1714017144672&ver=1.125.0&compression=base64 HTTP/1.1Host: us.i.posthog.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /decide/?v=3&ip=1&_=1714017144582&ver=1.125.0&compression=base64 HTTP/1.1Host: us.i.posthog.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/public/decks/3885546/visit HTTP/1.1Host: apiv21.decktopus.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D
Source: global traffic	HTTP traffic detected: GET /users/2363735/cdf600e1-7f65-4067-9b01-73712f5e6ad4.png?Expires=1714103548&Key-Pair-Id=K295BWQCL741S6&Signature=PWpYThYjrl~GnamQ-eyzk-Jl8Tllq4D3axvx4upscpSm0zeGTpjtdbjsDkmvD84Bi873THbxmtqYvU9xHOjWIUqhT1gB5lI7~jwX7nixtTwmQIpksGPA9gVleOfDLtgsUBpVIqgkSHB0DvlfnO4AkSRnbQ~p6lgD8TwI1dBvYvSYqM-80ly6rFVc8Q0z51dsTxqjZqiMIZML6j5b5ahNNP7-D6-2b~oyi772kRZIReft8fV4eRXwagpEjKZOlDDxIFHu43nXTteVqZ79bKjG0Z-gO83aFsICsBfxXvc52FmfGjC7JpG4kS3yMFq9jtekRqhlNjNK4uRudB-sxKQ5GA__ HTTP/1.1Host: cfv21.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D
Source: global traffic	HTTP traffic detected: GET /v2/39888134/banner.js HTTP/1.1Host: js.hs-banner.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /conversations-embed.js HTTP/1.1Host: js.usemessages.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /feedbackweb-new.js HTTP/1.1Host: js.hubspotfeedback.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.decktopus.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /collectedforms.js HTTP/1.1Host: js.hscollectedforms.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.decktopus.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /analytics/1714017000000/39888134.js HTTP/1.1Host: js.hs-analytics.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/public/decks/3885546/slides/16344280/data/2273489 HTTP/1.1Host: apiv21.decktopus.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D; _gcl_au=1.1.1046904707.1714017147
Source: global traffic	HTTP traffic detected: GET /collected-forms/v1/config/json?portalId=39888134&utk= HTTP/1.1Host: forms.hscollectedforms.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://app.decktopus.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/public/decks/3885546/visit HTTP/1.1Host: apiv21.decktopus.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D; _gcl_au=1.1.1046904707.1714017147
Source: global traffic	HTTP traffic detected: GET /static/media/watermark.b49f9fb0a26da9372a32352cbddc8bfd.svg HTTP/1.1Host: app.decktopus.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D; _gcl_au=1.1.1046904707.1714017147
Source: global traffic	HTTP traffic detected: GET /td/ga/rul?tid=G-RDRSM8WPZJ&gacid=460078857.1714017148&gtm=45je44o0v893194734z8830215601za200&dma=0&gcd=13l3l3l3l1&npa=0&pscdl=noapi&aip=1&fledge=1&z=1827080068 HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /users/2363735/cdf600e1-7f65-4067-9b01-73712f5e6ad4.png?Expires=1714103548&Key-Pair-Id=K295BWQCL741S6&Signature=PWpYThYjrl~GnamQ-eyzk-Jl8Tllq4D3axvx4upscpSm0zeGTpjtdbjsDkmvD84Bi873THbxmtqYvU9xHOjWIUqhT1gB5lI7~jwX7nixtTwmQIpksGPA9gVleOfDLtgsUBpVIqgkSHB0DvlfnO4AkSRnbQ~p6lgD8TwI1dBvYvSYqM-80ly6rFVc8Q0z51dsTxqjZqiMIZML6j5b5ahNNP7-D6-2b~oyi772kRZIReft8fV4eRXwagpEjKZOlDDxIFHu43nXTteVqZ79bKjG0Z-gO83aFsICsBfxXvc52FmfGjC7JpG4kS3yMFq9jtekRqhlNjNK4uRudB-sxKQ5GA__ HTTP/1.1Host: cfv21.decktopus.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D; _gcl_au=1.1.1046904707.1714017147; _ga=GA1.1.460078857.1714017148; _ga_RDRSM8WPZJ=GS1.1.1714017147.1.0.1714017148.59.0.0
Source: global traffic	HTTP traffic detected: GET /livechat-public/v1/message/public?portalId=39888134&conversations-embed=static-1.16153&mobile=false&messagesUtk=2c6e3debbd374847afd7a324cc0a8c06&traceId=2c6e3debbd374847afd7a324cc0a8c06 HTTP/1.1Host: api.hubspot.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0X-HubSpot-Messages-Uri: https://app.decktopus.com/share/gORiyf/1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://app.decktopus.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/public/decks/3885546/visit HTTP/1.1Host: apiv21.decktopus.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017145670%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D; _gcl_au=1.1.1046904707.1714017147; _ga=GA1.1.460078857.1714017148; _ga_RDRSM8WPZJ=GS1.1.1714017147.1.0.1714017148.59.0.0
Source: global traffic	HTTP traffic detected: GET /collected-forms/v1/config/json?portalId=39888134&utk= HTTP/1.1Host: forms.hscollectedforms.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /manifest.json HTTP/1.1Host: app.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://app.decktopus.com/share/gORiyf/1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /livechat-public/v1/message/public?portalId=39888134&conversations-embed=static-1.16153&mobile=false&messagesUtk=2c6e3debbd374847afd7a324cc0a8c06&traceId=2c6e3debbd374847afd7a324cc0a8c06 HTTP/1.1Host: api.hubspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/10970373263?random=1714017149343&cv=11&fst=1714017149343&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v893181767z8830215601za201&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&hn=www.googleadservices.com&frm=0&tiba=Decktopus%20%7C%20Create%20Better%20Presentations%20%7C%20AI%20Presentation%20Assistant&npa=0&pscdl=noapi&auid=1046904707.1714017147&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1 HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/10970373263/?random=1714017149343&cv=11&fst=1714017149343&bg=ffffff&guid=ON&async=1&gtm=45be44o0v893181767z8830215601za201&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&hn=www.googleadservices.com&frm=0&tiba=Decktopus%20%7C%20Create%20Better%20Presentations%20%7C%20AI%20Presentation%20Assistant&npa=0&pscdl=noapi&auid=1046904707.1714017147&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/10970373263/?random=1714017149343&cv=11&fst=1714014000000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v893181767z8830215601za201&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&hn=www.googleadservices.com&frm=0&tiba=Decktopus%20%7C%20Create%20Better%20Presentations%20%7C%20AI%20Presentation%20Assistant&npa=0&pscdl=noapi&auid=1046904707.1714017147&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqwaH6pzOFv3ie7PF3m3h_BW9J80LYdtbeBJRAyjPhCzcvGXn_&random=4099846240&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/10970373263/?random=1714017149343&cv=11&fst=1714014000000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v893181767z8830215601za201&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&hn=www.googleadservices.com&frm=0&tiba=Decktopus%20%7C%20Create%20Better%20Presentations%20%7C%20AI%20Presentation%20Assistant&npa=0&pscdl=noapi&auid=1046904707.1714017147&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqwaH6pzOFv3ie7PF3m3h_BW9J80LYdtbeBJRAyjPhCzcvGXn_&random=4099846240&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1976953477&v=1.1&a=39888134&pu=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&t=Decktopus+%7C+Create+Better+Presentations+%7C+AI+Presentation+Assistant&cts=1714017150738&vi=fa465bb3f17deeb8f39eca49244ed014&nc=true&u=51700406.fa465bb3f17deeb8f39eca49244ed014.1714017150730.1714017150730.1714017150730.1&b=51700406.1.1714017150730&cc=15 HTTP/1.1Host: track.hubspot.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=M4bXQ_tp4HTJ_823oFIp3mjxiLQIwhQKYAgHk7lpcpU-1714017150-1.0.1.1-D.loorurWQkFrplgZ_PQkuQb.guRNISnePU5FO_AExahkXj1ZGq0nT5OxQia9b9degRQu253OVzTsRNFJ22wpw; _cfuvid=1ZOzQ08cxiz3nJm_WZUwwGKOuwne4wjFo054HPRXwnM-1714017150904-0.0.1.1-604800000
Source: global traffic	HTTP traffic detected: GET /nr-spa-1.250.0.min.js HTTP/1.1Host: js-agent.newrelic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.decktopus.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /feedback-web-fetcher HTTP/1.1Host: app.hubspot.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://app.decktopus.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=M4bXQ_tp4HTJ_823oFIp3mjxiLQIwhQKYAgHk7lpcpU-1714017150-1.0.1.1-D.loorurWQkFrplgZ_PQkuQb.guRNISnePU5FO_AExahkXj1ZGq0nT5OxQia9b9degRQu253OVzTsRNFJ22wpw; _cfuvid=1ZOzQ08cxiz3nJm_WZUwwGKOuwne4wjFo054HPRXwnM-1714017150904-0.0.1.1-604800000
Source: global traffic	HTTP traffic detected: GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1976953477&v=1.1&a=39888134&pu=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&t=Decktopus+%7C+Create+Better+Presentations+%7C+AI+Presentation+Assistant&cts=1714017150738&vi=fa465bb3f17deeb8f39eca49244ed014&nc=true&u=51700406.fa465bb3f17deeb8f39eca49244ed014.1714017150730.1714017150730.1714017150730.1&b=51700406.1.1714017150730&cc=15 HTTP/1.1Host: track.hubspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=M4bXQ_tp4HTJ_823oFIp3mjxiLQIwhQKYAgHk7lpcpU-1714017150-1.0.1.1-D.loorurWQkFrplgZ_PQkuQb.guRNISnePU5FO_AExahkXj1ZGq0nT5OxQia9b9degRQu253OVzTsRNFJ22wpw; _cfuvid=1ZOzQ08cxiz3nJm_WZUwwGKOuwne4wjFo054HPRXwnM-1714017150904-0.0.1.1-604800000
Source: global traffic	HTTP traffic detected: GET /feedback-web-renderer-ui/static-1.19005/bundles/fetcher.js HTTP/1.1Host: static.hsappstatic.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.hubspot.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://app.hubspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: app.decktopus.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.decktopus.com/share/gORiyf/1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gcl_au=1.1.1046904707.1714017147; _ga=GA1.1.460078857.1714017148; _ga_RDRSM8WPZJ=GS1.1.1714017147.1.0.1714017148.59.0.0; __hstc=51700406.fa465bb3f17deeb8f39eca49244ed014.1714017150730.1714017150730.1714017150730.1; hubspotutk=fa465bb3f17deeb8f39eca49244ed014; __hssrc=1; __hssc=51700406.1.1714017150730; ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017153564%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D
Source: global traffic	HTTP traffic detected: GET /1/NRJS-43e56c8b880ca8453b7?a=1134428518&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=10547&ck=0&s=202cb01225f5cec1&ref=https://app.decktopus.com/share/gORiyf/1&hr=0&af=err,xhr,stn,ins,spa&be=1260&fe=8431&dc=2235&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1714017141066,%22n%22:0,%22f%22:417,%22dn%22:419,%22dne%22:533,%22c%22:533,%22s%22:533,%22ce%22:765,%22rq%22:765,%22rp%22:1261,%22rpe%22:1262,%22di%22:1883,%22ds%22:3492,%22de%22:3495,%22dc%22:9654,%22l%22:9654,%22le%22:9691%7D,%22navigation%22:%7B%7D%7D&fp=4737&fcp=4737 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/?ip=1&_=1714017153565&ver=1.125.0&compression=gzip-js HTTP/1.1Host: us.i.posthog.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resources/1/NRJS-43e56c8b880ca8453b7?a=1134428518&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=12833&ck=0&s=202cb01225f5cec1&ref=https://app.decktopus.com/share/gORiyf/1&st=1714017141066&hr=0&fts=1714017141066&n=26&fsh=1 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /events/1/NRJS-43e56c8b880ca8453b7?a=1134428518&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=12840&ck=0&s=202cb01225f5cec1&ref=https://app.decktopus.com/share/gORiyf/1&hr=0 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: app.decktopus.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gcl_au=1.1.1046904707.1714017147; _ga=GA1.1.460078857.1714017148; _ga_RDRSM8WPZJ=GS1.1.1714017147.1.0.1714017148.59.0.0; __hstc=51700406.fa465bb3f17deeb8f39eca49244ed014.1714017150730.1714017150730.1714017150730.1; hubspotutk=fa465bb3f17deeb8f39eca49244ed014; __hssrc=1; __hssc=51700406.1.1714017150730; ph_phc_EPRVh4HnMtsZmdGbBkiWbbXjOHbrZDqmCA637H2IYwz_posthog=%7B%22distinct_id%22%3A%22018f1362-0f05-7fbf-b19c-3f928dd98bcc%22%2C%22%24sesid%22%3A%5B1714017154103%2C%22018f1362-0f5c-7157-8a84-3b2a71b5897d%22%2C1714017144668%5D%7D
Source: global traffic	HTTP traffic detected: GET /feedback/public/v1/web-config?portalId=39888134&utk=fa465bb3f17deeb8f39eca49244ed014&bundleVersion=1.19005&currentUrl=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&pageUrl=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1 HTTP/1.1Host: feedback.hubapi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-HS-Referer: https://app.decktopus.com/share/gORiyf/1sec-ch-ua-platform: "Windows"Accept: /Origin: https://app.hubspot.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.hubspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /feedback/public/v1/web-config?portalId=39888134&utk=fa465bb3f17deeb8f39eca49244ed014&bundleVersion=1.19005&currentUrl=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1&pageUrl=https%3A%2F%2Fapp.decktopus.com%2Fshare%2FgORiyf%2F1 HTTP/1.1Host: feedback.hubapi.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i3Ht5RuB/ HTTP/1.1Host: bgqak.ciatice.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bgqak.ciatice.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bgqak.ciatice.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/471dc2adc340/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bgqak.ciatice.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/eds75/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://bgqak.ciatice.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/?ip=1&_=1714017157463&ver=1.125.0&compression=gzip-js HTTP/1.1Host: us.i.posthog.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879b61b54f49ad71 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/eds75/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/eds75/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: bgqak.ciatice.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bgqak.ciatice.com/i3Ht5RuB/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYxaGpVZUk1eStoeENTWTVFQTBXZVE9PSIsInZhbHVlIjoib2dQUW1JSEFzeHNUbzFsb3FtN01KeTlHdnZDRDd3QlVkeUxPRlFDWGdOVHN3YzVPWGtibklHYUdTWW1SYkFmdlUwNWJxUWFnRzNTR1R4eUIvVWdodTFKZTNYdDZwSitXYngvdU4vdzRHQnJsUW5haFRsR1ZreFl0VWdHbnhzYkciLCJtYWMiOiI4ZDM1MTBiODZmNmJkOTIzZTcyMzZjMjY3ZWNlOTIyMDZiZTUxZThlNjU2ZTkxYzM0NTliOTEyZDEyNTk3ZWFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZiK1VDMWtLM1lLYWI1QUUvbDFlVlE9PSIsInZhbHVlIjoid29KNng0bnRSSFNKbExDTVJQZ0JNZDFzc3o1K3JCZ2ZxWk1JcTVSQzBSM05TRStmczV1bkxWY3ZXc1NZNzZ2YVVjWGJFVmtQVlYzNGc4RnBYbWZSNjhDQmFIL2V3eFpmVWJSN2F0b0pxU1gwRHdkbm1JSFlzSkFaa3NzTi9sK1giLCJtYWMiOiI4NWIzZjU2MjA5NjBlMTBmNTVmOGMzOWZjYTU2YjczZjZmOTNlZGNiOGFiYjYyOTU2NzkzYmJkNTE5ZGY4MjhmIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1677002190:1714015744:NTToJbtJ0X8CCsA-a5E9lbT-2hWkxViLfQA7XMNF_JM/879b61b54f49ad71/8c1082b5020ed45 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879b61b54f49ad71/1714017162245/k8WraW2E42mlx2t HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/eds75/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879b61b54f49ad71/1714017162245/k8WraW2E42mlx2t HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/879b61b54f49ad71/1714017162247/ddea79bec3e2b9031efa5dd8758735f9c58744fef2204f94127320d04b10907d/GELtzUJwSlgGcjO HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/eds75/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/?ip=1&_=1714017162430&ver=1.125.0&compression=gzip-js HTTP/1.1Host: us.i.posthog.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1677002190:1714015744:NTToJbtJ0X8CCsA-a5E9lbT-2hWkxViLfQA7XMNF_JM/879b61b54f49ad71/8c1082b5020ed45 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i3Ht5RuB/ HTTP/1.1Host: bgqak.ciatice.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYxaGpVZUk1eStoeENTWTVFQTBXZVE9PSIsInZhbHVlIjoib2dQUW1JSEFzeHNUbzFsb3FtN01KeTlHdnZDRDd3QlVkeUxPRlFDWGdOVHN3YzVPWGtibklHYUdTWW1SYkFmdlUwNWJxUWFnRzNTR1R4eUIvVWdodTFKZTNYdDZwSitXYngvdU4vdzRHQnJsUW5haFRsR1ZreFl0VWdHbnhzYkciLCJtYWMiOiI4ZDM1MTBiODZmNmJkOTIzZTcyMzZjMjY3ZWNlOTIyMDZiZTUxZThlNjU2ZTkxYzM0NTliOTEyZDEyNTk3ZWFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZiK1VDMWtLM1lLYWI1QUUvbDFlVlE9PSIsInZhbHVlIjoid29KNng0bnRSSFNKbExDTVJQZ0JNZDFzc3o1K3JCZ2ZxWk1JcTVSQzBSM05TRStmczV1bkxWY3ZXc1NZNzZ2YVVjWGJFVmtQVlYzNGc4RnBYbWZSNjhDQmFIL2V3eFpmVWJSN2F0b0pxU1gwRHdkbm1JSFlzSkFaa3NzTi9sK1giLCJtYWMiOiI4NWIzZjU2MjA5NjBlMTBmNTVmOGMzOWZjYTU2YjczZjZmOTNlZGNiOGFiYjYyOTU2NzkzYmJkNTE5ZGY4MjhmIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tl9jh/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://bgqak.ciatice.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879b62024cf1455d HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tl9jh/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1753492581:1714015401:r7lJdHBShC6vXG_mVesy8pLxRXrBhOb7awKcKBR9CrM/879b62024cf1455d/67cbcf709383fc7 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/879b62024cf1455d/1714017174452/9021aaa1508526fe390cdccd05bbb8fc3348643f5166bf0aa3efe8bfbeaf098c/ACR4oOPV8ggl_Tg HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tl9jh/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879b62024cf1455d/1714017174452/Ipur5QhvtVLCcmA HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tl9jh/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879b62024cf1455d/1714017174452/Ipur5QhvtVLCcmA HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1753492581:1714015401:r7lJdHBShC6vXG_mVesy8pLxRXrBhOb7awKcKBR9CrM/879b62024cf1455d/67cbcf709383fc7 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i3Ht5RuB/ HTTP/1.1Host: bgqak.ciatice.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlB1cUFicDlZbzdQZUlkSXB6Wm5tblE9PSIsInZhbHVlIjoiV2dXeFVZUHJZK3ZBU0RsaEJMNXNLeWtzcWNmWFllVWdnLzF0YmgvSXVQejVlNjRGbkFxZExSODhkMWZsMG41aGkweU9HaWx2Q3RuVnhWbC9FWHdKOUNqRTRTNDRlTGwxSnFjVFlsUW9YSzR4NTByM0RVQlpkZGF0MUVLcldrMm0iLCJtYWMiOiI1ZjU1YWI0Mjc0ZjcxMTIxY2E3YjFjMzk4NTlmNzdlMzA2MDU2ZDcxOTkyMTNlMjhkMzFiOTMyY2ZkNGQ5ODEwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjIzOTVHMCtldXlwVldDNmRJREVWd2c9PSIsInZhbHVlIjoiaXlUZlpMazk3OU16TWNQNVROOTduZzBxRS8xYlpLRElwclVWZWhNVkUxbVpsSnR5M2djenFibHhCVkJvaWl2MENwYklQeWRaWjhsanZ0WXdWNXdmVnNGYVMyQUwvaTNPV09LNHp3c2toNXZpRi8vOENGREkzdmN0Q0VLRE5oUHMiLCJtYWMiOiIyYzFhMjU3ODExYmYxZmQyNGMxZTY1NzQ5YzI2Mjg0NGM3MTU2NTNiMmIxNzk1Mzk2M2YxODc1NDY0NjFkZWZkIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6jl94/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://bgqak.ciatice.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879b627a3d9853d3 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6jl94/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1811120096:1714015610:2WyXF2ElUs7nlUb96w5EO0APfkOX1pjT873Zp3siA5A/879b627a3d9853d3/5ed7a33bdf5a2d8 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/879b627a3d9853d3/1714017193913/18bf2f44da43e020a23b135adc151df113c04039083059c98a4365e4e667899c/A-Tv_jU3xYUHGis HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6jl94/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879b627a3d9853d3/1714017193916/jkdObPPHRk0TBGX HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6jl94/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879b627a3d9853d3/1714017193916/jkdObPPHRk0TBGX HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1811120096:1714015610:2WyXF2ElUs7nlUb96w5EO0APfkOX1pjT873Zp3siA5A/879b627a3d9853d3/5ed7a33bdf5a2d8 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /gORiyf HTTP/1.1Host: decktop.usConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: chromecache_140.2.dr	String found in binary or memory: Math.round(p);v["gtm.videoCurrentTime"]=Math.round(q);v["gtm.videoElapsedTime"]=Math.round(f);v["gtm.videoPercent"]=r;v["gtm.videoVisible"]=t;return v},Qj:function(){e=zb()},sd:function(){d()}}};var dc=ka(["data-gtm-yt-inspected-"]),AC=["www.youtube.com","www.youtube-nocookie.com"],BC,CC=!1; equals www.youtube.com (Youtube)
Source: chromecache_99.2.dr	String found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var h=iA(a,c,e);M(121);if("https://www.facebook.com/tr/"===h["gtm.elementUrl"])return M(122),!0;if(d&&f){for(var m=Jb(b,g.length),n=0;n<g.length;++n)g[n](h,m);return m.done}for(var p=0;p<g.length;++p)g[p](h,function(){});return!0},lA=function(){var a=[],b=function(c){return pb(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
Source: chromecache_140.2.dr	String found in binary or memory: e\|\|f\|\|g.length\|\|h.length))return;var n={Xg:d,Vg:e,Wg:f,Ih:g,Jh:h,ye:m,Ab:b},p=D.YT,q=function(){IC(n)};if(p)return p.ready&&p.ready(q),b;var r=D.onYouTubeIframeAPIReady;D.onYouTubeIframeAPIReady=function(){r&&r();q()};I(function(){for(var t=H.getElementsByTagName("script"),u=t.length,v=0;v<u;v++){var w=t[v].getAttribute("src");if(LC(w,"iframe_api")\|\|LC(w,"player_api"))return b}for(var x=H.getElementsByTagName("iframe"),y=x.length,A=0;A<y;A++)if(!CC&&JC(x[A],n.ye))return tc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: chromecache_137.2.dr, chromecache_130.2.dr	String found in binary or memory: function(h){return h.form===g})};return{store:function(g,h){var m=f(g);m?m.button=h:e.push({form:g,button:h})},get:function(g){var h=f(g);return h?h.button:null}}}function d(e,f,g,h,m){var n=Jz("fsl",g?"nv.mwt":"mwt",0),p;p=g?Jz("fsl","nv.ids",[]):Jz("fsl","ids",[]);if(!p.length)return!0;var q=Fz(e,"gtm.formSubmit",p),r=e.action;r&&r.tagName&&(r=e.cloneNode(!1).action);q["gtm.elementUrl"]=r;M(121);if("https://www.facebook.com/tr/"===r)return M(122),!0;m&&(q["gtm.formSubmitElement"]=m);if(h&&n){if(!vI(q, equals www.facebook.com (Facebook)
Source: chromecache_137.2.dr, chromecache_130.2.dr, chromecache_99.2.dr	String found in binary or memory: return b}yC.J="internal.enableAutoEventOnTimer";var dc=ka(["data-gtm-yt-inspected-"]),AC=["www.youtube.com","www.youtube-nocookie.com"],BC,CC=!1; equals www.youtube.com (Youtube)
Source: chromecache_99.2.dr	String found in binary or memory: var NB=function(a,b,c,d,e){var f=Jz("fsl",c?"nv.mwt":"mwt",0),g;g=c?Jz("fsl","nv.ids",[]):Jz("fsl","ids",[]);if(!g.length)return!0;var h=Fz(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);M(121);if("https://www.facebook.com/tr/"===m)return M(122),!0;h["gtm.elementUrl"]=m;h["gtm.formCanceled"]=c;null!=a.getAttribute("name")&&(h["gtm.interactedFormName"]=a.getAttribute("name"));e&&(h["gtm.formSubmitElement"]=e,h["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!uy(h,vy(b, equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: decktop.us
Source: global traffic	DNS traffic detected: DNS query: app.decktopus.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: us.i.posthog.com
Source: global traffic	DNS traffic detected: DNS query: app.launchdarkly.com
Source: global traffic	DNS traffic detected: DNS query: apiv21.decktopus.com
Source: global traffic	DNS traffic detected: DNS query: clientstream.launchdarkly.com
Source: global traffic	DNS traffic detected: DNS query: js.hs-scripts.com
Source: global traffic	DNS traffic detected: DNS query: affiliate.decktopus.com
Source: global traffic	DNS traffic detected: DNS query: us-assets.i.posthog.com
Source: global traffic	DNS traffic detected: DNS query: cfv21.decktopus.com
Source: global traffic	DNS traffic detected: DNS query: js.hscollectedforms.net
Source: global traffic	DNS traffic detected: DNS query: js.hs-banner.com
Source: global traffic	DNS traffic detected: DNS query: js.hs-analytics.net
Source: global traffic	DNS traffic detected: DNS query: js.hubspotfeedback.com
Source: global traffic	DNS traffic detected: DNS query: js.usemessages.com
Source: global traffic	DNS traffic detected: DNS query: api.hubspot.com
Source: global traffic	DNS traffic detected: DNS query: forms.hscollectedforms.net
Source: global traffic	DNS traffic detected: DNS query: td.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: analytics.google.com
Source: global traffic	DNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: events.launchdarkly.com
Source: global traffic	DNS traffic detected: DNS query: js-agent.newrelic.com
Source: global traffic	DNS traffic detected: DNS query: app.hubspot.com
Source: global traffic	DNS traffic detected: DNS query: track.hubspot.com
Source: global traffic	DNS traffic detected: DNS query: static.hsappstatic.net
Source: global traffic	DNS traffic detected: DNS query: bam.nr-data.net
Source: global traffic	DNS traffic detected: DNS query: feedback.hubapi.com
Source: global traffic	DNS traffic detected: DNS query: bgqak.ciatice.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 25 Apr 2024 03:52:27 GMTContent-Type: application/json; charset=utf-8Content-Length: 93Connection: closeContent-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requestsCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Referrer-Policy: no-referrerStrict-Transport-Security: max-age=15552000; includeSubDomainsX-Content-Type-Options: nosniffX-DNS-Prefetch-Control: offX-Download-Options: noopenX-Frame-Options: SAMEORIGINX-Permitted-Cross-Domain-Policies: noneX-XSS-Protection: 0Access-Control-Allow-Origin: *ETag: W/"5d-ytbv1PkALXK01rHipeCccFs81MI"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 25 Apr 2024 03:52:29 GMTContent-Type: application/json; charset=utf-8Content-Length: 93Connection: closeContent-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requestsCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Referrer-Policy: no-referrerStrict-Transport-Security: max-age=15552000; includeSubDomainsX-Content-Type-Options: nosniffX-DNS-Prefetch-Control: offX-Download-Options: noopenX-Frame-Options: SAMEORIGINX-Permitted-Cross-Domain-Policies: noneX-XSS-Protection: 0Access-Control-Allow-Origin: *ETag: W/"5d-ytbv1PkALXK01rHipeCccFs81MI"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 25 Apr 2024 03:52:30 GMTContent-Type: application/json; charset=utf-8Content-Length: 93Connection: closeContent-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requestsCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Referrer-Policy: no-referrerStrict-Transport-Security: max-age=15552000; includeSubDomainsX-Content-Type-Options: nosniffX-DNS-Prefetch-Control: offX-Download-Options: noopenX-Frame-Options: SAMEORIGINX-Permitted-Cross-Domain-Policies: noneX-XSS-Protection: 0Access-Control-Allow-Origin: *ETag: W/"5d-ytbv1PkALXK01rHipeCccFs81MI"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 25 Apr 2024 03:52:41 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AuIdPnyCy1YPs4s3Bg1LjdiJYaPoSoosUIiIkPDQD62%2F5NRJrxVLcnnjiibv8SDK7yFQcr5EY8J2Pn50YIPUv9ELKwveOc9vReTrlZBuDkheGwzdl0z0WDURjaHVsg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-Encodingalt-svc: h3=":443"; ma=86400CF-Cache-Status: HITAge: 5410Server: cloudflareCF-RAY: 879b61bdd91944e3-ATL

Source: chromecache_107.2.dr	String found in binary or memory: http://hubs.ly/H0702_H0
Source: chromecache_134.2.dr, chromecache_88.2.dr	String found in binary or memory: http://www.hubspot.com
Source: chromecache_140.2.dr, chromecache_137.2.dr, chromecache_130.2.dr, chromecache_99.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_140.2.dr, chromecache_137.2.dr, chromecache_130.2.dr, chromecache_99.2.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_108.2.dr	String found in binary or memory: https://apiv21.decktopus.com/api/
Source: chromecache_90.2.dr, chromecache_83.2.dr	String found in binary or memory: https://bgqak.ciatice.com/i3Ht5RuB/
Source: chromecache_140.2.dr, chromecache_137.2.dr, chromecache_130.2.dr, chromecache_99.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_137.2.dr, chromecache_130.2.dr	String found in binary or memory: https://cdn.taboola.com/libtrc/unip/
Source: chromecache_90.2.dr	String found in binary or memory: https://cfv21.decktopus.com/users/2363735/cdf600e1-7f65-4067-9b01-73712f5e6ad4.png?Expires=171410354
Source: chromecache_83.2.dr	String found in binary or memory: https://cfv21.decktopus.com/users/2363735/cdf600e1-7f65-4067-9b01-73712f5e6ad4.png?Expires=171410355
Source: chromecache_137.2.dr, chromecache_130.2.dr	String found in binary or memory: https://connect.facebook.net/en_US/fbevents.js
Source: chromecache_147.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/chewy/v18/uK_94ruUb-k-wn52KjI.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1pL7SUc.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2JL7SUc.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2ZL7SUc.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2)
Source: chromecache_147.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2)
Source: chromecache_147.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-cSZMZ-Y.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-cyZMZ-Y.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-eCZMZ-Y.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf1jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf2jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf3jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf8jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7NWPf1jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7NWPf2jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7NWPf3jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7NWPf8jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff1jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff2jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff3jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff8jvzRPA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZAf-LHrw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZBf-LHrw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZDf-LHrw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZKf-LHrw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZV8f6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZVcf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZVsf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZXMf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZV8f6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZVcf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZVsf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZXMf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZV8f6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZVcf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZXMf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofIMeaBXso.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofIO-aBXso.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofIOOaBXso.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofIOuaBXso.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/nunito/v26/XRXX3I6Li01BKofIMNaDRs4.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/nunito/v26/XRXX3I6Li01BKofIMNaHRs71cA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/nunito/v26/XRXX3I6Li01BKofIMNaMRs71cA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/nunito/v26/XRXX3I6Li01BKofIMNaNRs71cA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/nunito/v26/XRXX3I6Li01BKofIMNaORs71cA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqW106F15M.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWt06F15M.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtE6F15M.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtU6F15M.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtk6F15M.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWu06F15M.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuk6F15M.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWvU6F15M.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWxU6F15M.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSOmu1aB.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTPYgFE_.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTjYgFE_.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v37/nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v37/nuFkD-vYSZviVYUb_rj3ij__anPXDTnohkk72xU.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v37/nuFkD-vYSZviVYUb_rj3ij__anPXDTnojEk72xU.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v37/nuFkD-vYSZviVYUb_rj3ij__anPXDTnojUk72xU.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v29/1Ptsg8zYS_SKggPNyCg4Q4FqPfE.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v29/1Ptsg8zYS_SKggPNyCg4QIFqPfE.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v29/1Ptsg8zYS_SKggPNyCg4QoFqPfE.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v29/1Ptsg8zYS_SKggPNyCg4SYFqPfE.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v29/1Ptsg8zYS_SKggPNyCg4TYFq.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyCAIT5lu.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyCIIT5lu.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyCMIT5lu.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyCkIT5lu.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEz0dL_nz.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEz4dL_nz.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEz8dL_nz.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzMdL_nz.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzQdL_nz.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzwdL_nz.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc-CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc0CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc1CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc2CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc3CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc5CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc-CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc0CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc1CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc2CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc3CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc5CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc-CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc0CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc1CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc2CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc3CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc5CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic-CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic0CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic1CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic2CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic3CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic5CsTKlA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxEIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxFIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxGIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxHIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxLIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxMIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xEIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xFIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xGIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xHIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xLIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCRc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBxc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCBc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCRc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfABc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBxc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfCBc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfCRc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfCxc4EsA.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_99.2.dr	String found in binary or memory: https://google.com
Source: chromecache_99.2.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_134.2.dr	String found in binary or memory: https://js-na1.hs-scripts.com/39888134.js
Source: chromecache_107.2.dr	String found in binary or memory: https://js.hs-analytics.net/analytics/1714017000000/39888134.js
Source: chromecache_88.2.dr	String found in binary or memory: https://js.hs-banner.com/v2
Source: chromecache_107.2.dr	String found in binary or memory: https://js.hs-banner.com/v2/39888134/banner.js
Source: chromecache_107.2.dr	String found in binary or memory: https://js.hscollectedforms.net/collectedforms.js
Source: chromecache_107.2.dr	String found in binary or memory: https://js.hubspotfeedback.com/feedbackweb-new.js
Source: chromecache_107.2.dr	String found in binary or memory: https://js.usemessages.com/conversations-embed.js
Source: chromecache_99.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_118.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204/?id=turtlex_join_ig&tx_jig=$
Source: chromecache_140.2.dr, chromecache_137.2.dr, chromecache_130.2.dr, chromecache_99.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_85.2.dr	String found in binary or memory: https://quilljs.com/
Source: chromecache_137.2.dr, chromecache_130.2.dr	String found in binary or memory: https://snap.licdn.com/li.lms-analytics/insight.min.js
Source: chromecache_140.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_140.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_118.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_118.2.dr	String found in binary or memory: https://td.doubleclick.net/td/bjs
Source: chromecache_118.2.dr	String found in binary or memory: https://td.doubleclick.net/td/bts
Source: chromecache_118.2.dr	String found in binary or memory: https://td.doubleclick.net/td/buyer.wasm
Source: chromecache_118.2.dr	String found in binary or memory: https://td.doubleclick.net/td/update?ig_name=1j7336096761
Source: chromecache_118.2.dr	String found in binary or memory: https://td.doubleclick.net/td/update?ig_name=1j7348647275
Source: chromecache_118.2.dr	String found in binary or memory: https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=161030276560
Source: chromecache_137.2.dr, chromecache_130.2.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_99.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_126.2.dr	String found in binary or memory: https://www.google.com/pagead/1p-user-list/10970373263/?random
Source: chromecache_99.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_140.2.dr, chromecache_137.2.dr, chromecache_130.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_140.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_137.2.dr, chromecache_130.2.dr	String found in binary or memory: https://www.redditstatic.com/ads/pixel.js
Source: chromecache_140.2.dr	String found in binary or memory: https://www.youtube.com/iframe_api

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.4:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.4:49754 version: TLS 1.2

Source: classification engine

Classification label: mal60.phis.win@26/109@100/37

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1996,i,16913931398528617657,17088334043610471503,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://decktop.us/gORiyf"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1996,i,16913931398528617657,17088334043610471503,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1431449
Product:	CloudBasic
Start time:	05:51:33
Start date:	25.04.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
http://decktop.us/gORiyf

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report http://decktop.us/gORiyf

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
http://decktop.us/gORiyf