Edit tour

Windows Analysis Report
securedoc_20240425T124814.html

Overview

General Information

Sample name:	securedoc_20240425T124814.html
Analysis ID:	1431816
MD5:	e402191108703ab44b9fd3344c18baad
SHA1:	98d3b12c36d7a2ff295e79f0189539667cbe4b78
SHA256:	e51fa6abd17c8e6eb6ac89d54c07b8bf3e930d938589350a7cdc9ab3db4e4914
Infos:

Detection

Score:	22
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Suspicious Javascript code found in HTML file

Connects to many different domains

Detected hidden input values containing email addresses (often used in phishing pages)

HTTP GET or POST without a user agent

IP address seen in connection with other malware

JA3 SSL client fingerprint seen in connection with other malware

Classification

Process Tree

System is w10x64

chrome.exe (PID: 5064 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Desktop\securedoc_20240425T124814.html" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 4908 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2556 --field-trial-handle=2376,i,16924140576359534068,14692567970058789830,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

Suspicious Javascript code found in HTML file

Source: securedoc_20240425T124814.html	HTTP Parser: document.write
Source: securedoc_20240425T124814.html	HTTP Parser: location.href
Source: securedoc_20240425T124814.html	HTTP Parser: window.location

Source: securedoc_20240425T124814.html	HTTP Parser: Theresa Howard <Theresa_Howard@progressive.com>
Source: file:///C:/Users/user/Desktop/securedoc_20240425T124814.html	HTTP Parser: {'name':null,'msgID':'\|1__2056a5230000018f162859810a0d016ebdf8a06a@esa6.hc4529-39.iphmx.com','flags':2049,'rid':'c3BlbmNlciBjb2NvIDxzY29jb0BnaWxjaHJpc3Rjb25zdHJ1Y3Rpb24uY29tPg==','algnames':{'encryption':{'data':'AES'},'keyHash':'SHA-256'},'algparams':{'encryption':{'data':{'IV':'xCPMj+ej/gpkfk5XRW3w5A=='}}},'keyserverhost':'res.cisco.com:443','securereplyhost':'res.cisco.com:443','openerhost':'res.cisco.com:443','toc':[['Body-1714063694222.txt',1,'','',13,[0,11614],'Body-1714063694222.txt','ISO-8859-1'],['image001.png',2,'','image001.png',21,[11614,14745],'image001.png','ISO-8859-1'],['image002.png',2,'','image002.png',21,[26359,10286],'image002.png','ISO-8859-1'],['23-5759911_1-4-2024_Photos - Claim_NonProgressive (1).pdf',2,'','23-5759911_1-4-2024_Photos - Claim_NonProgressive (1).pdf',5,[36645,1268583],'23-5759911_1-4-2024_Photos - Claim_NonProgressive (1).pdf','ISO-8859-1'],['MessageBar.html',4,'','',1,[1305228,31184],'MessageBar.html','ISO-8859-1']],'salt':'GjZEjeTXFTpTBjmTe3DOxIx7H3E=','data':['','','']}
Source: file:///C:/Users/user/Desktop/securedoc_20240425T124814.html	HTTP Parser: scoco@gilchristconstruction.com

Source: securedoc_20240425T124814.html

HTTP Parser: <input type="password" .../> found

Source: securedoc_20240425T124814.html	HTTP Parser: No favicon
Source: file:///C:/Users/user/Desktop/securedoc_20240425T124814.html	HTTP Parser: No favicon
Source: https://www.progressive.com/	HTTP Parser: No favicon
Source: https://www.progressive.com/	HTTP Parser: No favicon
Source: https://www.progressive.com/#main	HTTP Parser: No favicon
Source: https://www.progressive.com/#TabOne	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49777 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 0MB later: 46MB

Source: unknown

Network traffic detected: DNS query count 30

Source: global traffic

HTTP traffic detected: GET /envelopeopener/pf/ZGJAVG9rZW4yMTQ2NjozNDY1Mw!!/0N6hUsKKauBjMzwVWRL3lACaQ04JhqeB2y5vxmSrA.Tp60gJp9EubxQvpoMtpqQ2vpRTZKsf7-8ccLen9fmwXtpcB7COr5GUIg!!/?p=0&d=%7B%27name%27%3Anull,%0D%0A%27msgID%27%3A%27%7C1__2056a5230000018f162859810a0d016ebdf8a06a%40esa6%2Ehc4529-39%2Eiphmx%2Ecom%27,%0D%0A%27flags%27%3A2049,%0D%0A%27rid%27%3A%27c3BlbmNlciBjb2NvIDxzY29jb0BnaWxjaHJpc3Rjb25zdHJ1Y3Rpb24uY29tPg%3D%3D%27,%0D%0A%27algnames%27%3A%7B%27encryption%27%3A%7B%27data%27%3A%27AES%27%7D,%27keyHash%27%3A%27SHA-256%27%7D,%0D%0A%27algparams%27%3A%7B%27encryption%27%3A%7B%27data%27%3A%7B%27IV%27%3A%27xCPMj%2Bej%2Fgpkfk5XRW3w5A%3D%3D%27%7D%7D%7D,%0D%0A%27keyserverhost%27%3A%27res%2Ecisco%2Ecom%3A443%27,%0D%0A%27securereplyhost%27%3A%27res%2Ecisco%2Ecom%3A443%27,%0D%0A%27openerhost%27%3A%27res%2Ecisco%2Ecom%3A443%27,%0D%0A%27toc%27%3A%5B%0D%0A%5B%27Body-1714063694222%2Etxt%27,1,%0D%0A%27%27,%0D%0A%27%27,%0D%0A13,%5B0,11614%5D,%27Body-1714063694222%2Etxt%27,%0D%0A%27ISO-8859-1%27%5D,%0D%0A%5B%27image001%2Epng%27,2,%0D%0A%27%27,%0D%0A%27image001%2Epng%27,%0D%0A21,%5B11614,14745%5D,%27image001%2Epng%27,%0D%0A%27ISO-8859-1%27%5D,%0D%0A%5B%27image002%2Epng%27,2,%0D%0A%27%27,%0D%0A%27image002%2Epng%27,%0D%0A21,%5B26359,10286%5D,%27image002%2Epng%27,%0D%0A%27ISO-8859-1%27%5D,%0D%0A%5B%2723-5759911_1-4-2024_Photos+-+Claim_NonProgressive+(1)%2Epdf%27,2,%0D%0A%27%27,%0D%0A%2723-5759911_1-4-2024_Photos+-+Claim_NonProgressive+(1)%2Epdf%27,%0D%0A5,%5B36645,1268583%5D,%2723-5759911_1-4-2024_Photos+-+Claim_NonProgressive+(1)%2Epdf%27,%0D%0A%27ISO-8859-1%27%5D,%0D%0A%5B%27MessageBar%2Ehtml%27,4,%0D%0A%27%27,%0D%0A%27%27,%0D%0A1,%5B1305228,31184%5D,%27MessageBar%2Ehtml%27,%0D%0A%27ISO-8859-1%27%5D%0D%0A%5D,%0D%0A%27salt%27%3A%27GjZEjeTXFTpTBjmTe3DOxIx7H3E%3D%27,%0D%0A%27data%27%3A%5B%0D%0A%27%27,%27FlQOdB%2Bf5ffin9lJEOaj%2FTdVQNehypAZ%2BQxIn6ts4RGpW9O2zDG5583H%2BGMqdqdhUGHrVNq3G%2FdzhAy7qhAYfnZ486t%2FylFOqVdtB311FZfnlvDyDgFoexHCS7pydNrp5mCCXcfYi%2FJdobE9lxxrKOYJ7z3LNU48iq8Th69FYcaeRd0kHxgTFqvAjsOs9pAW%2B9RsgdH2E6swq42mKvp5LeYmXTKE1JSvCR8jKqXgVciQzkzh9JUBgPrtr3q3ABy1lWb2GFddjgw6hqUEGZy1RCl4VDtUSsRTmNjr60LWmN1cBDfAfO%2FJyAi10qhhGqg7OVxhDt1LEQS8ASBaQmzM70oGI1inx5Hr2kjcWylam%2FkyUjv4OXnteCBKLkC%2FTbJgtWYeu8oEz1EoadokfAhrR2ThdDlY%2BjnzoEFCZfkgoQNd8qVkDCXU1g0A9vKDZby1a4K0KPKl8d18p3QKZkl4LDfZUhF%2BFrRfdif6uiEzsXw8VlM0NFBBcsCm5hWg6WJz2stcrW2DiPHwVao3lUXV0Y0yaxJA82R%2FwAFUO8%2F17rHsIcVYlz%2F0KFLOkngaF%2Fu1UlrlU6ZxnXFEtNP8V%2FkBzN7wiN3jYGL6wJnC8ZoYZO9behyzL3fNR%2BbKi7gmMs56ZyhzvLACZoo7i5b5ZSMjQTX1ea%2F%2BNMpYfCW6uSaahbcV%2FthPwT%2FoL73IBBjy5D6Yl43m%2BHC%2F%2BhKvMjzKpenrm3lrdIK8VA4ZLdmDg5k9sIU%2FTmWT4szK3AuLq6CVzCmAC2U2gb0dJ4jp%2FChPvolC7EWLuJPHUgl7HPDZ50sdy4KHLac%2BovF6tbtWhzfUFxOG5jpTRR8hM5vUOsa0MAuv0CF1HBvJhkw%2Bnn5uIEyo2zJCnIP7GtsH2sWoTVGIqNgVfie3NY4etMlnHzKrcnHs8N7JYgLzQRNKzcaVxlvhEaZTc2lBKUfMgk2ZxK0uTeGnAyhp1UKxyP%2BXkaALQ07MN9Qdg2eE43XNlLjs7lw6s1CwV4Pw8fdrWdJAslxnoizpha5fQIka9x4cWKTatSv4jKddRI63nY4zb6fqw8KYxASq5QCC7p1g9ghhQoZRlH6mr2xgbr3fJSOA%2F1vgFLrpbY6LXVvrBtKSEorQdkwEYimoC5vRoSlTHs

Source: Joe Sandbox View	IP Address: 34.66.3.160 34.66.3.160
Source: Joe Sandbox View	IP Address: 13.32.208.17 13.32.208.17
Source: Joe Sandbox View	IP Address: 239.255.255.250 239.255.255.250

Source: Joe Sandbox View

JA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 23.40.205.9
Source: unknown	TCP traffic detected without corresponding DNS query: 23.40.205.9
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86

Source: global traffic	HTTP traffic detected: GET /ajax/libs/select2/4.0.12/css/select2.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/select2/4.0.12/js/select2.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /postx.css HTTP/1.1Host: static.cres-aws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /envelopeopener/pf/ZGJAVG9rZW4yMTQ2NjozNDY1Mw!!/0N6hUsKKauBjMzwVWRL3lACaQ04JhqeB2y5vxmSrA.Tp60gJp9EubxQvpoMtpqQ2vpRTZKsf7-8ccLen9fmwXtpcB7COr5GUIg!!/?lp=en HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /envelopeopener/pf/ZGJAVG9rZW4yMTQ2NjozNDY1Mw!!/0N6hUsKKauBjMzwVWRL3lACaQ04JhqeB2y5vxmSrA.Tp60gJp9EubxQvpoMtpqQ2vpRTZKsf7-8ccLen9fmwXtpcB7COr5GUIg!!/?p=0&d=%7B%27name%27%3Anull,%0D%0A%27msgID%27%3A%27%7C1__2056a5230000018f162859810a0d016ebdf8a06a%40esa6%2Ehc4529-39%2Eiphmx%2Ecom%27,%0D%0A%27flags%27%3A2049,%0D%0A%27rid%27%3A%27c3BlbmNlciBjb2NvIDxzY29jb0BnaWxjaHJpc3Rjb25zdHJ1Y3Rpb24uY29tPg%3D%3D%27,%0D%0A%27algnames%27%3A%7B%27encryption%27%3A%7B%27data%27%3A%27AES%27%7D,%27keyHash%27%3A%27SHA-256%27%7D,%0D%0A%27algparams%27%3A%7B%27encryption%27%3A%7B%27data%27%3A%7B%27IV%27%3A%27xCPMj%2Bej%2Fgpkfk5XRW3w5A%3D%3D%27%7D%7D%7D,%0D%0A%27keyserverhost%27%3A%27res%2Ecisco%2Ecom%3A443%27,%0D%0A%27securereplyhost%27%3A%27res%2Ecisco%2Ecom%3A443%27,%0D%0A%27openerhost%27%3A%27res%2Ecisco%2Ecom%3A443%27,%0D%0A%27toc%27%3A%5B%0D%0A%5B%27Body-1714063694222%2Etxt%27,1,%0D%0A%27%27,%0D%0A%27%27,%0D%0A13,%5B0,11614%5D,%27Body-1714063694222%2Etxt%27,%0D%0A%27ISO-8859-1%27%5D,%0D%0A%5B%27image001%2Epng%27,2,%0D%0A%27%27,%0D%0A%27image001%2Epng%27,%0D%0A21,%5B11614,14745%5D,%27image001%2Epng%27,%0D%0A%27ISO-8859-1%27%5D,%0D%0A%5B%27image002%2Epng%27,2,%0D%0A%27%27,%0D%0A%27image002%2Epng%27,%0D%0A21,%5B26359,10286%5D,%27image002%2Epng%27,%0D%0A%27ISO-8859-1%27%5D,%0D%0A%5B%2723-5759911_1-4-2024_Photos+-+Claim_NonProgressive+(1)%2Epdf%27,2,%0D%0A%27%27,%0D%0A%2723-5759911_1-4-2024_Photos+-+Claim_NonProgressive+(1)%2Epdf%27,%0D%0A5,%5B36645,1268583%5D,%2723-5759911_1-4-2024_Photos+-+Claim_NonProgressive+(1)%2Epdf%27,%0D%0A%27ISO-8859-1%27%5D,%0D%0A%5B%27MessageBar%2Ehtml%27,4,%0D%0A%27%27,%0D%0A%27%27,%0D%0A1,%5B1305228,31184%5D,%27MessageBar%2Ehtml%27,%0D%0A%27ISO-8859-1%27%5D%0D%0A%5D,%0D%0A%27salt%27%3A%27GjZEjeTXFTpTBjmTe3DOxIx7H3E%3D%27,%0D%0A%27data%27%3A%5B%0D%0A%27%27,%27FlQOdB%2Bf5ffin9lJEOaj%2FTdVQNehypAZ%2BQxIn6ts4RGpW9O2zDG5583H%2BGMqdqdhUGHrVNq3G%2FdzhAy7qhAYfnZ486t%2FylFOqVdtB311FZfnlvDyDgFoexHCS7pydNrp5mCCXcfYi%2FJdobE9lxxrKOYJ7z3LNU48iq8Th69FYcaeRd0kHxgTFqvAjsOs9pAW%2B9RsgdH2E6swq42mKvp5LeYmXTKE1JSvCR8jKqXgVciQzkzh9JUBgPrtr3q3ABy1lWb2GFddjgw6hqUEGZy1RCl4VDtUSsRTmNjr60LWmN1cBDfAfO%2FJyAi10qhhGqg7OVxhDt1LEQS8ASBaQmzM70oGI1inx5Hr2kjcWylam%2FkyUjv4OXnteCBKLkC%2FTbJgtWYeu8oEz1EoadokfAhrR2ThdDlY%2BjnzoEFCZfkgoQNd8qVkDCXU1g0A9vKDZby1a4K0KPKl8d18p3QKZkl4LDfZUhF%2BFrRfdif6uiEzsXw8VlM0NFBBcsCm5hWg6WJz2stcrW2DiPHwVao3lUXV0Y0yaxJA82R%2FwAFUO8%2F17rHsIcVYlz%2F0KFLOkngaF%2Fu1UlrlU6ZxnXFEtNP8V%2FkBzN7wiN3jYGL6wJnC8ZoYZO9behyzL3fNR%2BbKi7gmMs56ZyhzvLACZoo7i5b5ZSMjQTX1ea%2F%2BNMpYfCW6uSaahbcV%2FthPwT%2FoL73IBBjy5D6Yl43m%2BHC%2F%2BhKvMjzKpenrm3lrdIK8VA4ZLdmDg5k9sIU%2FTmWT4szK3AuLq6CVzCmAC2U2gb0dJ4jp%2FChPvolC7EWLuJPHUgl7HPDZ50sdy4KHLac%2BovF6tbtWhzfUFxOG5jpTRR8hM5vUOsa0MAuv0CF1HBvJhkw%2Bnn5uIEyo2zJCnIP7GtsH2sWoTVGIqNgVfie3NY4etMlnHzKrcnHs8N7JYgLzQRNKzcaVxlvhEaZTc2lBKUfMgk2ZxK0uTeGnAyhp1UKxyP%2BXkaALQ07MN9Qdg2eE43XNlLjs7lw6s1CwV4Pw8fdrWdJAslxnoizpha5fQIka9x4cWKTatSv4jKddRI63nY4zb6fqw8KYxASq5QCC7p1g9ghhQoZRlH6mr2xgbr3fJSOA%2F1vgFLrpbY6LXVvrBtKSEorQdkwEYimoC5vRoSlTHs
Source: global traffic	HTTP traffic detected: GET /CRES_login_bg.jpg HTTP/1.1Host: static.cres-aws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Inter/Inter-Regular.ttf HTTP/1.1Host: static.cres-aws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: nullsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://static.cres-aws.com/postx.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Inter/Inter-Light.ttf HTTP/1.1Host: static.cres-aws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: nullsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://static.cres-aws.com/postx.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Inter/Inter-SemiBold.ttf HTTP/1.1Host: static.cres-aws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: nullsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://static.cres-aws.com/postx.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Inter/Inter-Bold.ttf HTTP/1.1Host: static.cres-aws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: nullsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://static.cres-aws.com/postx.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /websafe/logo/Ot5UZmNzkzRrJO8KH9iTBhnVFlhWxpY2cInrqGRVuF3mESsqxdxig03kHwLL84OScrx7NQ!!/branding/customer-logo.gif?f=1 HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /envelopeopener/pf/ZGJAVG9rZW4yMTQ2NjozNDY1Mw!!/0N6hUsKKauBjMzwVWRL3lACaQ04JhqeB2y5vxmSrA.Tp60gJp9EubxQvpoMtpqQ2vpRTZKsf7-8ccLen9fmwXtpcB7COr5GUIg!!/?button=google&lp=en HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /envelopeopener/pf/ZGJAVG9rZW4yMTQ2NjozNDY1Mw!!/0N6hUsKKauBjMzwVWRL3lACaQ04JhqeB2y5vxmSrA.Tp60gJp9EubxQvpoMtpqQ2vpRTZKsf7-8ccLen9fmwXtpcB7COr5GUIg!!/?button=ok&lp=en HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /websafe/images/loginbg.gif HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /envelopeopener/pf/ZGJAVG9rZW4yMTQ2NjozNDY1Mw!!/0N6hUsKKauBjMzwVWRL3lACaQ04JhqeB2y5vxmSrA.Tp60gJp9EubxQvpoMtpqQ2vpRTZKsf7-8ccLen9fmwXtpcB7COr5GUIg!!/?lp=en HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /keyserver/keyserver?su=scoco%40gilchristconstruction.com&df=&tf=&lp=en&v=2&m=%7c1__2056a5230000018f162859810a0d016ebdf8a06a%40esa6.hc4529-39.iphmx.com&s=1&f=0&d=1714069967006&action=open&j=1&jc=l_&jca=%22RPCRef%22%3apayload.rpc%2c%0a%22callback%22%3aqr&src=1&na=Netscape&nj=0&njs=1&nl=en-US&np=Win32&nu=Mozilla%2f5.0%20%28Windows%20NT%2010.0%3b%20Win64%3b%20x64%29%20AppleWebKit%2f537.36%20%28KHTML%2c%20like%20Gecko%29%20Chrome%2f117.0.0.0%20Safari%2f537.36&nv=5.0%20%28Windows%20NT%2010.0%3b%20Win64%3b%20x64%29%20AppleWebKit%2f537.36%20%28KHTML%2c%20like%20Gecko%29%20Chrome%2f117.0.0.0%20Safari%2f537.36 HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /CRES_login_bg.jpg HTTP/1.1Host: static.cres-aws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /websafe/logo/Ot5UZmNzkzRrJO8KH9iTBhnVFlhWxpY2cInrqGRVuF3mESsqxdxig03kHwLL84OScrx7NQ!!/branding/customer-logo.gif?f=1 HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=B576F5D73C2DFF284FCB8A6E486D6B13
Source: global traffic	HTTP traffic detected: GET /websafe/images/loginbg.gif HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=B576F5D73C2DFF284FCB8A6E486D6B13
Source: global traffic	HTTP traffic detected: GET /websafe/images/pullFeature/arrowDown.svg HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=B576F5D73C2DFF284FCB8A6E486D6B13
Source: global traffic	HTTP traffic detected: GET /websafe/images/pullFeature/arrowDown.svg HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=B576F5D73C2DFF284FCB8A6E486D6B13
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=RYp7g+Yx51e7HzA&MD=ltYFA9Ft HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /envelopeopener/pf/ZGJAVG9rZW4yMTQ2NjozNDY1Mw!!/0N6hUsKKauBjMzwVWRL3lACaQ04JhqeB2y5vxmSrA.Tp60gJp9EubxQvpoMtpqQ2vpRTZKsf7-8ccLen9fmwXtpcB7COr5GUIg!!/?button=google&lp=en&try=1 HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /envelopeopener/pf/ZGJAVG9rZW4yMTQ2NjozNDY1Mw!!/0N6hUsKKauBjMzwVWRL3lACaQ04JhqeB2y5vxmSrA.Tp60gJp9EubxQvpoMtpqQ2vpRTZKsf7-8ccLen9fmwXtpcB7COr5GUIg!!/?button=ok&lp=en&try=1 HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=RYp7g+Yx51e7HzA&MD=ltYFA9Ft HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /adscores/g.js?sid=9212299758&page=home%2Findex HTTP/1.1Host: aa.agkn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/cdn/qm/quantum-progressive.js HTTP/1.1Host: progressive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITESERVER=ID=01350ee8f84f43e6ab5e841826ff87af; ProgSessionTracker=true; cli_attr=MOBILE_IND=N&DEVICE_TYP=Google Chrome&MATCH=Y&OS_TYP=Desktop 0&BROWSER_TYP=Chrome Desktop 117&OVERRIDE_MOBILE_IND=N&TABLET_IND=N; CurrVisit=y; UserHistory=UserSource=&UserKeywords=&UserCode=&UserVisitCount=1&UserLastVisitDate=4/25/2024&UserDaysSinceLastVisit=0; VisitorDataCaptureCookie=4/25/2024 2:33:33 PM; nsval=N107N; nsseg=; mt.v=5.1637886292.1714070014426; AKA_A2=A
Source: global traffic	HTTP traffic detected: GET /dc.js HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trk/4/s/a-513ece62/p/progressive.com/1263604929-0?mr=t1579717194&mi=%275.1637886292.1714070014426%27&mt=!n&cs=!t&e=!(viewPage,gt)&pt=unknown&cv=(NeustarSegment:N107N)&r=%27%27&sw=1280&sh=1024&sc=24&j=!f&tg=!(!(50925,%2701350ee8f84f43e6ab5e841826ff87af%27))&u=%27https://www.progressive.com/%27&fl=!f&hvc=!t&ce=(NeustarSegment:N107N)&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /f?apiKey=2516641880 HTTP/1.1Host: fid.agkn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.progressive.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ab=0001%3APaIrziCOY2yO8efMTUYzQw7FYzAhPPDv
Source: global traffic	HTTP traffic detected: GET /trk/4/s/a-513ece62/p/progressive.com/1263604929-1?mr=t1579717194&mi=%275.1637886292.1714070014426%27&mt=!n&cs=!t&e=!(viewPage,gt)&pt=unknown&r=%27%27&sw=1280&sh=1024&sc=24&j=!f&tg=!(!(50925,%2701350ee8f84f43e6ab5e841826ff87af%27))&u=%27https://www.progressive.com/%27&fl=!f&hvc=!t&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trk/4/s/a-513ece62/p/progressive.com/1263604929-2?mr=t1579717194&mi=%275.1637886292.1714070014426%27&mt=!n&cs=!t&e=!(viewPage,gt)&pt=unknown&r=%27%27&sw=1280&sh=1024&sc=24&j=!f&tg=!(!(50925,%2701350ee8f84f43e6ab5e841826ff87af%27))&u=%27https://www.progressive.com/%27&fl=!f&hvc=!t&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trk/4/i/a-513ece62/p/progressive.com/1263604929-3?mr=t1579717194&mi=%275.1637886292.1714070014426%27&u=%27https://www.progressive.com/%27&e=!(xi)&ii=!(%274,2,101349,,,,1714070020.326174,0,1714070019%27)&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trk/4/i/a-513ece62/p/progressive.com/1263604929-4?mr=t1579717194&mi=%275.1637886292.1714070014426%27&u=%27https://www.progressive.com/%27&e=!(xi)&ii=!(%274,2,124999,,,,1714070020.326174,1,1714070019%27)&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /f?apiKey=2516641880 HTTP/1.1Host: fid.agkn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ab=0001%3APaIrziCOY2yO8efMTUYzQw7FYzAhPPDv
Source: global traffic	HTTP traffic detected: GET /r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1945464958&utmhn=www.progressive.com&utme=8(5!Site%20Server%20Session%20ID39!EncryptionType41!EPM%20State%20Code)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GA)11(5!241!2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070019679&utmac=UA-2108837-10&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=546654230&utmredir=3&utmu=q3AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=2&utmn=1394172416&utmhn=www.progressive.com&utmt=event&utme=5(progComMonetateHomepage%3A%20Spring%202024-1882716%3DC-Switch-and-Save)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20Code)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GA)11(5!241!2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070019688&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=3&utmn=1185465548&utmhn=www.progressive.com&utmt=event&utme=5(progComNsServerN107N)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20Code)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GA)11(5!241!2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070019697&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=4&utmn=1895964873&utmhn=www.progressive.com&utmt=event&utme=5(progComNsClientN107N)(0)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20Code)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GA)11(5!241!2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070019704&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=5&utmn=1229087485&utmhn=www.progressive.com&utmt=event&utme=5(progComSysEventimpressionId)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20CodeAd%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GAtrue)11(5!241!22)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070019716&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=6&utmn=863945238&utmhn=www.progressive.com&utmt=event&utme=5(progComSysEventPerf-FCP)(3380)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20CodeAd%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GAtrue)11(5!241!22)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070019750&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2108837-10&cid=1237932308.1714070020&jid=546654230&_v=5.7.2dc&z=1945464958 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trk/4/i/a-513ece62/p/progressive.com/1263604929-3?mr=t1579717194&mi=%275.1637886292.1714070014426%27&u=%27https://www.progressive.com/%27&e=!(xi)&ii=!(%274,2,101349,,,,1714070020.326174,0,1714070019%27)&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trk/4/i/a-513ece62/p/progressive.com/1263604929-4?mr=t1579717194&mi=%275.1637886292.1714070014426%27&u=%27https://www.progressive.com/%27&e=!(xi)&ii=!(%274,2,124999,,,,1714070020.326174,1,1714070019%27)&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=7&utmn=280369877&utmhn=www.progressive.com&utmt=event&utme=5(progComTruSegmentClientN107N)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20CodeAd%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GAtrue)11(5!241!22)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070019762&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=8&utmn=1701009805&utmhn=www.progressive.com&utmt=event&utme=5(progComTruAudienceClient)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20CodeAd%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GAtrue)11(5!241!22)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070019773&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2108837-10&cid=1237932308.1714070020&jid=546654230&_v=5.7.2dc&z=1945464958 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /adrum-ext.dc7135e81648fca28b1e62b72cf2e576.js HTTP/1.1Host: cdn.appdynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=9&utmn=1631985514&utmhn=www.progressive.com&utmt=event&utme=5(progCompageloadLoadTime_5-10secs)(6634)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20CodeAd%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GAtrue)11(5!241!22)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070021000&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=10&utmn=399493156&utmhn=www.progressive.com&utmt=event&utme=5(progComScrollscrolldown-display)8(5!Site%20Server%20Session%20ID12!Page%20Position39!encryptionType41!EPM%20State%20CodeAd%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af12!header39!TLSv1.241!GAtrue)11(5!241!22)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070021022&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=11&utmn=2112269590&utmhn=www.progressive.com&utmt=event&utme=5(progComScrollscrolldown-display)8(5!Site%20Server%20Session%20ID12!Page%20Position39!encryptionType41!EPM%20State%20CodeAd%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af12!homepage-mma-2023-v139!TLSv1.241!GAtrue)11(5!241!22)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070021039&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=12&utmn=1005391779&utmhn=www.progressive.com&utmt=event&utme=5(progComSysEventPerf-TTFB)(1514)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20CodeAd%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GAtrue)11(5!241!22)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070021079&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /eumcollector/error.gif?version=1&appKey=AD-AAB-AAC-GWR&msg=M6%20%7C%20setMaxBeaconLength HTTP/1.1Host: col.eum-appdynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /eumcollector/error.gif?version=1&appKey=AD-AAB-AAC-GWR&msg=M6%20%7C%20setMaxBeaconLength HTTP/1.1Host: col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F&t=1714070020471&v=1714070021111&S=0&N=0&P=0&z=1 HTTP/1.1Host: qm2.progressive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITESERVER=ID=01350ee8f84f43e6ab5e841826ff87af; ProgSessionTracker=true; cli_attr=MOBILE_IND=N&DEVICE_TYP=Google Chrome&MATCH=Y&OS_TYP=Desktop 0&BROWSER_TYP=Chrome Desktop 117&OVERRIDE_MOBILE_IND=N&TABLET_IND=N; CurrVisit=y; UserHistory=UserSource=&UserKeywords=&UserCode=&UserVisitCount=1&UserLastVisitDate=4/25/2024&UserDaysSinceLastVisit=0; VisitorDataCaptureCookie=4/25/2024 2:33:33 PM; nsval=N107N; nsseg=; mt.v=5.1637886292.1714070014426; AKA_A2=A; __utma=1.1237932308.1714070020.1714070020.1714070020.1; __utmc=1; __utmz=1.1714070020.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-2108837-10=1; _ga=GA1.2.1237932308.1714070020; _gid=GA1.2.120730095.1714070020; _dc_gtm_UA-2108837-37=1; __utmb=1.12.0.1714070021000; QuantumMetricSessionID=9eff55bd140a02fc7e2219f8ffbb3eaf; QuantumMetricUserID=79499c7f732cbc20757850ca5609456c; QuantumMetricSessionS=1714070021857
Source: global traffic	HTTP traffic detected: GET /progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F&t=1714070020471&v=1714070021858&H=06a22a6688ef8d2452788234&s=9eff55bd140a02fc7e2219f8ffbb3eaf&U=79499c7f732cbc20757850ca5609456c&Q=2&S=0&N=0&z=1 HTTP/1.1Host: qm2.progressive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITESERVER=ID=01350ee8f84f43e6ab5e841826ff87af; ProgSessionTracker=true; cli_attr=MOBILE_IND=N&DEVICE_TYP=Google Chrome&MATCH=Y&OS_TYP=Desktop 0&BROWSER_TYP=Chrome Desktop 117&OVERRIDE_MOBILE_IND=N&TABLET_IND=N; CurrVisit=y; UserHistory=UserSource=&UserKeywords=&UserCode=&UserVisitCount=1&UserLastVisitDate=4/25/2024&UserDaysSinceLastVisit=0; VisitorDataCaptureCookie=4/25/2024 2:33:33 PM; nsval=N107N; nsseg=; mt.v=5.1637886292.1714070014426; AKA_A2=A; __utma=1.1237932308.1714070020.1714070020.1714070020.1; __utmc=1; __utmz=1.1714070020.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-2108837-10=1; _ga=GA1.2.1237932308.1714070020; _gid=GA1.2.120730095.1714070020; _dc_gtm_UA-2108837-37=1; __utmb=1.12.0.1714070021000; QuantumMetricSessionID=9eff55bd140a02fc7e2219f8ffbb3eaf; QuantumMetricUserID=79499c7f732cbc20757850ca5609456c; QuantumMetricSessionS=1714070021857
Source: global traffic	HTTP traffic detected: GET /progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F&t=1714070020471&v=1714070021855&H=06a22a6688ef8d2452788234&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=1&Y=1&X=e8ec50bde44d4d6f71ec7acdc6e20d3d&z=1 HTTP/1.1Host: qm2.progressive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITESERVER=ID=01350ee8f84f43e6ab5e841826ff87af; ProgSessionTracker=true; cli_attr=MOBILE_IND=N&DEVICE_TYP=Google Chrome&MATCH=Y&OS_TYP=Desktop 0&BROWSER_TYP=Chrome Desktop 117&OVERRIDE_MOBILE_IND=N&TABLET_IND=N; CurrVisit=y; UserHistory=UserSource=&UserKeywords=&UserCode=&UserVisitCount=1&UserLastVisitDate=4/25/2024&UserDaysSinceLastVisit=0; VisitorDataCaptureCookie=4/25/2024 2:33:33 PM; nsval=N107N; nsseg=; mt.v=5.1637886292.1714070014426; AKA_A2=A; __utma=1.1237932308.1714070020.1714070020.1714070020.1; __utmc=1; __utmz=1.1714070020.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-2108837-10=1; _ga=GA1.2.1237932308.1714070020; _gid=GA1.2.120730095.1714070020; _dc_gtm_UA-2108837-37=1; __utmb=1.12.0.1714070021000; QuantumMetricSessionID=9eff55bd140a02fc7e2219f8ffbb3eaf; QuantumMetricUserID=79499c7f732cbc20757850ca5609456c; QuantumMetricSessionS=1714070021857
Source: global traffic	HTTP traffic detected: GET /progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F&t=1714070020471&v=1714070022484&H=06a22a6688ef8d2452788234&s=9eff55bd140a02fc7e2219f8ffbb3eaf&S=1613&N=5&P=1&z=1 HTTP/1.1Host: qm2.progressive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITESERVER=ID=01350ee8f84f43e6ab5e841826ff87af; ProgSessionTracker=true; cli_attr=MOBILE_IND=N&DEVICE_TYP=Google Chrome&MATCH=Y&OS_TYP=Desktop 0&BROWSER_TYP=Chrome Desktop 117&OVERRIDE_MOBILE_IND=N&TABLET_IND=N; CurrVisit=y; UserHistory=UserSource=&UserKeywords=&UserCode=&UserVisitCount=1&UserLastVisitDate=4/25/2024&UserDaysSinceLastVisit=0; VisitorDataCaptureCookie=4/25/2024 2:33:33 PM; nsval=N107N; nsseg=; mt.v=5.1637886292.1714070014426; AKA_A2=A; __utma=1.1237932308.1714070020.1714070020.1714070020.1; __utmc=1; __utmz=1.1714070020.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-2108837-10=1; _ga=GA1.2.1237932308.1714070020; _gid=GA1.2.120730095.1714070020; _dc_gtm_UA-2108837-37=1; __utmb=1.12.0.1714070021000; QuantumMetricSessionID=9eff55bd140a02fc7e2219f8ffbb3eaf; QuantumMetricUserID=79499c7f732cbc20757850ca5609456c; QuantumMetricSessionS=1714070021857
Source: global traffic	HTTP traffic detected: GET /eumcollector/beacons/browser/v1/AD-AAB-AAC-GWR/adrum HTTP/1.1Host: col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /progressive/hash-check HTTP/1.1Host: rl.progressive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITESERVER=ID=01350ee8f84f43e6ab5e841826ff87af; ProgSessionTracker=true; cli_attr=MOBILE_IND=N&DEVICE_TYP=Google Chrome&MATCH=Y&OS_TYP=Desktop 0&BROWSER_TYP=Chrome Desktop 117&OVERRIDE_MOBILE_IND=N&TABLET_IND=N; CurrVisit=y; UserHistory=UserSource=&UserKeywords=&UserCode=&UserVisitCount=1&UserLastVisitDate=4/25/2024&UserDaysSinceLastVisit=0; VisitorDataCaptureCookie=4/25/2024 2:33:33 PM; nsval=N107N; nsseg=; mt.v=5.1637886292.1714070014426; AKA_A2=A; __utma=1.1237932308.1714070020.1714070020.1714070020.1; __utmc=1; __utmz=1.1714070020.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-2108837-10=1; _ga=GA1.2.1237932308.1714070020; _gid=GA1.2.120730095.1714070020; _dc_gtm_UA-2108837-37=1; __utmb=1.12.0.1714070021000; QuantumMetricSessionID=9eff55bd140a02fc7e2219f8ffbb3eaf; QuantumMetricUserID=79499c7f732cbc20757850ca5609456c; QuantumMetricSessionS=1714070021857
Source: global traffic	HTTP traffic detected: GET /progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F&t=1714070020471&v=1714070026124&H=06a22a6688ef8d2452788234&s=9eff55bd140a02fc7e2219f8ffbb3eaf&S=3340&N=15&P=2&z=1 HTTP/1.1Host: qm2.progressive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITESERVER=ID=01350ee8f84f43e6ab5e841826ff87af; ProgSessionTracker=true; cli_attr=MOBILE_IND=N&DEVICE_TYP=Google Chrome&MATCH=Y&OS_TYP=Desktop 0&BROWSER_TYP=Chrome Desktop 117&OVERRIDE_MOBILE_IND=N&TABLET_IND=N; CurrVisit=y; UserHistory=UserSource=&UserKeywords=&UserCode=&UserVisitCount=1&UserLastVisitDate=4/25/2024&UserDaysSinceLastVisit=0; VisitorDataCaptureCookie=4/25/2024 2:33:33 PM; nsval=N107N; nsseg=; mt.v=5.1637886292.1714070014426; AKA_A2=A; __utma=1.1237932308.1714070020.1714070020.1714070020.1; __utmc=1; __utmz=1.1714070020.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-2108837-10=1; _ga=GA1.2.1237932308.1714070020; _gid=GA1.2.120730095.1714070020; _dc_gtm_UA-2108837-37=1; __utmb=1.12.0.1714070021000; QuantumMetricSessionID=9eff55bd140a02fc7e2219f8ffbb3eaf; QuantumMetricUserID=79499c7f732cbc20757850ca5609456c; QuantumMetricSessionS=1714070021857
Source: global traffic	HTTP traffic detected: GET /progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F&t=1714070020471&v=1714070027006&H=06a22a6688ef8d2452788234&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=719&N=1&z=1 HTTP/1.1Host: qm2.progressive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITESERVER=ID=01350ee8f84f43e6ab5e841826ff87af; ProgSessionTracker=true; cli_attr=MOBILE_IND=N&DEVICE_TYP=Google Chrome&MATCH=Y&OS_TYP=Desktop 0&BROWSER_TYP=Chrome Desktop 117&OVERRIDE_MOBILE_IND=N&TABLET_IND=N; CurrVisit=y; UserHistory=UserSource=&UserKeywords=&UserCode=&UserVisitCount=1&UserLastVisitDate=4/25/2024&UserDaysSinceLastVisit=0; VisitorDataCaptureCookie=4/25/2024 2:33:33 PM; nsval=N107N; nsseg=; mt.v=5.1637886292.1714070014426; AKA_A2=A; __utma=1.1237932308.1714070020.1714070020.1714070020.1; __utmc=1; __utmz=1.1714070020.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-2108837-10=1; _ga=GA1.2.1237932308.1714070020; _gid=GA1.2.120730095.1714070020; _dc_gtm_UA-2108837-37=1; __utmb=1.12.0.1714070021000; QuantumMetricSessionID=9eff55bd140a02fc7e2219f8ffbb3eaf; QuantumMetricUserID=79499c7f732cbc20757850ca5609456c; QuantumMetricSessionS=1714070021857
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=13&utmn=1570514799&utmhn=www.progressive.com&utmt=event&utme=5(progComSysEventPerf-LCP)(3136)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20CodeAd%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GAtrue)11(5!241!22)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070030107&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=14&utmn=1674075635&utmhn=www.progressive.com&utmt=event&utme=5(progComSysEventPerf-CLS)(0)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20CodeAd%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GAtrue)11(5!241!22)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070030127&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /adscores/g.js?sid=9212299758&page=home%2Findex HTTP/1.1Host: aa.agkn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ab=0001%3APaIrziCOY2yO8efMTUYzQw7FYzAhPPDv
Source: global traffic	HTTP traffic detected: GET /trk/4/s/a-513ece62/p/progressive.com/571127234-0?mr=t1579717194&mi=%275.1637886292.1714070014426%27&mt=!n&cs=!t&e=!(viewPage,gt)&pt=unknown&r=%27%27&sw=1280&sh=1024&sc=24&j=!f&tg=!(!(50925,%2701350ee8f84f43e6ab5e841826ff87af%27))&u=%27https://www.progressive.com/%23main%27&fl=!f&hvc=!t&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /f?apiKey=2516641880 HTTP/1.1Host: fid.agkn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.progressive.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ab=0001%3APaIrziCOY2yO8efMTUYzQw7FYzAhPPDv
Source: global traffic	HTTP traffic detected: GET /trk/4/s/a-513ece62/p/progressive.com/571127234-1?mr=t1579717194&mi=%275.1637886292.1714070014426%27&mt=!n&cs=!t&e=!(viewPage,gt)&pt=unknown&cv=(NeustarSegment:N107N)&r=%27%27&sw=1280&sh=1024&sc=24&j=!f&tg=!(!(50925,%2701350ee8f84f43e6ab5e841826ff87af%27))&u=%27https://www.progressive.com/%23main%27&fl=!f&hvc=!t&ce=(NeustarSegment:N107N)&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trk/4/s/a-513ece62/p/progressive.com/571127234-2?mr=t1579717194&mi=%275.1637886292.1714070014426%27&mt=!n&cs=!t&e=!(viewPage,gt)&pt=unknown&r=%27%27&sw=1280&sh=1024&sc=24&j=!f&tg=!(!(50925,%2701350ee8f84f43e6ab5e841826ff87af%27))&u=%27https://www.progressive.com/%23main%27&fl=!f&hvc=!t&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=15&utmn=1719981507&utmhn=www.progressive.com&utme=8(5!Site%20Server%20Session%20ID39!EncryptionType41!EPM%20State%20Code)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GA)11(5!241!2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1962391686&utmr=-&utmp=%2F&utmht=1714070031631&utmac=UA-2108837-10&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=q3AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trk/4/s/a-513ece62/p/progressive.com/571127234-3?mr=t1579717194&mi=%275.1637886292.1714070014426%27&mt=!n&cs=!t&e=!(viewPage,gt)&pt=unknown&r=%27%27&sw=1280&sh=1024&sc=24&j=!f&tg=!(!(50925,%2701350ee8f84f43e6ab5e841826ff87af%27))&u=%27https://www.progressive.com/%23main%27&fl=!f&hvc=!t&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=16&utmn=1701126125&utmhn=www.progressive.com&utmt=event&utme=5(progComMonetateHomepage%3A%20Spring%202024-1882716%3DC-Switch-and-Save)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20Code)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GA)11(5!241!2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1962391686&utmr=-&utmp=%2F&utmht=1714070031648&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=17&utmn=888450926&utmhn=www.progressive.com&utmt=event&utme=5(progComNsCookieN107N)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20Code)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GA)11(5!241!2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1962391686&utmr=-&utmp=%2F&utmht=1714070031732&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=18&utmn=723330037&utmhn=www.progressive.com&utmt=event&utme=5(progComNsClientN107N)(0)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20Code)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GA)11(5!241!2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1962391686&utmr=-&utmp=%2F&utmht=1714070031750&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=19&utmn=965263692&utmhn=www.progressive.com&utmt=event&utme=5(progComSysEventimpressionId)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20CodeAd%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GAtrue)11(5!241!22)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1962391686&utmr=-&utmp=%2F&utmht=1714070031770&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=20&utmn=1288689361&utmhn=www.progressive.com&utmt=event&utme=5(progComSysEventPerf-FCP)(1514)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20CodeAd%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GAtrue)11(5!241!22)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1962391686&utmr=-&utmp=%2F&utmht=1714070031815&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=21&utmn=515141506&utmhn=www.progressive.com&utmt=event&utme=5(progComTruSegmentClientN107N)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20CodeAd%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GAtrue)11(5!241!22)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1962391686&utmr=-&utmp=%2F&utmht=1714070031999&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trk/4/i/a-513ece62/p/progressive.com/571127234-4?mr=t1579717194&mi=%275.1637886292.1714070014426%27&u=%27https://www.progressive.com/%23main%27&e=!(xi)&ii=!(%274,2,101349,,,,1714070032.40802,0,1714070032%27)&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trk/4/i/a-513ece62/p/progressive.com/571127234-5?mr=t1579717194&mi=%275.1637886292.1714070014426%27&u=%27https://www.progressive.com/%23main%27&e=!(xi)&ii=!(%274,2,124999,,,,1714070032.40802,1,1714070032%27)&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /f?apiKey=2516641880 HTTP/1.1Host: fid.agkn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ab=0001%3APaIrziCOY2yO8efMTUYzQw7FYzAhPPDv
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=22&utmn=1270331961&utmhn=www.progressive.com&utmt=event&utme=5(progComTruAudienceClient)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20CodeAd%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GAtrue)11(5!241!22)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1962391686&utmr=-&utmp=%2F&utmht=1714070032021&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trk/4/i/a-513ece62/p/progressive.com/571127234-4?mr=t1579717194&mi=%275.1637886292.1714070014426%27&u=%27https://www.progressive.com/%23main%27&e=!(xi)&ii=!(%274,2,101349,,,,1714070032.40802,0,1714070032%27)&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trk/4/i/a-513ece62/p/progressive.com/571127234-5?mr=t1579717194&mi=%275.1637886292.1714070014426%27&u=%27https://www.progressive.com/%23main%27&e=!(xi)&ii=!(%274,2,124999,,,,1714070032.40802,1,1714070032%27)&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /eumcollector/error.gif?version=1&appKey=AD-AAB-AAC-GWR&msg=M6%20%7C%20setMaxBeaconLength HTTP/1.1Host: col.eum-appdynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=23&utmn=1998650670&utmhn=www.progressive.com&utmt=event&utme=5(progCompageloadLoadTime_2-3secs)(2084)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20CodeAd%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GAtrue)11(5!241!22)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1962391686&utmr=-&utmp=%2F&utmht=1714070032784&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=24&utmn=1258927931&utmhn=www.progressive.com&utmt=event&utme=5(progComScrollscrolldown-display)8(5!Site%20Server%20Session%20ID12!Page%20Position39!encryptionType41!EPM%20State%20CodeAd%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af12!header39!TLSv1.241!GAtrue)11(5!241!22)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1962391686&utmr=-&utmp=%2F&utmht=1714070032858&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F&t=1714070020471&v=1714070032230&H=06a22a6688ef8d2452788234&s=9eff55bd140a02fc7e2219f8ffbb3eaf&S=6653&N=24&P=3&z=1 HTTP/1.1Host: qm2.progressive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITESERVER=ID=01350ee8f84f43e6ab5e841826ff87af; ProgSessionTracker=true; cli_attr=MOBILE_IND=N&DEVICE_TYP=Google Chrome&MATCH=Y&OS_TYP=Desktop 0&BROWSER_TYP=Chrome Desktop 117&OVERRIDE_MOBILE_IND=N&TABLET_IND=N; CurrVisit=y; UserHistory=UserSource=&UserKeywords=&UserCode=&UserVisitCount=1&UserLastVisitDate=4/25/2024&UserDaysSinceLastVisit=0; VisitorDataCaptureCookie=4/25/2024 2:33:33 PM; nsval=N107N; nsseg=; mt.v=5.1637886292.1714070014426; AKA_A2=A; __utma=1.1237932308.1714070020.1714070020.1714070020.1; __utmc=1; __utmz=1.1714070020.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-2108837-10=1; _ga=GA1.2.1237932308.1714070020; _gid=GA1.2.120730095.1714070020; _dc_gtm_UA-2108837-37=1; QuantumMetricSessionID=9eff55bd140a02fc7e2219f8ffbb3eaf; QuantumMetricUserID=79499c7f732cbc20757850ca5609456c; QuantumMetricSessionS=1714070021857; __utmb=1.24.0.1714070032784
Source: global traffic	HTTP traffic detected: GET /progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23main&t=1714070032129&v=1714070032741&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=1&Y=1&X=95829216c2c148a20edac8b3f4f05184&z=1 HTTP/1.1Host: qm2.progressive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITESERVER=ID=01350ee8f84f43e6ab5e841826ff87af; ProgSessionTracker=true; cli_attr=MOBILE_IND=N&DEVICE_TYP=Google Chrome&MATCH=Y&OS_TYP=Desktop 0&BROWSER_TYP=Chrome Desktop 117&OVERRIDE_MOBILE_IND=N&TABLET_IND=N; CurrVisit=y; UserHistory=UserSource=&UserKeywords=&UserCode=&UserVisitCount=1&UserLastVisitDate=4/25/2024&UserDaysSinceLastVisit=0; VisitorDataCaptureCookie=4/25/2024 2:33:33 PM; nsval=N107N; nsseg=; mt.v=5.1637886292.1714070014426; AKA_A2=A; __utma=1.1237932308.1714070020.1714070020.1714070020.1; __utmc=1; __utmz=1.1714070020.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-2108837-10=1; _ga=GA1.2.1237932308.1714070020; _gid=GA1.2.120730095.1714070020; _dc_gtm_UA-2108837-37=1; QuantumMetricSessionID=9eff55bd140a02fc7e2219f8ffbb3eaf; QuantumMetricUserID=79499c7f732cbc20757850ca5609456c; QuantumMetricSessionS=1714070021857; __utmb=1.24.0.1714070032784
Source: global traffic	HTTP traffic detected: GET /progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23main&t=1714070032129&v=1714070032736&s=9eff55bd140a02fc7e2219f8ffbb3eaf&U=79499c7f732cbc20757850ca5609456c&S=0&N=0&P=0&z=1 HTTP/1.1Host: qm2.progressive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITESERVER=ID=01350ee8f84f43e6ab5e841826ff87af; ProgSessionTracker=true; cli_attr=MOBILE_IND=N&DEVICE_TYP=Google Chrome&MATCH=Y&OS_TYP=Desktop 0&BROWSER_TYP=Chrome Desktop 117&OVERRIDE_MOBILE_IND=N&TABLET_IND=N; CurrVisit=y; UserHistory=UserSource=&UserKeywords=&UserCode=&UserVisitCount=1&UserLastVisitDate=4/25/2024&UserDaysSinceLastVisit=0; VisitorDataCaptureCookie=4/25/2024 2:33:33 PM; nsval=N107N; nsseg=; mt.v=5.1637886292.1714070014426; AKA_A2=A; __utma=1.1237932308.1714070020.1714070020.1714070020.1; __utmc=1; __utmz=1.1714070020.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-2108837-10=1; _ga=GA1.2.1237932308.1714070020; _gid=GA1.2.120730095.1714070020; _dc_gtm_UA-2108837-37=1; QuantumMetricSessionID=9eff55bd140a02fc7e2219f8ffbb3eaf; QuantumMetricUserID=79499c7f732cbc20757850ca5609456c; QuantumMetricSessionS=1714070021857; __utmb=1.24.0.1714070032784
Source: global traffic	HTTP traffic detected: GET /progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F&t=1714070020471&v=1714070032938&H=06a22a6688ef8d2452788234&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=1141&N=2&z=1 HTTP/1.1Host: qm2.progressive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITESERVER=ID=01350ee8f84f43e6ab5e841826ff87af; ProgSessionTracker=true; cli_attr=MOBILE_IND=N&DEVICE_TYP=Google Chrome&MATCH=Y&OS_TYP=Desktop 0&BROWSER_TYP=Chrome Desktop 117&OVERRIDE_MOBILE_IND=N&TABLET_IND=N; CurrVisit=y; UserHistory=UserSource=&UserKeywords=&UserCode=&UserVisitCount=1&UserLastVisitDate=4/25/2024&UserDaysSinceLastVisit=0; VisitorDataCaptureCookie=4/25/2024 2:33:33 PM; nsval=N107N; nsseg=; mt.v=5.1637886292.1714070014426; AKA_A2=A; __utma=1.1237932308.1714070020.1714070020.1714070020.1; __utmc=1; __utmz=1.1714070020.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-2108837-10=1; _ga=GA1.2.1237932308.1714070020; _gid=GA1.2.120730095.1714070020; _dc_gtm_UA-2108837-37=1; QuantumMetricSessionID=9eff55bd140a02fc7e2219f8ffbb3eaf; QuantumMetricUserID=79499c7f732cbc20757850ca5609456c; QuantumMetricSessionS=1714070021857; __utmb=1.24.0.1714070032784
Source: global traffic	HTTP traffic detected: GET /eumcollector/error.gif?version=1&appKey=AD-AAB-AAC-GWR&msg=M6%20%7C%20setMaxBeaconLength HTTP/1.1Host: col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ADRUM_BTa=R:0\|g:eef05525-33ed-4c8d-a996-d1195e73a21c\|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; SameSite=None; ADRUM_BT1=R:0\|i:155364\|e:1\|t:1714070024646
Source: global traffic	HTTP traffic detected: GET /progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23main&t=1714070032129&v=1714070033506&H=12a22a669b4c60bb12f5ca9f&s=9eff55bd140a02fc7e2219f8ffbb3eaf&U=79499c7f732cbc20757850ca5609456c&Q=2&S=0&N=0&z=1 HTTP/1.1Host: qm2.progressive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITESERVER=ID=01350ee8f84f43e6ab5e841826ff87af; ProgSessionTracker=true; cli_attr=MOBILE_IND=N&DEVICE_TYP=Google Chrome&MATCH=Y&OS_TYP=Desktop 0&BROWSER_TYP=Chrome Desktop 117&OVERRIDE_MOBILE_IND=N&TABLET_IND=N; CurrVisit=y; UserHistory=UserSource=&UserKeywords=&UserCode=&UserVisitCount=1&UserLastVisitDate=4/25/2024&UserDaysSinceLastVisit=0; VisitorDataCaptureCookie=4/25/2024 2:33:33 PM; nsval=N107N; nsseg=; mt.v=5.1637886292.1714070014426; AKA_A2=A; __utma=1.1237932308.1714070020.1714070020.1714070020.1; __utmc=1; __utmz=1.1714070020.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-2108837-10=1; _ga=GA1.2.1237932308.1714070020; _gid=GA1.2.120730095.1714070020; _dc_gtm_UA-2108837-37=1; QuantumMetricSessionID=9eff55bd140a02fc7e2219f8ffbb3eaf; QuantumMetricUserID=79499c7f732cbc20757850ca5609456c; QuantumMetricSessionS=1714070021857; __utmb=1.25.0.1714070033944
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=25&utmn=2011445655&utmhn=www.progressive.com&utmt=event&utme=5(progComSysEventPerf-LCP)(1350)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20CodeAd%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GAtrue)11(5!241!22)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1962391686&utmr=-&utmp=%2F&utmht=1714070033945&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /adscores/g.js?sid=9212299758&page=home%2Findex HTTP/1.1Host: aa.agkn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ab=0001%3APaIrziCOY2yO8efMTUYzQw7FYzAhPPDv
Source: global traffic	HTTP traffic detected: GET /trk/4/s/a-513ece62/p/progressive.com/52627582-0?mr=t1579717194&mi=%275.1637886292.1714070014426%27&mt=!n&cs=!t&e=!(viewPage,gt)&pt=unknown&r=%27%27&sw=1280&sh=1024&sc=24&j=!f&tg=!(!(50925,%2701350ee8f84f43e6ab5e841826ff87af%27))&u=%27https://www.progressive.com/%23TabOne%27&fl=!f&hvc=!t&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trk/4/s/a-513ece62/p/progressive.com/52627582-1?mr=t1579717194&mi=%275.1637886292.1714070014426%27&mt=!n&cs=!t&e=!(viewPage,gt)&pt=unknown&cv=(NeustarSegment:N107N)&r=%27%27&sw=1280&sh=1024&sc=24&j=!f&tg=!(!(50925,%2701350ee8f84f43e6ab5e841826ff87af%27))&u=%27https://www.progressive.com/%23TabOne%27&fl=!f&hvc=!t&ce=(NeustarSegment:N107N)&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trk/4/s/a-513ece62/p/progressive.com/52627582-2?mr=t1579717194&mi=%275.1637886292.1714070014426%27&mt=!n&cs=!t&e=!(viewPage,gt)&pt=unknown&r=%27%27&sw=1280&sh=1024&sc=24&j=!f&tg=!(!(50925,%2701350ee8f84f43e6ab5e841826ff87af%27))&u=%27https://www.progressive.com/%23TabOne%27&fl=!f&hvc=!t&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /f?apiKey=2516641880 HTTP/1.1Host: fid.agkn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.progressive.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ab=0001%3APaIrziCOY2yO8efMTUYzQw7FYzAhPPDv
Source: global traffic	HTTP traffic detected: GET /trk/4/s/a-513ece62/p/progressive.com/52627582-3?mr=t1579717194&mi=%275.1637886292.1714070014426%27&mt=!n&cs=!t&e=!(viewPage,gt)&pt=unknown&r=%27%27&sw=1280&sh=1024&sc=24&j=!f&tg=!(!(50925,%2701350ee8f84f43e6ab5e841826ff87af%27))&u=%27https://www.progressive.com/%23TabOne%27&fl=!f&hvc=!t&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trk/4/i/a-513ece62/p/progressive.com/52627582-4?mr=t1579717194&mi=%275.1637886292.1714070014426%27&u=%27https://www.progressive.com/%23TabOne%27&e=!(xi)&ii=!(%274,2,101349,,,,1714070036.351542,0,1714070035%27)&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trk/4/i/a-513ece62/p/progressive.com/52627582-5?mr=t1579717194&mi=%275.1637886292.1714070014426%27&u=%27https://www.progressive.com/%23TabOne%27&e=!(xi)&ii=!(%274,2,124999,,,,1714070036.351542,1,1714070035%27)&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=26&utmn=27950765&utmhn=www.progressive.com&utme=8(5!Site%20Server%20Session%20ID39!EncryptionType41!EPM%20State%20Code)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GA)11(5!241!2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=786806350&utmr=-&utmp=%2F&utmht=1714070035927&utmac=UA-2108837-10&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=q3AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=27&utmn=1155202519&utmhn=www.progressive.com&utmt=event&utme=5(progComMonetateHomepage%3A%20Spring%202024-1882716%3DC-Switch-and-Save)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20Code)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GA)11(5!241!2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=786806350&utmr=-&utmp=%2F&utmht=1714070035954&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /__utm.gif?utmwv=5.7.2dc&utms=28&utmn=479863476&utmhn=www.progressive.com&utmt=event&utme=5(progComNsCookieN107N)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20Code)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GA)11(5!241!2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=786806350&utmr=-&utmp=%2F&utmht=1714070035976&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~ HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /progressive/hash-check HTTP/1.1Host: rl.progressive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITESERVER=ID=01350ee8f84f43e6ab5e841826ff87af; ProgSessionTracker=true; cli_attr=MOBILE_IND=N&DEVICE_TYP=Google Chrome&MATCH=Y&OS_TYP=Desktop 0&BROWSER_TYP=Chrome Desktop 117&OVERRIDE_MOBILE_IND=N&TABLET_IND=N; CurrVisit=y; UserHistory=UserSource=&UserKeywords=&UserCode=&UserVisitCount=1&UserLastVisitDate=4/25/2024&UserDaysSinceLastVisit=0; VisitorDataCaptureCookie=4/25/2024 2:33:33 PM; nsval=N107N; nsseg=; mt.v=5.1637886292.1714070014426; AKA_A2=A; __utma=1.1237932308.1714070020.1714070020.1714070020.1; __utmc=1; __utmz=1.1714070020.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-2108837-10=1; _ga=GA1.2.1237932308.1714070020; _gid=GA1.2.120730095.1714070020; _dc_gtm_UA-2108837-37=1; QuantumMetricSessionID=9eff55bd140a02fc7e2219f8ffbb3eaf; QuantumMetricUserID=79499c7f732cbc20757850ca5609456c; QuantumMetricSessionS=1714070021857; __utmb=1.28.0.1714070035954
Source: global traffic	HTTP traffic detected: GET /eumcollector/beacons/browser/v1/AD-AAB-AAC-GWR/adrum HTTP/1.1Host: col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ADRUM_BTa=R:0\|g:eef05525-33ed-4c8d-a996-d1195e73a21c\|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; SameSite=None; ADRUM_BT1=R:0\|i:155364\|e:1\|t:1714070024646
Source: global traffic	HTTP traffic detected: GET /trk/4/i/a-513ece62/p/progressive.com/52627582-4?mr=t1579717194&mi=%275.1637886292.1714070014426%27&u=%27https://www.progressive.com/%23TabOne%27&e=!(xi)&ii=!(%274,2,101349,,,,1714070036.351542,0,1714070035%27)&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /f?apiKey=2516641880 HTTP/1.1Host: fid.agkn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ab=0001%3APaIrziCOY2yO8efMTUYzQw7FYzAhPPDv
Source: global traffic	HTTP traffic detected: GET /trk/4/i/a-513ece62/p/progressive.com/52627582-5?mr=t1579717194&mi=%275.1637886292.1714070014426%27&u=%27https://www.progressive.com/%23TabOne%27&e=!(xi)&ii=!(%274,2,124999,,,,1714070036.351542,1,1714070035%27)&eoq=!t HTTP/1.1Host: f.monetate.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /eumcollector/error.gif?version=1&appKey=AD-AAB-AAC-GWR&msg=M6%20%7C%20setMaxBeaconLength HTTP/1.1Host: col.eum-appdynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /eumcollector/error.gif?version=1&appKey=AD-AAB-AAC-GWR&msg=M6%20%7C%20setMaxBeaconLength HTTP/1.1Host: col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SameSite=None; ADRUM_BTa=R:0\|g:d61fc89c-b02f-44a4-a179-9265dc03b19b\|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; ADRUM_BT1=R:0\|i:155364\|e:1\|t:1714070037730
Source: global traffic	HTTP traffic detected: GET /eumcollector/beacons/browser/v1/AD-AAB-AAC-GWR/adrum HTTP/1.1Host: col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SameSite=None; ADRUM_BTa=R:0\|g:d61fc89c-b02f-44a4-a179-9265dc03b19b\|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; ADRUM_BT1=R:0\|i:155364\|e:1\|t:1714070037730
Source: global traffic	HTTP traffic detected: GET /progressive/hash-check HTTP/1.1Host: rl.progressive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITESERVER=ID=01350ee8f84f43e6ab5e841826ff87af; ProgSessionTracker=true; cli_attr=MOBILE_IND=N&DEVICE_TYP=Google Chrome&MATCH=Y&OS_TYP=Desktop 0&BROWSER_TYP=Chrome Desktop 117&OVERRIDE_MOBILE_IND=N&TABLET_IND=N; CurrVisit=y; UserHistory=UserSource=&UserKeywords=&UserCode=&UserVisitCount=1&UserLastVisitDate=4/25/2024&UserDaysSinceLastVisit=0; VisitorDataCaptureCookie=4/25/2024 2:33:33 PM; nsval=N107N; nsseg=; mt.v=5.1637886292.1714070014426; AKA_A2=A; __utma=1.1237932308.1714070020.1714070020.1714070020.1; __utmc=1; __utmz=1.1714070020.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-2108837-10=1; _ga=GA1.2.1237932308.1714070020; _gid=GA1.2.120730095.1714070020; _dc_gtm_UA-2108837-37=1; QuantumMetricSessionID=9eff55bd140a02fc7e2219f8ffbb3eaf; QuantumMetricUserID=79499c7f732cbc20757850ca5609456c; QuantumMetricSessionS=1714070021857; __utmb=1.28.0.1714070035954
Source: global traffic	HTTP traffic detected: GET /envelopeopener/pf/ZGJAVG9rZW4yMTQ2NjozNDY1Mw!!/0N6hUsKKauBjMzwVWRL3lACaQ04JhqeB2y5vxmSrA.Tp60gJp9EubxQvpoMtpqQ2vpRTZKsf7-8ccLen9fmwXtpcB7COr5GUIg!!/?button=google&lp=en&try=1 HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /envelopeopener/pf/ZGJAVG9rZW4yMTQ2NjozNDY1Mw!!/0N6hUsKKauBjMzwVWRL3lACaQ04JhqeB2y5vxmSrA.Tp60gJp9EubxQvpoMtpqQ2vpRTZKsf7-8ccLen9fmwXtpcB7COr5GUIg!!/?button=ok&lp=en&try=1 HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_195.2.dr	String found in binary or memory: <a href="https://www.facebook.com/progressive" class="link facebook" data-tracking-label="facebook" aria-label="Facebook"> equals www.facebook.com (Facebook)
Source: chromecache_195.2.dr	String found in binary or memory: <a href="https://www.twitter.com/progressive" class="link twitter" data-tracking-label="twitter" aria-label="x, formerly twitter"> equals www.twitter.com (Twitter)
Source: chromecache_195.2.dr	String found in binary or memory: <a href="https://www.youtube.com/user/progressive" class="link youtube" data-tracking-label="youtube" aria-label="Youtube"> equals www.youtube.com (Youtube)
Source: chromecache_195.2.dr	String found in binary or memory: <script>_p(document).ready(function(){var n={},t;n.script=null;n.text="";t="";document.querySelector("meta[name='description']")!=null&&(t=document.querySelector("meta[name='description']").getAttribute("content"));n.text+=JSON.stringify({"@context":"http://schema.org","@type":"Organization",name:"Progressive",url:dfProgCom,logo:dfProgCom+"/content/images/DomainProgressive/logo/logo-progressive.png",description:t,alternateName:"Progressive, Progressive Insurance, The Progressive Corporation",areaServed:"US",contactPoint:[{"@type":"ContactPoint",url:dfProgCom,telephone:"+1-800-776-4737",contactType:"customer service"}],sameAs:["https://www.facebook.com/progressive","https://www.twitter.com/progressive","https://www.youtube.com/user/progressive","https://www.instagram.com/progressive/","https://www.glassdoor.com/Overview/Working-at-Progressive-Insurance-EI_IE546.11,32.htm"]});createJsonLdScript("sdCorporation",n);appendJsonJdScript("sdCorporation",n)});</script> equals www.facebook.com (Facebook)
Source: chromecache_195.2.dr	String found in binary or memory: <script>_p(document).ready(function(){var n={},t;n.script=null;n.text="";t="";document.querySelector("meta[name='description']")!=null&&(t=document.querySelector("meta[name='description']").getAttribute("content"));n.text+=JSON.stringify({"@context":"http://schema.org","@type":"Organization",name:"Progressive",url:dfProgCom,logo:dfProgCom+"/content/images/DomainProgressive/logo/logo-progressive.png",description:t,alternateName:"Progressive, Progressive Insurance, The Progressive Corporation",areaServed:"US",contactPoint:[{"@type":"ContactPoint",url:dfProgCom,telephone:"+1-800-776-4737",contactType:"customer service"}],sameAs:["https://www.facebook.com/progressive","https://www.twitter.com/progressive","https://www.youtube.com/user/progressive","https://www.instagram.com/progressive/","https://www.glassdoor.com/Overview/Working-at-Progressive-Insurance-EI_IE546.11,32.htm"]});createJsonLdScript("sdCorporation",n);appendJsonJdScript("sdCorporation",n)});</script> equals www.twitter.com (Twitter)
Source: chromecache_195.2.dr	String found in binary or memory: <script>_p(document).ready(function(){var n={},t;n.script=null;n.text="";t="";document.querySelector("meta[name='description']")!=null&&(t=document.querySelector("meta[name='description']").getAttribute("content"));n.text+=JSON.stringify({"@context":"http://schema.org","@type":"Organization",name:"Progressive",url:dfProgCom,logo:dfProgCom+"/content/images/DomainProgressive/logo/logo-progressive.png",description:t,alternateName:"Progressive, Progressive Insurance, The Progressive Corporation",areaServed:"US",contactPoint:[{"@type":"ContactPoint",url:dfProgCom,telephone:"+1-800-776-4737",contactType:"customer service"}],sameAs:["https://www.facebook.com/progressive","https://www.twitter.com/progressive","https://www.youtube.com/user/progressive","https://www.instagram.com/progressive/","https://www.glassdoor.com/Overview/Working-at-Progressive-Insurance-EI_IE546.11,32.htm"]});createJsonLdScript("sdCorporation",n);appendJsonJdScript("sdCorporation",n)});</script> equals www.youtube.com (Youtube)
Source: chromecache_244.2.dr	String found in binary or memory: return b}yC.J="internal.enableAutoEventOnTimer";var dc=ka(["data-gtm-yt-inspected-"]),AC=["www.youtube.com","www.youtube-nocookie.com"],BC,CC=!1; equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: static.cres-aws.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: res.cisco.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.progressive.com
Source: global traffic	DNS traffic detected: DNS query: images.contentstack.io
Source: global traffic	DNS traffic detected: DNS query: aa.agkn.com
Source: global traffic	DNS traffic detected: DNS query: progressive.com
Source: global traffic	DNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: se.monetate.net
Source: global traffic	DNS traffic detected: DNS query: api.progressive.com
Source: global traffic	DNS traffic detected: DNS query: s.go-mpulse.net
Source: global traffic	DNS traffic detected: DNS query: c.go-mpulse.net
Source: global traffic	DNS traffic detected: DNS query: col.eum-appdynamics.com
Source: global traffic	DNS traffic detected: DNS query: cdn.appdynamics.com
Source: global traffic	DNS traffic detected: DNS query: gateway.answerscloud.com
Source: global traffic	DNS traffic detected: DNS query: d.agkn.com
Source: global traffic	DNS traffic detected: DNS query: pt.ispot.tv
Source: global traffic	DNS traffic detected: DNS query: bid.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: adservice.google.com
Source: global traffic	DNS traffic detected: DNS query: 1384245.fls.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: f.monetate.net
Source: global traffic	DNS traffic detected: DNS query: engine.monetate.net
Source: global traffic	DNS traffic detected: DNS query: e.monetate.net
Source: global traffic	DNS traffic detected: DNS query: rtds.progressive.com
Source: global traffic	DNS traffic detected: DNS query: sb.monetate.net
Source: global traffic	DNS traffic detected: DNS query: fid.agkn.com
Source: global traffic	DNS traffic detected: DNS query: qm2.progressive.com
Source: global traffic	DNS traffic detected: DNS query: rl.progressive.com

Source: unknown

HTTP traffic detected: POST /splunkservices/v1/collectors/logs HTTP/1.1Host: rtds.progressive.comConnection: keep-aliveContent-Length: 1110sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/javascript, */*; q=0.01rtds_key: zTk9Eis3cEQ0uQGrRZg3UVwieieContent-Type: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://www.progressive.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.progressive.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 25 Apr 2024 18:33:45 GMTContent-Type: text/plain; charset=utf-8Content-Length: 15Connection: closeVary: OriginX-Content-Type-Options: nosniffStrict-Transport-Security: max-age=15724800; includeSubDomainsAccess-Control-Allow-Methods: *Access-Control-Allow-Credentials: true
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 25 Apr 2024 18:33:57 GMTContent-Type: text/plain; charset=utf-8Content-Length: 15Connection: closeVary: OriginX-Content-Type-Options: nosniffStrict-Transport-Security: max-age=15724800; includeSubDomainsAccess-Control-Allow-Methods: *Access-Control-Allow-Credentials: true
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 25 Apr 2024 18:34:00 GMTContent-Type: text/plain; charset=utf-8Content-Length: 15Connection: closeVary: OriginX-Content-Type-Options: nosniffStrict-Transport-Security: max-age=15724800; includeSubDomainsAccess-Control-Allow-Methods: *Access-Control-Allow-Credentials: true

Source: chromecache_157.2.dr	String found in binary or memory: http://b.monetate.net
Source: chromecache_187.2.dr	String found in binary or memory: http://cdn.appdynamics.com
Source: chromecache_209.2.dr	String found in binary or memory: http://code.google.com/p/episodes/
Source: chromecache_187.2.dr	String found in binary or memory: http://col.eum-appdynamics.com
Source: chromecache_157.2.dr	String found in binary or memory: http://f.monetate.net
Source: chromecache_151.2.dr	String found in binary or memory: http://farukat.es/
Source: chromecache_195.2.dr	String found in binary or memory: http://ogp.me/ns#
Source: chromecache_151.2.dr	String found in binary or memory: http://paulirish.com/
Source: chromecache_195.2.dr	String found in binary or memory: http://schema.org
Source: chromecache_170.2.dr	String found in binary or memory: http://scripts.sil.org/OFLInterLightWeightSlant
Source: chromecache_240.2.dr	String found in binary or memory: http://scripts.sil.org/OFLInterSemiBoldWeightSlant
Source: chromecache_194.2.dr	String found in binary or memory: http://scripts.sil.org/OFLWeightSlant
Source: chromecache_233.2.dr	String found in binary or memory: http://scripts.sil.org/OFLWeightSlantRegular
Source: chromecache_164.2.dr	String found in binary or memory: http://stats.g.doubleclick.net
Source: chromecache_209.2.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_151.2.dr	String found in binary or memory: http://www.modernizr.com
Source: securedoc_20240425T124814.html	String found in binary or memory: http://www.progressive.com
Source: chromecache_195.2.dr	String found in binary or memory: https://aa.agkn.com/adscores/g.js?sid=9212299758&page=home%2Findex
Source: chromecache_195.2.dr	String found in binary or memory: https://account.apps.progressive.com/access/ez-claim/claim-info
Source: chromecache_244.2.dr	String found in binary or memory: https://ad.doubleclick.net
Source: chromecache_244.2.dr	String found in binary or memory: https://ade.googlesyndication.com
Source: chromecache_244.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_244.2.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: securedoc_20240425T124814.html	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Source: chromecache_229.2.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_244.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_187.2.dr	String found in binary or memory: https://cdn.appdynamics.com
Source: chromecache_187.2.dr	String found in binary or memory: https://cdn.appdynamics.com/adrum-xd.dc7135e81648fca28b1e62b72cf2e576.html
Source: chromecache_217.2.dr	String found in binary or memory: https://cdn.quantummetric.com/helpers/blank
Source: securedoc_20240425T124814.html	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.12/css/select2.min.css
Source: securedoc_20240425T124814.html	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.12/js/select2.min.js
Source: chromecache_187.2.dr	String found in binary or memory: https://col.eum-appdynamics.com
Source: chromecache_163.2.dr	String found in binary or memory: https://engine.monetate.net/api/engine/v1/decide/progressive
Source: chromecache_157.2.dr	String found in binary or memory: https://f.monetate.net
Source: chromecache_170.2.dr, chromecache_240.2.dr	String found in binary or memory: https://github.com/rsms/inter)Inter
Source: chromecache_233.2.dr	String found in binary or memory: https://github.com/rsms/inter)InterBold3.019;RSMS;Inter-BoldInter
Source: chromecache_194.2.dr	String found in binary or memory: https://github.com/rsms/inter)InterRegular3.019;RSMS;Inter-RegularInter
Source: chromecache_184.2.dr	String found in binary or memory: https://github.com/scottjehl/picturefill/blob/master/Authors.txt;
Source: chromecache_201.2.dr	String found in binary or memory: https://github.com/select2/select2/blob/master/LICENSE.md
Source: chromecache_244.2.dr	String found in binary or memory: https://google.com
Source: chromecache_244.2.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt057b3ef44a0a0edf/61e19ba760723673b90
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt083962d3c1b4e561/61b8eb9b9d4a976169b
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt090e66a7c5d1292c/5d9b3430b517f10ef0a
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt0cc11688e34c1a5b/5f3d4361d5b383280ff
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt0cd309abf2de067c/5f3d436160261e2e581
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt139e387d1a1add28/5f3d42faabb6922b675
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt16722aa4e3d91bac/5f3d43306bbc0527106
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt186ddbbdd1f379b5/6166f29baeba391136e
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt1a66cee8bdbdb308/5f3d43566bbc0527106
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt1c1520d92bc0a3d6/5f3d43185f7d2953ae8
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt23c87331cb02664b/6613eb9e0c47843006a
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt2b7f8246e7bd5fc2/5f3d431829a49b740ae
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt36299059f8b05f90/5f3d43565c201f2fe7f
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt38e5daf1e8cd656a/5f3d436129a49b740ae
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt39092256fa8f115e/6613eb9e06ccee4811a
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt3c3804cbcbee100c/5f3d4318abab4a23d93
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt3dd3824f5a041117/5f3d4361abab4a23d93
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt3fe8452975a1b030/5f3d43576e9660261c5
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt46e46a805f3e77c0/5ee7d3551c3f04391d8
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt46f00dd26ebf0193/5ec4254052c5395e0f2
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt50d26d4552c27caa/5f3d433060261e2e581
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt52c18133658760bd/5f3d43183ebefc321ef
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt56bc38d4465b173e/5f3d4330cc17142ec0f
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt58ac03f2a0233666/5ee7d3541627a10d1cd
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt592d9dc8c255e287/5ec4254087617619e2b
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt72c5ebc95e884f8c/5ca763a5082f61c3462
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt77a22e1840d73265/5f3d43236bbc0527106
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt79b658229dacee25/5f3d43235c201f2fe7f
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt7b1ee534bae88447/5f3d4331327a6201d7e
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt7f9fb6627357cbc6/61b8eb9a191c5560467
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt8511b3fe10c7310a/5f3d4323d5b383280ff
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt87a228a8f5a8a035/65b417eb24ea4968efd
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt8caf026a1ebb383e/5f3d42fa1020421e0b0
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blta4c800d8078b6fdb/5f3d43301020421e0b0
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blta827d69297622b97/5f3d43496e9660261c5
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/bltabfe542666f2ef53/5f3d434aabab4a23d93
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/bltaca27936e7b9a689/5f3d42fa5c201f2fe7f
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/bltb238e31a53bda93b/5f3d42fa752d292b6ca
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/bltc3255c11171df456/5f3d4356752d292b6ca
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/bltc5bb2b1a8cf2ae8c/5ca763a9b044c5993eb
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/bltc64dc9886c06b04d/60994f1f3705f74a9ff
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/bltd46a75a13a113907/5f3d43495f7d2953ae8
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/bltdc3d2e21f09bca78/61e19ba7a1a3da10d29
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blte2d780f9bb404870/5f3d4361752d292b6ca
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/bltf20082ffac77f643/5f3d4349327a6201d7e
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/bltf61fe1e0c1e90732/5f3d430662013530f82
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/bltf8927e50832bf30c/5f3d43186bbc0527106
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/bltfa09e8eb33e45c59/5f3d4318d5b383280ff
Source: chromecache_195.2.dr	String found in binary or memory: https://images.contentstack.io/v3/assets/blt62d40591b3650da3/bltfc210750f4c3bcf5/6613eb9eca5a9747155
Source: chromecache_195.2.dr	String found in binary or memory: https://investors.progressive.com/home/default.aspx
Source: chromecache_151.2.dr, chromecache_178.2.dr	String found in binary or memory: https://jqueryvalidation.org/
Source: chromecache_157.2.dr	String found in binary or memory: https://js.foundation/
Source: chromecache_157.2.dr	String found in binary or memory: https://knowledge.monetate.com/hc/en-us/articles/
Source: chromecache_157.2.dr	String found in binary or memory: https://knowledge.monetate.com/hc/en-us/articles/115000811326-Activate-an-Experience-for-Preview-and
Source: chromecache_157.2.dr	String found in binary or memory: https://marketer.monetate.net
Source: chromecache_244.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_244.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_195.2.dr	String found in binary or memory: https://progressive.com/js/cdn/qm/quantum-progressive.js
Source: chromecache_195.2.dr	String found in binary or memory: https://progressive.mediaroom.com
Source: chromecache_195.2.dr	String found in binary or memory: https://progressive.taleo.net/careersection/2/jobsearch.ftl?lang=en
Source: chromecache_195.2.dr	String found in binary or memory: https://progressive.taleo.net/careersection/iam/accessmanagement/login.jsf?lang=en&redirectionURI=ht
Source: securedoc_20240425T124814.html	String found in binary or memory: https://res.cisco.com/envelopeopener/pf/ZGJAVG9rZW4yMTQ2NjozNDY1Mw
Source: securedoc_20240425T124814.html	String found in binary or memory: https://res.cisco.com/websafe/custom.action?cmd=authFrame
Source: chromecache_232.2.dr	String found in binary or memory: https://res.cisco.com/websafe/custom.action?cmd=changeExpiredPassword&id=scoco
Source: securedoc_20240425T124814.html	String found in binary or memory: https://res.cisco.com/websafe/images/loginbg.gif
Source: securedoc_20240425T124814.html	String found in binary or memory: https://res.cisco.com/websafe/images/pullFeature/arrowDown.svg
Source: securedoc_20240425T124814.html	String found in binary or memory: https://res.cisco.com/websafe/logo/Ot5UZmNzkzRrJO8KH9iTBhnVFlhWxpY2cInrqGRVuF3mESsqxdxig03kHwLL84OSc
Source: chromecache_232.2.dr	String found in binary or memory: https://res.cisco.com/websafe/register?uuid=d2c43edd0000018f1688178c0a089e8a74a6046c
Source: securedoc_20240425T124814.html	String found in binary or memory: https://res.cisco.com:443
Source: securedoc_20240425T124814.html	String found in binary or memory: https://res.cisco.com:443/envelopeopener/decrypt_envelope.jsp
Source: securedoc_20240425T124814.html	String found in binary or memory: https://res.cisco.com:443/keyserver/Logout
Source: securedoc_20240425T124814.html	String found in binary or memory: https://res.cisco.com:443/keyserver/keyserver
Source: securedoc_20240425T124814.html	String found in binary or memory: https://res.cisco.com:443/websafe/help?topic=AddrNotShown
Source: securedoc_20240425T124814.html	String found in binary or memory: https://res.cisco.com:443/websafe/help?topic=PPNotShown
Source: securedoc_20240425T124814.html	String found in binary or memory: https://res.cisco.com:443/websafe/help?topic=RegEnvelope
Source: securedoc_20240425T124814.html	String found in binary or memory: https://res.cisco.com:443/websafe/pswdForgot.action
Source: chromecache_195.2.dr	String found in binary or memory: https://rtds.progressive.com/splunkservices/v1/collectors/logs
Source: chromecache_195.2.dr	String found in binary or memory: https://s.go-mpulse.net/boomerang/
Source: chromecache_195.2.dr	String found in binary or memory: https://s2.go-mpulse.net/boomerang/
Source: chromecache_157.2.dr	String found in binary or memory: https://sb.monetate.net
Source: chromecache_195.2.dr	String found in binary or memory: https://schema.org
Source: chromecache_184.2.dr	String found in binary or memory: https://scottjehl.github.io/picturefill/
Source: chromecache_195.2.dr	String found in binary or memory: https://search.progressive.com
Source: chromecache_157.2.dr	String found in binary or memory: https://sizzlejs.com/
Source: securedoc_20240425T124814.html	String found in binary or memory: https://static.cres-aws.com/CRES_login_bg.jpg
Source: securedoc_20240425T124814.html	String found in binary or memory: https://static.cres-aws.com/postx.css
Source: chromecache_164.2.dr	String found in binary or memory: https://stats.g.doubleclick.net
Source: chromecache_164.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/__utm.gif
Source: chromecache_229.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_164.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect?
Source: chromecache_229.2.dr	String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_244.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_244.2.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_229.2.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_229.2.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_229.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_164.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences?
Source: chromecache_244.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_229.2.dr	String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_164.2.dr	String found in binary or memory: https://www.google.com/analytics/web/inpage/pub/inpage.js?
Source: chromecache_244.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_244.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_244.2.dr	String found in binary or memory: https://www.googletagmanager.com/dclk/ns/v1.js
Source: chromecache_229.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_195.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: chromecache_195.2.dr	String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-LFD5&domain=.progressive.com
Source: chromecache_195.2.dr	String found in binary or memory: https://www.instagram.com/progressive/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/Content/images/DomainProgressive/wh3/base/icons/more-choices-blue.svg
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/about/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/about/art/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/about/corporate-responsibility/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/about/who-we-are/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/answers/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/answers/what-to-do-after-car-accident/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/atv-utv-insurance/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/auto/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/auto/discounts/compare-car-insurance-rates/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/auto/discounts/name-your-price/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/auto/discounts/snapshot/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/boat/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/car-shopping-service/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/careers/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/claims/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/claims/auto-process/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/claims/catastrophe/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/claims/faq/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/claims/roadside-assistance/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/classic-car-insurance/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/commercials-campaigns/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/condo-insurance/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/contact-us/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/content/images/domainprogressive/wh3/base/icons/logo-progressive.svg
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/content/js/megroups.js
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/copyright/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/electronic-device-insurance/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/event-insurance/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/finance/car-loan-refinancing/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/finance/home-loans/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/finance/mortgage-refinancing/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/finance/personal-loans/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/flood-insurance/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/golf-cart/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/help/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/home-retrieve/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/home-security/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/home-warranty/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/homeowners/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/homeowners/homeowners-companies/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/identity-theft-protection/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/insurance/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/insurance/bundling/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/insurance/health/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/insurance/health/dental/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/insurance/health/vision/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/jewelry-insurance/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/js/CDN/jquery/jquery-3.7.0.min.js
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/js/cdn/jquery/jquery.validate-1.19.5.min.js
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/js/cdn/misc/picturefill-3.0.2.min.js
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/js/front-end.bundle
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/life-insurance/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/life-insurance/term-insurance/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/lifelanes/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/lifelanes/on-the-road/how-to-jump-a-car-battery/?_ga=2.211726421.1338193
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/mechanical-breakdown-insurance/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/mexico-auto-insurance/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/mobile-app/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/mobile-home/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/motorcycle/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/partners/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/perkshare/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/pet-insurance/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/privacy/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/privacy/do-not-sell-my-information/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/privacy/privacy-data-request/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/pwc/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/renters/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/resources/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/resources/insights/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/resources/insurance-calculators-and-tools/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/rp/agent
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/rp/agent/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/rp/ezpay
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/rp/login
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/rp/login?cntgrp=A
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/rp/login?fd=AuthKeyClaimService&cntgrp=A
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/rv-trailer/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/segway/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/shop/car-insurance-rates-differ/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/sitemap/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/snapshot/tdx
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/snowmobile/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/support/report-a-claim/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/travel-insurance/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/umbrella-insurance/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressive.com/web-site-accessibility/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressiveagent.com
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressivecommercial.com
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressivecommercial.com/business-insurance/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressivecommercial.com/business-insurance/business-owners-policy/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressivecommercial.com/business-insurance/general-liability-insurance/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressivecommercial.com/business-insurance/professional-liability-insurance/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressivecommercial.com/business-insurance/workers-compensation-insurance/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.progressivecommercial.com/commercial-auto-insurance/
Source: chromecache_217.2.dr	String found in binary or memory: https://www.quantummetric.com/legal/eula
Source: chromecache_217.2.dr	String found in binary or memory: https://www.quantummetric.com/legal/patents/.
Source: chromecache_195.2.dr	String found in binary or memory: https://www.tiktok.com/
Source: chromecache_195.2.dr	String found in binary or memory: https://www.twitter.com/progressive
Source: chromecache_195.2.dr	String found in binary or memory: https://www.youtube.com/user/progressive

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50131 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 50085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 50039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50107 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 50120 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 50015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50130 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50096 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 50119 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50142 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 50061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 50095 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50084 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 50038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 50143 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50050 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50110 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 50083 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown	Network traffic detected: HTTP traffic on port 50121 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49993
Source: unknown	Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50109 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50072 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50132 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50139 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50094 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50071 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50106
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50105
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50108
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50107
Source: unknown	Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50109
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50100
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50102
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50101
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50104
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50103
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50117
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50119
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50118
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50111
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50110
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50113
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50112
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50114
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50127 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50007
Source: unknown	Network traffic detected: HTTP traffic on port 50037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50128
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50127
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50009
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50008
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50129
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50120
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50122
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50121
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50003
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50124
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50123
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50126
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50004
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50125
Source: unknown	Network traffic detected: HTTP traffic on port 50048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50082 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50105 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50106 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50129 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50117 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50141 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50047 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50054
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50053
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50055
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50058
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50057
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50061
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50063
Source: unknown	Network traffic detected: HTTP traffic on port 50102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50125 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50065
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50064
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50067
Source: unknown	Network traffic detected: HTTP traffic on port 50091 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50113 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50066
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50071
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50074
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50073
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50075
Source: unknown	Network traffic detected: HTTP traffic on port 50057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50077
Source: unknown	Network traffic detected: HTTP traffic on port 50114 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50079
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50081
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50080
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50083
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50082
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50085
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50084
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50087
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50086
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50089
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50088
Source: unknown	Network traffic detected: HTTP traffic on port 50079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50090
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50091
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50094
Source: unknown	Network traffic detected: HTTP traffic on port 50136 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50096
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50095
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50139
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50138
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50131
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50130
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50133
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown	Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50132
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 50090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50135
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50134
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50137
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50015
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50136
Source: unknown	Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50140
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50142
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50141
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50143
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50030
Source: unknown	Network traffic detected: HTTP traffic on port 50138 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50103 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50039
Source: unknown	Network traffic detected: HTTP traffic on port 50011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50031
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50038
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50037
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50041
Source: unknown	Network traffic detected: HTTP traffic on port 50137 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50066 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50104 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50089 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50043
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50042
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50045
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50044
Source: unknown	Network traffic detected: HTTP traffic on port 50115 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50047
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50046
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50048
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50050
Source: unknown	Network traffic detected: HTTP traffic on port 49962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50051
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50044 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50126 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50134 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50088 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50076 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50133 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50100 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50111 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50065 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49941
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49940
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50098
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50097
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50099
Source: unknown	Network traffic detected: HTTP traffic on port 50112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50075 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50052 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50135 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 50087 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown	Network traffic detected: HTTP traffic on port 50064 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50123 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50098 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50029 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 50086 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50124 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50019 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 49937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49777 version: TLS 1.2

Source: classification engine

Classification label: sus22.phis.winHTML@30/172@98/33

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Desktop\securedoc_20240425T124814.html"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2556 --field-trial-handle=2376,i,16924140576359534068,14692567970058789830,262144 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2556 --field-trial-handle=2376,i,16924140576359534068,14692567970058789830,262144 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: securedoc_20240425T124814.html

Static file information: File size 1903699 > 1048576

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Extra Window Memory Injection	1 Extra Window Memory Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
securedoc_20240425T124814.html	0%	Virustotal		Browse

Source	Detection	Scanner	Link
f.monetate-prod.zone	0%	Virustotal	Browse
col.eum-appdynamics.com	0%	Virustotal	Browse
static.cres-aws.com	0%	Virustotal	Browse
images.contentstack.io	0%	Virustotal	Browse
c.go-mpulse.net	0%	Virustotal	Browse
s.go-mpulse.net	0%	Virustotal	Browse

URLs

Source	Detection	Scanner	Label	Link
https://s2.go-mpulse.net/boomerang/	0%	URL Reputation	safe
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt0cc11688e34c1a5b/5f3d4361d5b383280ff	0%	Avira URL Cloud	safe
about:blank	0%	Avira URL Cloud	safe
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt2b7f8246e7bd5fc2/5f3d431829a49b740ae	0%	Avira URL Cloud	safe
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt1c1520d92bc0a3d6/5f3d43185f7d2953ae8	0%	Avira URL Cloud	safe
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt3dd3824f5a041117/5f3d4361abab4a23d93	0%	Avira URL Cloud	safe
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt8caf026a1ebb383e/5f3d42fa1020421e0b0	0%	Avira URL Cloud	safe
https://col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-AAC-GWR&msg=M6%20%7C%20setMaxBeaconLength	0%	Avira URL Cloud	safe
http://farukat.es/	0%	Avira URL Cloud	safe
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/bltc3255c11171df456/5f3d4356752d292b6ca	0%	Avira URL Cloud	safe
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt46e46a805f3e77c0/5ee7d3551c3f04391d8	0%	Avira URL Cloud	safe
http://farukat.es/	2%	Virustotal		Browse
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/bltaca27936e7b9a689/5f3d42fa5c201f2fe7f	0%	Avira URL Cloud	safe
https://col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-AAC-GWR&msg=M6%20%7C%20setMaxBeaconLength	0%	Virustotal		Browse
https://static.cres-aws.com/fonts/Inter/Inter-Light.ttf	0%	Avira URL Cloud	safe
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt36299059f8b05f90/5f3d43565c201f2fe7f	0%	Avira URL Cloud	safe
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt56bc38d4465b173e/5f3d4330cc17142ec0f	0%	Avira URL Cloud	safe
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt592d9dc8c255e287/5ec4254087617619e2b	0%	Avira URL Cloud	safe
https://static.cres-aws.com/fonts/Inter/Inter-SemiBold.ttf	0%	Avira URL Cloud	safe
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blta4c800d8078b6fdb/5f3d43301020421e0b0	0%	Avira URL Cloud	safe
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt23c87331cb02664b/6613eb9e0c47843006a	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
res.cisco.com	184.94.241.74	true	false		high
dart.l.doubleclick.net	172.253.124.149	true	false		high
bid.g.doubleclick.net	172.253.124.157	true	false		high
f.monetate-prod.zone	54.161.222.185	true	false	0%, Virustotal, Browse	unknown
col.eum-appdynamics.com	34.223.159.30	true	false	0%, Virustotal, Browse	unknown
d20qwf0wrdtevy.cloudfront.net	3.161.188.119	true	false		high
d2ctznuk6ro1vp.cloudfront.net	3.163.101.41	true	false		high
adservice.google.com	64.233.176.155	true	false		high
ActivationEdge-fabrick-1457061833.us-east-1.elb.amazonaws.com	34.192.53.208	true	false		high
d2qj7djftjbj85.cloudfront.net	3.163.115.70	true	false		high
stats.g.doubleclick.net	172.217.215.156	true	false		high
progressive.com	170.218.40.32	true	false		high
rl.quantummetric.com	34.66.3.160	true	false		high
cdn.appdynamics.com	13.32.208.17	true	false		high
ingest.quantummetric.com	34.72.187.34	true	false		high
googleads.g.doubleclick.net	64.233.176.154	true	false		high
cdnjs.cloudflare.com	104.17.24.14	true	false		high
www.google.com	108.177.122.99	true	false		high
rtds.progressive.com	170.218.247.28	true	false		high
api.progressive.com	170.218.213.137	true	false		high
d3faemdt1krtip.cloudfront.net	3.161.136.87	true	false		high
s.go-mpulse.net	unknown	unknown	false	0%, Virustotal, Browse	unknown
e.monetate.net	unknown	unknown	false		high
d.agkn.com	unknown	unknown	false		high
engine.monetate.net	unknown	unknown	false		high
f.monetate.net	unknown	unknown	false		high
se.monetate.net	unknown	unknown	false		high
pt.ispot.tv	unknown	unknown	false		high
static.cres-aws.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
aa.agkn.com	unknown	unknown	false		high
sb.monetate.net	unknown	unknown	false		high
qm2.progressive.com	unknown	unknown	false		high
images.contentstack.io	unknown	unknown	false	0%, Virustotal, Browse	unknown
www.progressive.com	unknown	unknown	false		high
1384245.fls.doubleclick.net	unknown	unknown	false		high
fid.agkn.com	unknown	unknown	false		high
rl.progressive.com	unknown	unknown	false		high
gateway.answerscloud.com	unknown	unknown	false		high
c.go-mpulse.net	unknown	unknown	false	0%, Virustotal, Browse	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070132237&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&S=7581&N=44&P=20&z=1	false		high
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070072101&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&S=6843&N=26&P=8&z=1	false		high
https://f.monetate.net/trk/4/s/a-513ece62/p/progressive.com/571127234-1?mr=t1579717194&mi=%275.1637886292.1714070014426%27&mt=!n&cs=!t&e=!(viewPage,gt)&pt=unknown&cv=(NeustarSegment:N107N)&r=%27%27&sw=1280&sh=1024&sc=24&j=!f&tg=!(!(50925,%2701350ee8f84f43e6ab5e841826ff87af%27))&u=%27https://www.progressive.com/%23main%27&fl=!f&hvc=!t&ce=(NeustarSegment:N107N)&eoq=!t	false		high
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070036908&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=1&Y=1&X=0b5793b718a04da84dbd12f3311380ac&z=1	false		high
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F&t=1714070020471&v=1714070032938&H=06a22a6688ef8d2452788234&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=1141&N=2&z=1	false		high
about:blank	false	Avira URL Cloud: safe	low
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070107768&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=1119&N=14&z=1	false		high
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23main&t=1714070032129&v=1714070038455&H=12a22a669b4c60bb12f5ca9f&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=907&N=1&z=1	false		high
https://res.cisco.com/envelopeopener/pf/ZGJAVG9rZW4yMTQ2NjozNDY1Mw!!/0N6hUsKKauBjMzwVWRL3lACaQ04JhqeB2y5vxmSrA.Tp60gJp9EubxQvpoMtpqQ2vpRTZKsf7-8ccLen9fmwXtpcB7COr5GUIg!!/?button=google&lp=en&try=1	false		high
https://res.cisco.com/envelopeopener/pf/ZGJAVG9rZW4yMTQ2NjozNDY1Mw!!/0N6hUsKKauBjMzwVWRL3lACaQ04JhqeB2y5vxmSrA.Tp60gJp9EubxQvpoMtpqQ2vpRTZKsf7-8ccLen9fmwXtpcB7COr5GUIg!!/?lp=en	false		high
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070057716&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=872&N=4&z=1	false		high
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070062699&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=897&N=5&z=1	false		high
https://col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-AAC-GWR&msg=M6%20%7C%20setMaxBeaconLength	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070132851&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=1243&N=19&z=1	false		high
https://res.cisco.com/envelopeopener/pf/ZGJAVG9rZW4yMTQ2NjozNDY1Mw!!/0N6hUsKKauBjMzwVWRL3lACaQ04JhqeB2y5vxmSrA.Tp60gJp9EubxQvpoMtpqQ2vpRTZKsf7-8ccLen9fmwXtpcB7COr5GUIg!!/?button=google&lp=en	false		high
https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=9&utmn=1631985514&utmhn=www.progressive.com&utmt=event&utme=5(progCompageloadLoadTime_5-10secs)(6634)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20CodeAd%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GAtrue)11(5!241!22)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070021000&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~	false		high
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070047684&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=822&N=2&z=1	false		high
https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=15&utmn=1719981507&utmhn=www.progressive.com&utme=8(5!Site%20Server%20Session%20ID39!EncryptionType41!EPM%20State%20Code)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GA)11(5!2*41!2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1962391686&utmr=-&utmp=%2F&utmht=1714070031631&utmac=UA-2108837-10&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=q3AgAABAAAGBAAAAAgAAgAAE~	false		high
https://static.cres-aws.com/fonts/Inter/Inter-Light.ttf	false	Avira URL Cloud: safe	unknown
https://f.monetate.net/trk/4/i/a-513ece62/p/progressive.com/52627582-4?mr=t1579717194&mi=%275.1637886292.1714070014426%27&u=%27https://www.progressive.com/%23TabOne%27&e=!(xi)&ii=!(%274,2,101349,,,,1714070036.351542,0,1714070035%27)&eoq=!t	false		high
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070142255&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&S=7704&N=47&P=22&z=1	false		high
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F&t=1714070020471&v=1714070027006&H=06a22a6688ef8d2452788234&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=719&N=1&z=1	false		high
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070092128&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&S=7089&N=32&P=12&z=1	false		high
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070102824&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=1094&N=13&z=1	false		high
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070137848&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=1268&N=20&z=1	false		high
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070042055&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&S=3342&N=16&P=2&z=1	false		high
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070087728&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=1022&N=10&z=1	false		high
https://static.cres-aws.com/fonts/Inter/Inter-SemiBold.ttf	false	Avira URL Cloud: safe	unknown
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070037544&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&U=79499c7f732cbc20757850ca5609456c&Q=2&S=0&N=0&z=1	false		high
https://rl.progressive.com/progressive/hash-check	false		high
https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=22&utmn=1270331961&utmhn=www.progressive.com&utmt=event&utme=5(progComTruAudienceClient)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20CodeAd%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GAtrue)11(5!241!22)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1962391686&utmr=-&utmp=%2F&utmht=1714070032021&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~	false		high
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23main&t=1714070032129&v=1714070032741&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=1&Y=1&X=95829216c2c148a20edac8b3f4f05184&z=1	false		high
https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=14&utmn=1674075635&utmhn=www.progressive.com&utmt=event&utme=5(progComSysEventPerf-CLS)(0)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20CodeAd%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GAtrue)11(5!241!22)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070030127&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~	false		high
https://f.monetate.net/trk/4/i/a-513ece62/p/progressive.com/571127234-4?mr=t1579717194&mi=%275.1637886292.1714070014426%27&u=%27https://www.progressive.com/%23main%27&e=!(xi)&ii=!(%274,2,101349,,,,1714070032.40802,0,1714070032%27)&eoq=!t	false		high
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1945464958&utmhn=www.progressive.com&utme=8(5!Site%20Server%20Session%20ID39!EncryptionType41!EPM%20State%20Code)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GA)11(5!2*41!2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070019679&utmac=UA-2108837-10&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=546654230&utmredir=3&utmu=q3AgAABAAAGBAAAAAgAAgAAE~	false		high
https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=7&utmn=280369877&utmhn=www.progressive.com&utmt=event&utme=5(progComTruSegmentClientN107N)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20CodeAd%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GAtrue)11(5!241!22)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070019762&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~	false		high
https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=18&utmn=723330037&utmhn=www.progressive.com&utmt=event&utme=5(progComNsClientN107N)(0)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20Code)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GA)11(5!2*41!2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1962391686&utmr=-&utmp=%2F&utmht=1714070031750&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~	false		high
https://f.monetate.net/trk/4/s/a-513ece62/p/progressive.com/1263604929-0?mr=t1579717194&mi=%275.1637886292.1714070014426%27&mt=!n&cs=!t&e=!(viewPage,gt)&pt=unknown&cv=(NeustarSegment:N107N)&r=%27%27&sw=1280&sh=1024&sc=24&j=!f&tg=!(!(50925,%2701350ee8f84f43e6ab5e841826ff87af%27))&u=%27https://www.progressive.com/%27&fl=!f&hvc=!t&ce=(NeustarSegment:N107N)&eoq=!t	false		high
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23main&t=1714070032129&v=1714070070834&H=12a22a669b4c60bb12f5ca9f&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=940&N=2&z=1	false		high
https://res.cisco.com/websafe/images/pullFeature/arrowDown.svg	false		high
https://f.monetate.net/trk/4/i/a-513ece62/p/progressive.com/1263604929-4?mr=t1579717194&mi=%275.1637886292.1714070014426%27&u=%27https://www.progressive.com/%27&e=!(xi)&ii=!(%274,2,124999,,,,1714070020.326174,1,1714070019%27)&eoq=!t	false		high
https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=17&utmn=888450926&utmhn=www.progressive.com&utmt=event&utme=5(progComNsCookieN107N)8(5!Site%20Server%20Session%20ID39!encryptionType41!EPM%20State%20Code)9(5!01350ee8f84f43e6ab5e841826ff87af39!TLSv1.241!GA)11(5!2*41!2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1962391686&utmr=-&utmp=%2F&utmht=1714070031732&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://www.progressive.com/privacy/privacy-data-request/	chromecache_195.2.dr	false		high
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt2b7f8246e7bd5fc2/5f3d431829a49b740ae	chromecache_195.2.dr	false	Avira URL Cloud: safe	unknown
https://s2.go-mpulse.net/boomerang/	chromecache_195.2.dr	false	URL Reputation: safe	unknown
https://www.progressivecommercial.com/business-insurance/	chromecache_195.2.dr	false		high
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt1c1520d92bc0a3d6/5f3d43185f7d2953ae8	chromecache_195.2.dr	false	Avira URL Cloud: safe	unknown
https://progressive.taleo.net/careersection/2/jobsearch.ftl?lang=en	chromecache_195.2.dr	false		high
https://www.progressive.com/rp/login	chromecache_195.2.dr	false		high
https://www.progressive.com/rv-trailer/	chromecache_195.2.dr	false		high
https://sb.monetate.net	chromecache_157.2.dr	false		high
https://www.progressive.com/home-retrieve/	chromecache_195.2.dr	false		high
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt0cc11688e34c1a5b/5f3d4361d5b383280ff	chromecache_195.2.dr	false	Avira URL Cloud: safe	unknown
https://ampcid.google.com/v1/publisher:getClientId	chromecache_229.2.dr	false		high
https://www.progressive.com/commercials-campaigns/	chromecache_195.2.dr	false		high
https://github.com/select2/select2/blob/master/LICENSE.md	chromecache_201.2.dr	false		high
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt3dd3824f5a041117/5f3d4361abab4a23d93	chromecache_195.2.dr	false	Avira URL Cloud: safe	unknown
https://www.progressive.com/auto/	chromecache_195.2.dr	false		high
https://res.cisco.com/websafe/register?uuid=d2c43edd0000018f1688178c0a089e8a74a6046c	chromecache_232.2.dr	false		high
https://github.com/rsms/inter)InterRegular3.019;RSMS;Inter-RegularInter	chromecache_194.2.dr	false		high
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt8caf026a1ebb383e/5f3d42fa1020421e0b0	chromecache_195.2.dr	false	Avira URL Cloud: safe	unknown
https://github.com/scottjehl/picturefill/blob/master/Authors.txt;	chromecache_184.2.dr	false		high
https://progressive.mediaroom.com	chromecache_195.2.dr	false		high
http://farukat.es/	chromecache_151.2.dr	false	2%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://res.cisco.com:443	securedoc_20240425T124814.html	false		high
https://res.cisco.com:443/keyserver/keyserver	securedoc_20240425T124814.html	false		high
https://stats.g.doubleclick.net/j/collect	chromecache_229.2.dr	false		high
https://www.progressive.com/condo-insurance/	chromecache_195.2.dr	false		high
https://www.progressive.com/js/front-end.bundle	chromecache_195.2.dr	false		high
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/bltc3255c11171df456/5f3d4356752d292b6ca	chromecache_195.2.dr	false	Avira URL Cloud: safe	unknown
https://res.cisco.com:443/keyserver/Logout	securedoc_20240425T124814.html	false		high
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt46e46a805f3e77c0/5ee7d3551c3f04391d8	chromecache_195.2.dr	false	Avira URL Cloud: safe	unknown
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/bltaca27936e7b9a689/5f3d42fa5c201f2fe7f	chromecache_195.2.dr	false	Avira URL Cloud: safe	unknown
https://www.progressive.com/privacy/do-not-sell-my-information/	chromecache_195.2.dr	false		high
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt36299059f8b05f90/5f3d43565c201f2fe7f	chromecache_195.2.dr	false	Avira URL Cloud: safe	unknown
https://www.progressive.com/pwc/	chromecache_195.2.dr	false		high
https://www.progressive.com/segway/	chromecache_195.2.dr	false		high
https://www.progressive.com/web-site-accessibility/	chromecache_195.2.dr	false		high
https://schema.org	chromecache_195.2.dr	false		high
https://www.progressivecommercial.com/business-insurance/business-owners-policy/	chromecache_195.2.dr	false		high
https://www.progressive.com/help/	chromecache_195.2.dr	false		high
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt56bc38d4465b173e/5f3d4330cc17142ec0f	chromecache_195.2.dr	false	Avira URL Cloud: safe	unknown
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt592d9dc8c255e287/5ec4254087617619e2b	chromecache_195.2.dr	false	Avira URL Cloud: safe	unknown
https://stats.g.doubleclick.net/j/collect?	chromecache_164.2.dr	false		high
https://www.youtube.com/user/progressive	chromecache_195.2.dr	false		high
https://www.progressive.com/js/cdn/misc/picturefill-3.0.2.min.js	chromecache_195.2.dr	false		high
http://stats.g.doubleclick.net	chromecache_164.2.dr	false		high
http://b.monetate.net	chromecache_157.2.dr	false		high
https://www.progressive.com/event-insurance/	chromecache_195.2.dr	false		high
https://www.progressive.com/rp/agent/	chromecache_195.2.dr	false		high
https://sizzlejs.com/	chromecache_157.2.dr	false		high
https://www.progressive.com/home-warranty/	chromecache_195.2.dr	false		high
https://www.progressive.com/insurance/bundling/	chromecache_195.2.dr	false		high
https://www.progressive.com/electronic-device-insurance/	chromecache_195.2.dr	false		high
https://www.progressive.com/life-insurance/term-insurance/	chromecache_195.2.dr	false		high
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blta4c800d8078b6fdb/5f3d43301020421e0b0	chromecache_195.2.dr	false	Avira URL Cloud: safe	unknown
https://www.progressive.com/claims/	chromecache_195.2.dr	false		high
https://www.progressive.com/mechanical-breakdown-insurance/	chromecache_195.2.dr	false		high
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt23c87331cb02664b/6613eb9e0c47843006a	chromecache_195.2.dr	false	Avira URL Cloud: safe	unknown
https://www.progressive.com/snapshot/tdx	chromecache_195.2.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
170.218.40.32	progressive.com	United States	11740	PROGRESSIVE-ASUS	false
3.161.136.87	d3faemdt1krtip.cloudfront.net	United States	16509	AMAZON-02US	false
34.223.159.30	col.eum-appdynamics.com	United States	16509	AMAZON-02US	false
3.86.126.62	unknown	United States	14618	AMAZON-AESUS	false
54.161.222.185	f.monetate-prod.zone	United States	14618	AMAZON-AESUS	false
172.253.124.149	dart.l.doubleclick.net	United States	15169	GOOGLEUS	false
34.70.212.173	unknown	United States	15169	GOOGLEUS	false
34.66.3.160	rl.quantummetric.com	United States	139070	GOOGLE-AS-APGoogleAsiaPacificPteLtdSG	false
34.136.205.139	unknown	United States	2686	ATGS-MMD-ASUS	false
34.72.187.34	ingest.quantummetric.com	United States	15169	GOOGLEUS	false
170.218.247.28	rtds.progressive.com	United States	11740	PROGRESSIVE-ASUS	false
64.233.177.99	unknown	United States	15169	GOOGLEUS	false
3.163.115.70	d2qj7djftjbj85.cloudfront.net	United States	16509	AMAZON-02US	false
13.32.208.17	cdn.appdynamics.com	United States	16509	AMAZON-02US	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
34.192.53.208	ActivationEdge-fabrick-1457061833.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
3.161.188.119	d20qwf0wrdtevy.cloudfront.net	United States	16509	AMAZON-02US	false
64.233.185.104	unknown	United States	15169	GOOGLEUS	false
108.177.122.99	www.google.com	United States	15169	GOOGLEUS	false
170.218.213.137	api.progressive.com	United States	11740	PROGRESSIVE-ASUS	false
44.209.59.9	unknown	United States	14618	AMAZON-AESUS	false
35.80.208.41	unknown	United States	237	MERIT-AS-14US	false
64.233.176.154	googleads.g.doubleclick.net	United States	15169	GOOGLEUS	false
64.233.176.155	adservice.google.com	United States	15169	GOOGLEUS	false
3.163.101.41	d2ctznuk6ro1vp.cloudfront.net	United States	16509	AMAZON-02US	false
184.94.241.74	res.cisco.com	United States	16417	IRONPORT-SYSTEMS-INCUS	false
108.138.85.84	unknown	United States	16509	AMAZON-02US	false
104.17.24.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
35.193.17.96	unknown	United States	15169	GOOGLEUS	false
172.217.215.156	stats.g.doubleclick.net	United States	15169	GOOGLEUS	false
172.253.124.157	bid.g.doubleclick.net	United States	15169	GOOGLEUS	false
64.233.177.147	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.4

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1431816
Start date and time:	2024-04-25 20:31:37 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 6m 18s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowshtmlcookbook.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	8
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Sample name:	securedoc_20240425T124814.html
Detection:	SUS
Classification:	sus22.phis.winHTML@30/172@98/33
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Found application associated with file extension: .html Browse: http://www.progressive.com/ Browse: https://www.progressive.com/#main Browse: https://www.progressive.com/#TabOne

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 64.233.185.94, 64.233.177.100, 64.233.177.101, 64.233.177.113, 64.233.177.102, 64.233.177.139, 64.233.177.138, 74.125.136.84, 172.253.124.95, 34.104.35.123, 23.40.205.80, 192.229.211.108, 108.177.122.95, 142.251.15.95, 74.125.136.95, 142.250.105.95, 64.233.176.95, 64.233.177.95, 74.125.138.95, 172.217.215.95, 142.250.9.95, 64.233.185.95, 173.194.219.95, 184.30.112.154, 151.101.194.137, 151.101.66.137, 151.101.130.137, 151.101.2.137, 142.250.9.102, 142.250.9.113, 142.250.9.101, 142.250.9.100, 142.250.9.139, 142.250.9.138, 172.253.124.97, 104.67.197.171, 23.216.68.134, 23.207.52.129, 151.101.130.132, 151.101.2.132, 151.101.194.132, 151.101.66.132, 23.4.37.242, 142.250.9.154, 142.250.9.156, 142.250.9.157, 142.250.9.155, 23.209.188.13, 23.209.188.17, 64.233.176.102, 64.233.176.101, 64.233.176.139, 64.233.176.113, 64.233.176.138, 64.233.176.100, 74.125.138.94, 172.253.124.138, 172.253.124.100, 172.253.124.101, 172.253.124.102, 172.253.124.139, 172.253.124.113
Excluded domains from analysis (whitelisted): www.googleadservices.com, j.sni.global.fastly.net, slscr.update.microsoft.com, e.monetate.net.edgesuite.net, clientservices.googleapis.com, clients2.google.com, ocsp.digicert.com, www.googletagmanager.com, update.googleapis.com, engine.monetate.net.edgekey.net, optimizationguide-pa.googleapis.com, www.google-analytics.com, http2.monetate.edgekey.net, e4518.dscx.akamaiedge.net, ip46.go-mpulse.net.edgekey.net, clients1.google.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, ajax.googleapis.com, a1859.g1.akamai.net, ctldl.windowsupdate.com, k.sni.global.fastly.net, e12915.dscx.akamaiedge.net, fe3cr.delivery.mp.microsoft.com, e4361.b.akamaiedge.net, e4518.dscapi7.akamaiedge.net, edgedl.me.gvt1.com, wildcard46.go-mpulse.net.edgekey.net, www.progressive.com.edgekey.net, clients.l.google.com
HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtSetInformationFile calls found.

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link
3.163.115.70	securedoc_20240207T142952.html	Get hash	malicious	Unknown	Browse
13.32.208.17	_file____C__Users_hp_Downloads_C__Users_moodyt_AppData_Local_Temp_2_RemittanceAdvice17-Apr-2024.html	Get hash	malicious	Unknown	Browse
	https://my-business-108994-102321.square.site/	Get hash	malicious	Unknown	Browse
	securedoc_20240328T081124.html	Get hash	malicious	Unknown	Browse
	http://meetsoci.com	Get hash	malicious	Unknown	Browse
	https://2n8w.app.link/?~channel=Email&~feature=ConfirmationEmail--BenerailETicket&~campaign=WebToApp&~tags=locale=nl_NL&~tags=version=1&~tags=marketing_code=BSH3675&$android_url=https://play.google.com/store/apps/details?id=com.thetrainline&hl=nl-NL&$android_deepview=false&$android_passive_deepview=false&$ios_url=https://itunes.apple.com/NL/app/thetrainline/id334235181&$ios_deepview=false&$ios_passive_deepview=false&$fallback_url=trackapp%E3%80%82sldproducts%E3%80%82effexhost%E3%80%82com/css/2BYOsHP6NGBF6P3ewtcJO2an7icRJGYYjza2CpXA-2FwaAKBpmAtKZi9jIwt6P9rh34GoOuzdEzhjr-2F2xqM9RVx18j7F0zdQvP4E-2FA3RbFylZ6HaiOh-2/ZGhpbGxpbmdAaWthc2ludGVybmF0aW9uYWwuY29t#A7UYyAgFfbgiVFKE3MfthpoJP6vU22c3HXX7-2Fr3IIElVxCduQu0IMwxzHhPoeVW5fw-3D	Get hash	malicious	Unknown	Browse
	https://trk.klclick3.com/ls/click?upn=XOx40COP1gR9G-2BhL9TU0YS4rY9MUCbQPxZj2nNrsywLerev7PdXJS9ZN98dvHm7b6RND4w1aVEDDNCV8ySSNf2xG3q1kctGkfpFw2r-2FZft8-3Dj-Oc_uTlHvvHR0uRKsAxasK0lceWc9bR3DeaWfZW82IldmMsA7pMQKnszblqjE3T3gQMZAOUImqU9gbk3-2F2O-2Bw-2BN8BivNz5P9ihwPM2zmCRPj1IhOfWaEXXa6xiyxVvO-2F0SRn11vQtJXX3V0Nig-2Bvp1ust5CJP-2FQDCTuVVG61hvpB4K2r5VYL3YeFyusOI8Gpr0E9oX-2F1OvolduX4foBd2OqT2EbDBjOes0-2Fazm1l-2BCEEY87sEOV8BCf73IP4IPos1yIEDk1gGbTAHMfWzo8cqQd3ee-2FdQWoKkKSMdXnzLfTq0lh0CjEVY6U3sGgFqmMhDu8j	Get hash	malicious	Unknown	Browse
	https://trk.klclick3.com/ls/click?upn=MegU1Dzk3CxSKrmUcw0jmipNMr8I7vP9S7WOwFTHr8JNFwy3PVsxmdvzCifJwDWw4UbyMThWxbz8b6JeU5zpQ-2FJloW5v8qn824e-2BX6pGPNiifPdCW4KNnLrRqhZKq0hhZ0Hc5QkFyq40NbBiiiKO5Nz2UQ05ppeIkjxm5ed5k4iVIe3kl-2F2FhaczUHJBJjUorhgsYTc2Zk1tk9mybXpZg1uBfUNk84yu2L07lvkFt1r3AGhOEtzYKo6UOvcSWyKuYkBbu-2BrgohVBVKgBo9o9-2BerL7XfpPycX4tVXbINzN8N-2BNyqWUccGvwWBLReW8qV2TbIJ_rxG9ljSnJPiMQpWBoKMzyRMyIWT6BU6u9Rgl4hzqXDuwMSGOaVY2F9kUJNR1MdaeTkL9GsWibFaQiNeb6SexPKcw3084LoBzJ3C0pZnFJzukITadKHLoFadNgdI2xZ2fl8sHOIw2EV-2BOr3FtlBATKlSMtZlgrwT1FSWSurQbVNm9T1XA3bA6k1EiHMNnFJyGIJGb02njLqtKu0zXGoIyo1JsxmPOuLetzdHBUwVfmo6BbFBtTeu-2BF98EwQUIIZJLIJEnIWFoqYtJsfdEyx-2FuX-2FgALs9-2F2XU8-2Fb5wdrl-2Bse4weKsnUDlufW8VVyurDsqP	Get hash	malicious	Unknown	Browse
	https://action.azurecomm.net/api/a/c?r=AIAACDOOHZNGYC4XLJLK2LJJIWQLTFFL2EBHJGF4F6V26CWBLKMSCK6TM7K3R2J23SMMMIK6EOKHOBH2C42R2BHRC7I2KA7NQWRYKX2W6HB5VSIC4LW73HZBYRMG4THVIUGPPXMWBP5V5MJPB5VPPTUMGVODKIYAJGBUA5HG3VKF2Y7F7P7UTTKPYJWVPERCPUDLMSSGNV4ISKBBBU5YYIVK7V3PGNF23HER5EL3NIRFJEWOSHJA7LXULTGBKOEEANJFNXPB7GQUOZNH2CRY7TE47UHLE5YRABWJXIGZDEWXPRHX5LFRTR54BUEQUGXZVYNHIVS5MP3L55OEF7BJJMTZMRCAPSI7DHWKUUJUGXI56ZFKYSCXLU4VITJUU63QTIGIZL6XQE6ZJ6FNSE3I3LLJXL2OHAPV2G2RUH3BFTFMPLTRG62LXWO5X5G5F7G3VHMA5EUIAS46EIA7FGJA34QDH2BHI7TZ6P3SEVV34EGOFRFSM2ZEADGQI5HL7AZDSD7MGUUPFSJWBVRN3I6OLF4FZZHK3NRNON7YDHIHRANNRMUTSEKLKEZPOHCHQEFIQGNPM4KC23OR4EOQHM5IMT7X2W3BIZEDQQ3Z2XJ2CODKH4NOZEJZKX5EL3BGMXQODPL73HTLG6LA6NYONI5YEUPYCIQDSDVSAFK432DKCZYFBRAUSCOE6YBSTUU3AVWVJSVOWUPKWVO45QVRFIUIUSTG57T5RRSIR2NDXWRN72J6BUK624S57JOL5RVY2V5LDFPZRPJIRYXANCHOGWJYOB6T36BJLNIK3VJZU6U7IOCJTUVWJBLGAU3KCT6SKGKIVWWDCJ7LFUU3WIQGSBKOABLRLDORQB75BL2QX37P25IJNRQ2PWQEUHRXGAWIJSQG7IHVBGLL7LRHUIYBSWP4JTT2AVGFSKHPPBINM6UHHUTDVQ6TDOA27SHEGD322F6ONNZ6EXTAHJD5YYSMJADBCCXMTQ5QDJFQCLAPGEDMRL7VM4D4FUVVMYC7C7P6VTDXNF7A4RI3R55R4IRZXKLOQMOA7H33VO33Q74GHM2NCLBC53IMCKWCAXGRW2AYBWADBAHWQWGPMJ7QTOOV6H3DGGUZGYYLMWGQHBJSDOQXL72R5SORQCKKCVLJVVYDRM5KFERQNQ4M3AQVGQD3VUN55ZYW5I6QOO5SCCPCFCXPGW2OELWRUITEA5R4OVIMW6MELK6OXZTVQCTA2EWDLDP33G2WKO2AXFYVRES5SW73L5LVY5NEZJ3TYFI4CD7HK74QN2Q3ALLVJDECZOSUABNM4YV2P6SO5MLC5TO6QAGA63TXPNCMYZ23EEE4&d=AIAACBVJDHW6DLON6J5XAH6FZR3R7X4ROMTXBUWAAPB4O4AS5QFXRLVSREYW7RVSJPYJCCTISAFBTWDN65VERAS3STYNGBGWLZ2B6WB4KHNK52TEZSILYRFZLC5ANBUGYR2KWJZHMRJ3QSJ5KTP6P3M2L64F4R5OI2RBPDQVENQS2EBHSTX6MSBTDAMDUQLGADQQY5UUKPXCDP744BELXIPRXODN3NHYMAKKD5R2VXZPE3GYEC3LXSKIOKXPTK37WFHAOG7TGLMHJ6S432YO5VYLBEGEZLI	Get hash	malicious	Unknown	Browse
	https://atadfsrgse.square.site/	Get hash	malicious	Unknown	Browse
	https://trk.klclick3.com/ls/click?upn=60zrMRL8humPvMqOvvRGEsTwmfB1xyE-2FuIcJUrYW6CoxNuWh1d-2FPOUbebPgKWBbKvQ1rlWfSLfpUMIfzy8d0Dm96Dw9-2FRkaBjVQ8hPqe2tdqyXIunPrYCWzfp3vus9rAp9zdBXwvb-2BC1Znh6pjbUraa-2BWQmXUhLL9c1BG-2Bw9ch9zBNuOqkBOVtmwXIiyzkggH8di1Bm73cFQXet8RIU0xl5bI-2Fb5u96SEs2vI0vj7xXUPMsRRdburaDcmhDpX7iji0ek1i7SQ5D1KNf6og-2BJUf7oLeCWUthITtLrEy6K6iF6rZ3hfhPkuh9FX0ze5NWf2kU5_SwQzVbHIfFE9uWxeRIZUf7sxBlUMVV5-2BDExu8iBnKFTH6HQpYy7M65-2B4MHCQXlgAO-2BztY8UDe8f3HgJqiLMLbMOS-2FfUY0chtqi04f-2FuhXQcSXqTeA4k4M5AOxsw2gUPHp4wDJupm9iyJTUWQ5JplL47w9XTUpuR1mqIDr45ft7zf2KxL7QF6Gl2BI0ACyzJjFt8lsyLg1gK-2FOr0fd2CrD0CoBzjKxB4aPNlKugfQAL7sjYldK0kh3oQ4oUVvf0jp3PXDAlB6-2ByTcOC4PmnXMMrh0CXPCtRU08AnfXAxEKk-2Fdc3tlSw8c9VdJAahzS9LD	Get hash	malicious	Unknown	Browse
239.255.255.250	https://clc.li/bsLRU	Get hash	malicious	HTMLPhisher	Browse
	https://sigtn.com////////utils/emt.cfm?client_id=9195153&campaign_id=73466&link=neoparts%E3%80%82com.br./dayo/fks6/TWFncm8uWXVkZWdvLkphdmllckBkZW1lLWdyb3VwLmNvbQ==$	Get hash	malicious	Fake Captcha, HTMLPhisher	Browse
	https://colunroad.info/?utm_campaign=y0rsMyowMImIDv9DTSX69oig88PrjKrJ9agQ3DpV-9I1&t=back	Get hash	malicious	GRQ Scam	Browse
	http://www.mh3solaroh.com/	Get hash	malicious	HTMLPhisher	Browse
	https://web.lehighvalleychamber.org/cwt/external/wcpages/referral.aspx?ReferralType=W&ProfileID=5337&ListingID=4065&CategoryID=74&SubCategoryID=0&url=//sanemedia.ca/owaow/yjyo8q/bWFyaWEud29qY2llY2hvd3NraUBjby5tb25tb3V0aC5uai51cw==	Get hash	malicious	HTMLPhisher	Browse
	http://www.jdenviro.ca	Get hash	malicious	Unknown	Browse
	https://www.jottacloud.com/s/3542495a6cd3d7a4aafad5878d671fdee68	Get hash	malicious	Unknown	Browse
	Wc 401k Retirement Plan.shtml	Get hash	malicious	Unknown	Browse
	http://email.wantyourfeedback.com/ls/click?upn=u001.PD4nPnyJUo8oiEzSkSGLgaBNAMtLp9U5nstWElDmnpXtySPOXSs4GxXhEZNYegDWlOpy_1gt1aDjd5mPVItYgazWgABkVm-2FZUH6kt1lIvkdtkRWsfoyQV18ixDvOX-2B0tU4ZH6SMN7PC0YJjM3gcvFPvh6CbZuFXlOBXf3FWLiJkpKJ7Hjba3S4-2FzhpmkR8VdprfK8GO3qSu-2BzqpIaLLC-2Bva9kOn7HY5B7OIgz5EOl88o1lnRSRpayTzqRzTSFhtg2Bi-2BI4dAZ7qHRbJ3vb9lcrxBKqAk13I-2BCAvndhSK1Vi4ubCjlp2xQlrXIHfzqmLiSPjl7tEmTsLYr99h3esBOPv8ASLIpf873P512I7xYEOjogT1gQCerfZNqh6K2IdWU6lDJ2r3wpU6ug02vU9Zslw4DYpuNNZQNVtap5mqv9Xf8D1PYQxYI5BK4owXOV2wEXeRIjST24XAw6EO9D1tdiGoHDRaxW2QofayefCuiW9Z191aML90svJWojHiQp1Fq-2BXFLiyEx8V1eLa7dixfJ23RRWtHvg1jOrHp7lqvXRA7dobs-3D	Get hash	malicious	HTMLPhisher	Browse
	http://wsj.pm	Get hash	malicious	NetSupport RAT	Browse
3.86.126.62	https://mannedroll.com/0/0/0/fce32451eb1dc7beb0219bbe608d4403/0/43811/184525/24	Get hash	malicious	Phisher	Browse
3.86.126.62	https://www.carters.com/home?id=carters	Get hash	malicious	Unknown	Browse
54.161.222.185	https://go2.israelandafrica.com/f/a/y5H0bDO4woHaMQouJjYlOfq~~/OMbOowf~/aHR0cDovL0N1cmF0ZWJpby5VU0VSaEJNWUkubXNibG9nZ2VyLmNvbS5hdS9qYXNvbi53YWxzaEBjdXJhdGViaW8uY29t	Get hash	malicious	Unknown	Browse
34.66.3.160	https://estaleiroarrozal.com.br/wp-admin/form/New%20ATT/bill.charged.html	Get hash	malicious	Unknown	Browse
	https://still-firefly-5807.on.fleek.co/	Get hash	malicious	Unknown	Browse
	https://mtb-repo.pages.dev/	Get hash	malicious	Unknown	Browse
	https://r20.rs6.net/tn.jsp?f=001iWN8yfVusyiHsGt8sqaWV6kUcO7m0rc8YG8wNfwnSgGWAlJpLD29A5pCIP6P9zjtebScDCreq0Ew5EOVnGXKUbWutrFPk5SyHAH-zDLITideiOfhKTm-BlzUDrVTgfKpSsAAcHkZ6lv2Kf2x7G2xOQ====&c=&ch=&__=andlc3RlcmhvdXRAZGxyLm5s	Get hash	malicious	Unknown	Browse
	http://rs6.net	Get hash	malicious	Unknown	Browse
	estimate.html	Get hash	malicious	HTMLPhisher	Browse
	https://r20.rs6.net/tn.jsp?f=001-IK3luo-d7610-syZG3-K8QGGveASJNhn1poYniSoK_T06eF7UpX8D1C8ox7ucdxr7qMSOCK9N7ZMKUoYzdZgvuGa0Q0K1QWYdWrtlOtl0ynIOTMH3VzBgKGdapppwnG9yXKOsocjLM=&c=&ch=#dmVyb25pY2EuY2FsZGVyb25AZGV2cnkuZWR1	Get hash	malicious	Unknown	Browse
	https://arthurrlemus.wixsite.com/micr/office	Get hash	malicious	Unknown	Browse
	https://theperfectgifts.info/check_balance.php	Get hash	malicious	Unknown	Browse
	http://info.inbox-insider.com/rd/9z2z5ss8cmglgir6855v36r0jq30kqkn3ecfuppo8m8_rp2ash2s8gb2sbgebjqf95jmcrr795jm8rr1td4mer79c9l69pqcdtlmui34thgmipnadt4sbp65srmmdq7ap9jejinfc9kedpmbchimthradtkc4q6as5ic4r30t74mdhnas5me9jrfkjge9i3cc5icpp78cbmc3gb8p9gs2qj2o7261j30sljcgo75dr665ob4ohme8gq48bi4bh22o36cpimcpr7c8iv0	Get hash	malicious	Unknown	Browse
3.161.188.119	Polynomial.xlsb	Get hash	malicious	Unknown	Browse

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
f.monetate-prod.zone	http://hsn.app.link/3p?%243p=e_et&%24original_url=//davidsammuel.com/wp-content/upgrade/img/byctvwbmudwarxtdsnuyosotctscie/c3JpZW5AbGFmZmVydHkuaWU=	Get hash	malicious	Unknown	Browse	54.165.48.193
f.monetate-prod.zone	https://mannedroll.com/0/0/0/fce32451eb1dc7beb0219bbe608d4403/0/43811/184525/24	Get hash	malicious	Phisher	Browse	3.86.126.62
d20qwf0wrdtevy.cloudfront.net	https://in.xero.com/VmFUGq2DR0w0RroiyvWAWXw083jyp1tZyI3WNgUe?utm_source=invoiceEmailViewInvoiceButtonSecondary&utm_campaign=invoicesEmailStandardV2	Get hash	malicious	Unknown	Browse	18.65.25.70
	_file____C__Users_hp_Downloads_C__Users_moodyt_AppData_Local_Temp_2_RemittanceAdvice17-Apr-2024.html	Get hash	malicious	Unknown	Browse	3.161.188.91
	FFE Order details - Cincy v41720.xlsx	Get hash	malicious	Unknown	Browse	99.84.203.122
	FFE Order details - Cincy v41720.xlsx	Get hash	malicious	Unknown	Browse	3.161.188.91
	http://www.sdmts.com/business-center/for-hire-vehicle-administration&c=E,1,pc5oom8YsW1RqHtANaUTLgMvd2z37r_4n-NR90jlF12Z7NyUKYXr1sKmCXY3dgMIENHwNl8jxylzX2garHrVx3wU2gE5fuDMBydZQ2COLEQJ&typo=1	Get hash	malicious	Unknown	Browse	108.138.128.83
	https://docs.google.com/drawings/d/1hsNba0GFL7D35MHhiXW98q5gXn9lh-NWbkA0ERgoy2M/preview	Get hash	malicious	Unknown	Browse	108.138.128.21
	https://learn.zix.com/	Get hash	malicious	Unknown	Browse	13.249.39.128
	https://agrtq.qc.ca/	Get hash	malicious	Unknown	Browse	18.160.46.13
	https://invisiblepeople.tv/stories-from-homeless-people/	Get hash	malicious	Unknown	Browse	13.249.39.118
	https://letg.pages.dev/account/js-reporting/?crumb=uZ4.07kERLI&message=javascript_not_enabled&ref=%2Faccount%2Fchallenge%2Fpassword	Get hash	malicious	HTMLPhisher	Browse	108.157.173.64
res.cisco.com	securedoc_20240328T081124.html	Get hash	malicious	Unknown	Browse	184.94.241.74
	securedoc_20240212T082824.html	Get hash	malicious	Unknown	Browse	184.94.241.74
	securedoc_20240207T142952.html	Get hash	malicious	Unknown	Browse	184.94.241.74
	bankozk_securedoc_20231214T140252.html	Get hash	malicious	Unknown	Browse	184.94.241.74
	http://res.cisco.com/envelopeopener/pf/ZGJAUG9zdFhuZXQgVG9rZW46MTAwMDE!/fhj.kysPBL1vCr-Ap0cgAxtf-4oAnvhBQdGWEbLmIsfjOkRt1iRs6AjBPp6q3ex6OVzfkENWZJb6NYNiwEi.uZSk84ZMSx7qDA!!/	Get hash	malicious	Unknown	Browse	184.94.241.74
	securedoc_20231101T114817.html	Get hash	malicious	Unknown	Browse	184.94.241.74
	securedoc_20231030T033913.html	Get hash	malicious	Unknown	Browse	184.94.241.74
	https://tinyurl.com/mu4vnty3	Get hash	malicious	HTMLPhisher	Browse	184.94.241.74
col.eum-appdynamics.com	securedoc_20240328T081124.html	Get hash	malicious	Unknown	Browse	54.148.65.130
	https://survey.medallia.eu/CSEU?cs_unit=fedex_cs_NTU0Nzg5OQ&lang=en&t=1	Get hash	malicious	Unknown	Browse	52.34.218.207
	https://lunarcowry.com/	Get hash	malicious	Unknown	Browse	35.160.0.108
	https://www.business.hsbc.com.hk/en-gb/products/hsbc-business-express-mobile-app	Get hash	malicious	Unknown	Browse	35.162.33.152
d2ctznuk6ro1vp.cloudfront.net	https://in.xero.com/VmFUGq2DR0w0RroiyvWAWXw083jyp1tZyI3WNgUe?utm_source=invoiceEmailViewInvoiceButtonSecondary&utm_campaign=invoicesEmailStandardV2	Get hash	malicious	Unknown	Browse	99.84.203.116
	https://i.imgur.com/EoTj4iI.png	Get hash	malicious	Unknown	Browse	3.163.125.76
	https://www.msn.com/en-us/autos/enthusiasts/what-s-the-difference-between-a-shelby-mustang-and-a-regular-mustang/ar-AA1ntM5Z?ocid=entnewsntp&pc=U531&cvid=8b8aa9e3e14d4164a6a2181020104694&ei=36	Get hash	malicious	Unknown	Browse	3.163.101.129
	FFE Order details - Cincy v41720.xlsx	Get hash	malicious	Unknown	Browse	3.163.125.8
	FFE Order details - Cincy v41720.xlsx	Get hash	malicious	Unknown	Browse	18.244.202.104
	http://www.sdmts.com/business-center/for-hire-vehicle-administration&c=E,1,pc5oom8YsW1RqHtANaUTLgMvd2z37r_4n-NR90jlF12Z7NyUKYXr1sKmCXY3dgMIENHwNl8jxylzX2garHrVx3wU2gE5fuDMBydZQ2COLEQJ&typo=1	Get hash	malicious	Unknown	Browse	18.173.219.90
	http://www.theorlandotimesnewspaper.com	Get hash	malicious	Unknown	Browse	18.173.219.72
	http://bckonline.com/2018/12/21/orlando-brown-tells-dr-phil-that-he-has-four-kids-and-the-2-year-old-is-still-in-the-belly-video/	Get hash	malicious	Unknown	Browse	13.225.63.13
	https://orange-cloud-2260.on.fleek.co/currently.html	Get hash	malicious	HTMLPhisher	Browse	18.160.46.99
	https://717d3e7431f2e7c7bb7dd22f0013e4b26da132b85882b1408b2497004a.pages.dev/	Get hash	malicious	HTMLPhisher	Browse	99.84.208.87

ASNs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
PROGRESSIVE-ASUS	PT22T1QvJU.elf	Get hash	malicious	Mirai, Moobot	Browse	170.218.220.153
	3rOSHAZ6SC.elf	Get hash	malicious	Mirai	Browse	170.218.220.46
	quhEKAdhFU.elf	Get hash	malicious	Mirai	Browse	170.218.220.137
	oBnUnwroXT.elf	Get hash	malicious	Mirai	Browse	170.218.220.33
	UdA5gm8Q1y.elf	Get hash	malicious	Mirai	Browse	170.218.232.10
	40nn9wqjPw.elf	Get hash	malicious	Unknown	Browse	170.218.220.197
	R2T0Y2eOaK.elf	Get hash	malicious	Mirai, Moobot	Browse	170.218.179.190
	oHb4UifbHZ.elf	Get hash	malicious	Mirai	Browse	170.218.220.49
	vLGA9enNcX.elf	Get hash	malicious	Mirai	Browse	170.218.220.33
	FjwVYEXgSo.elf	Get hash	malicious	Mirai	Browse	170.218.202.107
AMAZON-AESUS	http://www.mh3solaroh.com/	Get hash	malicious	HTMLPhisher	Browse	23.20.165.17
	https://web.lehighvalleychamber.org/cwt/external/wcpages/referral.aspx?ReferralType=W&ProfileID=5337&ListingID=4065&CategoryID=74&SubCategoryID=0&url=//sanemedia.ca/owaow/yjyo8q/bWFyaWEud29qY2llY2hvd3NraUBjby5tb25tb3V0aC5uai51cw==	Get hash	malicious	HTMLPhisher	Browse	34.196.110.25
	ZcOjro0Chh.elf	Get hash	malicious	Mirai	Browse	34.207.187.66
	https://runrun.it/share/portal/x1pWDYC5l2f72kuw	Get hash	malicious	HTMLPhisher	Browse	3.214.248.84
	https://app.robly.com/sites/1550c67c312457e2bb58457f78fda912/f774d7ddfffc8f1d429cd55a95adr852d	Get hash	malicious	HtmlDropper, HTMLPhisher	Browse	34.231.99.77
	https://runrun.it/share/portal/x1pWDYC5l2f72kuw	Get hash	malicious	HTMLPhisher	Browse	3.219.101.117
	[EXTERNAL] New file received.eml	Get hash	malicious	HTMLPhisher	Browse	107.22.247.231
	https://web.lehighvalleychamber.org/cwt/external/wcpages/referral.aspx?ReferralType=W&ProfileID=5337&ListingID=4065&CategoryID=74&SubCategoryID=0&url=//sanemedia.ca/owaow/o76fri/enpmZG9tbF9zdXBlcnZpc29yMXN0X2Fzc2lzdGFudEBmZC5vcmc=	Get hash	malicious	HTMLPhisher	Browse	23.23.165.157
	https://functional-adhesive-titanium.glitch.me/	Get hash	malicious	Unknown	Browse	18.235.65.101
	https://boardmbza.info/f	Get hash	malicious	Unknown	Browse	52.21.33.16
AMAZON-02US	https://sigtn.com////////utils/emt.cfm?client_id=9195153&campaign_id=73466&link=neoparts%E3%80%82com.br./dayo/fks6/TWFncm8uWXVkZWdvLkphdmllckBkZW1lLWdyb3VwLmNvbQ==$	Get hash	malicious	Fake Captcha, HTMLPhisher	Browse	3.17.89.142
	OTpMIf3qBf.elf	Get hash	malicious	Mirai, Okiru	Browse	34.249.145.219
	EQYrfnHzXO.elf	Get hash	malicious	Mirai, Okiru	Browse	54.171.230.55
	http://www.mh3solaroh.com/	Get hash	malicious	HTMLPhisher	Browse	44.225.38.235
	https://web.lehighvalleychamber.org/cwt/external/wcpages/referral.aspx?ReferralType=W&ProfileID=5337&ListingID=4065&CategoryID=74&SubCategoryID=0&url=//sanemedia.ca/owaow/yjyo8q/bWFyaWEud29qY2llY2hvd3NraUBjby5tb25tb3V0aC5uai51cw==	Get hash	malicious	HTMLPhisher	Browse	108.156.152.114
	Id2uxwyyf8.elf	Get hash	malicious	Gafgyt, Mirai	Browse	34.249.145.219
	cR7iTvKIZm.elf	Get hash	malicious	Mirai, Okiru	Browse	54.247.62.1
	C5fMgX1ZyY.elf	Get hash	malicious	Gafgyt, Mirai	Browse	34.249.145.219
	hz2ffABF7w.elf	Get hash	malicious	Mirai, Okiru	Browse	54.171.230.55
	U4EnIo30QR.elf	Get hash	malicious	Mirai, Okiru	Browse	34.249.145.219
AMAZON-02US	https://sigtn.com////////utils/emt.cfm?client_id=9195153&campaign_id=73466&link=neoparts%E3%80%82com.br./dayo/fks6/TWFncm8uWXVkZWdvLkphdmllckBkZW1lLWdyb3VwLmNvbQ==$	Get hash	malicious	Fake Captcha, HTMLPhisher	Browse	3.17.89.142
	OTpMIf3qBf.elf	Get hash	malicious	Mirai, Okiru	Browse	34.249.145.219
	EQYrfnHzXO.elf	Get hash	malicious	Mirai, Okiru	Browse	54.171.230.55
	http://www.mh3solaroh.com/	Get hash	malicious	HTMLPhisher	Browse	44.225.38.235
	https://web.lehighvalleychamber.org/cwt/external/wcpages/referral.aspx?ReferralType=W&ProfileID=5337&ListingID=4065&CategoryID=74&SubCategoryID=0&url=//sanemedia.ca/owaow/yjyo8q/bWFyaWEud29qY2llY2hvd3NraUBjby5tb25tb3V0aC5uai51cw==	Get hash	malicious	HTMLPhisher	Browse	108.156.152.114
	Id2uxwyyf8.elf	Get hash	malicious	Gafgyt, Mirai	Browse	34.249.145.219
	cR7iTvKIZm.elf	Get hash	malicious	Mirai, Okiru	Browse	54.247.62.1
	C5fMgX1ZyY.elf	Get hash	malicious	Gafgyt, Mirai	Browse	34.249.145.219
	hz2ffABF7w.elf	Get hash	malicious	Mirai, Okiru	Browse	54.171.230.55
	U4EnIo30QR.elf	Get hash	malicious	Mirai, Okiru	Browse	34.249.145.219

JA3 Fingerprints

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
28a2c9bd18a11de089ef85a160da29e4	https://clc.li/bsLRU	Get hash	malicious	HTMLPhisher	Browse	13.85.23.86 184.31.62.93
	https://colunroad.info/?utm_campaign=y0rsMyowMImIDv9DTSX69oig88PrjKrJ9agQ3DpV-9I1&t=back	Get hash	malicious	GRQ Scam	Browse	13.85.23.86 184.31.62.93
	https://web.lehighvalleychamber.org/cwt/external/wcpages/referral.aspx?ReferralType=W&ProfileID=5337&ListingID=4065&CategoryID=74&SubCategoryID=0&url=//sanemedia.ca/owaow/yjyo8q/bWFyaWEud29qY2llY2hvd3NraUBjby5tb25tb3V0aC5uai51cw==	Get hash	malicious	HTMLPhisher	Browse	13.85.23.86 184.31.62.93
	http://www.jdenviro.ca	Get hash	malicious	Unknown	Browse	13.85.23.86 184.31.62.93
	https://www.jottacloud.com/s/3542495a6cd3d7a4aafad5878d671fdee68	Get hash	malicious	Unknown	Browse	13.85.23.86 184.31.62.93
	Wc 401k Retirement Plan.shtml	Get hash	malicious	Unknown	Browse	13.85.23.86 184.31.62.93
	http://wsj.pm	Get hash	malicious	NetSupport RAT	Browse	13.85.23.86 184.31.62.93
	https://rro5wktwxr4n.rollout-specialist-assistance-network.cfd/support_case_ID/#8347435238	Get hash	malicious	Unknown	Browse	13.85.23.86 184.31.62.93
	https://web.lehighvalleychamber.org/cwt/external/wcpages/referral.aspx?ReferralType=W&ProfileID=5337&ListingID=4065&CategoryID=74&SubCategoryID=0&url=//sanemedia.ca/owaow/yjyo8q/bWFyaWEud29qY2llY2hvd3NraUBjby5tb25tb3V0aC5uai51cw==	Get hash	malicious	HTMLPhisher	Browse	13.85.23.86 184.31.62.93
	https://r20.rs6.net/tn.jsp?f=001mdupJ4qBb-Nd2_ylzx8HBttlQ9opTAsCLDNaIzR_kjOMUNmpNcZJwTrf1-JKcQms1CJ9Uho976bwGC08_tX5C5noMjVDoDyLOXoK3aopxxStOM8t6wvTBKWgVo18etJYQ_eeHjJ4R2lwkep1pKOUg8VLdGfphtuo&c=&ch=/Er8BdK9PMSuOgr2lskWkeZAKVKx339#?ZnJhbmtfZHJhcGVyQGFvLnVzY291cnRzLmdvdg==	Get hash	malicious	HTMLPhisher	Browse	13.85.23.86 184.31.62.93

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	assembler source, ASCII text, with very long lines (532)
Category:	downloaded
Size (bytes):	125526
Entropy (8bit):	5.0618980601159205
Encrypted:	false
SSDEEP:	1536:jfy0/DEC/9Je2j2L292cghoO/BEKLLnMmbCQd7zWiRcZMLcv0b4zZxMOXObVHnd5:9D1Je2j2L292cgRBPvMm2QpzWiRcvA
MD5:	1444470212C91839F71D8F970716C08E
SHA1:	221878F028DFAECEA3C2C51E8EA8037BD6A29FE8
SHA-256:	1A5395EF53168235A0738B5133B5EA056B6982627CB95BCA76C74EAE87586FCD
SHA-512:	F90ABF0615AFF1FED1735EACA00EF0B30832DD36F15316F5B06E15C7749C92597BF1536C48449B237B52A10DFAD13B9B76CA7F349D5271436B0709587691C896
Malicious:	false
Reputation:	moderate, very likely benign file
URL:	https://static.cres-aws.com/postx.css
Preview:	./* Inter Font Library */..@font-face {. font-family: "Inter";. font-weight: 100;. src: url("./fonts/Inter/Inter-Thin.ttf") format("truetype");. }. . @font-face {. font-family: "Inter";. font-weight: 200;. src: url("./fonts/Inter/Inter-ExtraLight.ttf") format("truetype");. }. . @font-face {. font-family: "Inter";. font-weight: 300;. src: url("./fonts/Inter/Inter-Light.ttf") format("truetype");. }. . @font-face {. font-family: "Inter";. font-weight: 400;. src: url("./fonts/Inter/Inter-Regular.ttf") format("truetype");. }. . @font-face {. font-family: "Inter";. font-weight: 500;. src: url("./fonts/Inter/Inter-Medium.ttf") format("truetype");. }. . @font-face {. font-family: "Inter";. font-weight: 600;. src: url("./fonts/Inter/Inter-SemiBold.ttf") format("truetype");. }. . @font-face {. font-family: "Inter";. font-weight: 700;. src: url("./fonts/Inter/Inter-Bold.ttf") format("truetype");. }. . @font-face {

File type:	HTML document, Unicode text, UTF-8 text, with very long lines (474), with CRLF, LF line terminators
Entropy (8bit):	6.051784809146282
TrID:	Scalable Vector Graphics (18501/1) 24.18% HyperText Markup Language (12001/1) 15.69% HyperText Markup Language (12001/1) 15.69% HyperText Markup Language (11501/1) 15.03% HyperText Markup Language (11501/1) 15.03%
File name:	securedoc_20240425T124814.html
File size:	1'903'699 bytes
MD5:	e402191108703ab44b9fd3344c18baad
SHA1:	98d3b12c36d7a2ff295e79f0189539667cbe4b78
SHA256:	e51fa6abd17c8e6eb6ac89d54c07b8bf3e930d938589350a7cdc9ab3db4e4914
SHA512:	72bcd3aee7e190415ed4384b80c3b280f56a32e2b57c2b5b2908b4cd4ae085ebfbf7d565db4a682cdc78df0a991ee6095ae4a93628cb8635ac9d582e2b58f3ed
SSDEEP:	24576://LQIGKEb+v/LYYq28zJRXH8wmh5T99veRFAXgAcegMOiYYnZefXd8cecZ6xPLUz:BVJC8xfmtVAY8ZdAz
TLSH:	009502485B265835E2F04831F47F2B4539790EAB484C3CEAC91D92981EDBA2F1497FDE
File Content Preview:	saved from url=(0025)https://res.cisco.com:443 -->..<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN". "http://www.w3.org/TR/html4/loose.dtd"><html.lang="en"><head><base href="https://res.cisco.com/envelopeopener/pf/ZGJAVG9rZW4yMTQ2NjozN

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Apr 25, 2024 20:32:46.541577101 CEST	192.168.2.4	1.1.1.1	0x2a3e	Standard query (0)	static.cres-aws.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:32:46.541754961 CEST	192.168.2.4	1.1.1.1	0x94c3	Standard query (0)	static.cres-aws.com	65	IN (0x0001)	false
Apr 25, 2024 20:32:46.543214083 CEST	192.168.2.4	1.1.1.1	0x6f39	Standard query (0)	cdnjs.cloudflare.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:32:46.543361902 CEST	192.168.2.4	1.1.1.1	0xf9a7	Standard query (0)	cdnjs.cloudflare.com	65	IN (0x0001)	false
Apr 25, 2024 20:32:46.561269045 CEST	192.168.2.4	1.1.1.1	0x418e	Standard query (0)	res.cisco.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:32:46.561404943 CEST	192.168.2.4	1.1.1.1	0xcd2e	Standard query (0)	res.cisco.com	65	IN (0x0001)	false
Apr 25, 2024 20:32:47.602509022 CEST	192.168.2.4	1.1.1.1	0xda01	Standard query (0)	res.cisco.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:32:47.602642059 CEST	192.168.2.4	1.1.1.1	0xb4cc	Standard query (0)	res.cisco.com	65	IN (0x0001)	false
Apr 25, 2024 20:32:48.545972109 CEST	192.168.2.4	1.1.1.1	0x6d99	Standard query (0)	static.cres-aws.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:32:48.546145916 CEST	192.168.2.4	1.1.1.1	0xf1c4	Standard query (0)	static.cres-aws.com	65	IN (0x0001)	false
Apr 25, 2024 20:32:50.960800886 CEST	192.168.2.4	1.1.1.1	0x610a	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:32:50.961541891 CEST	192.168.2.4	1.1.1.1	0xeb1d	Standard query (0)	www.google.com	65	IN (0x0001)	false
Apr 25, 2024 20:33:32.759548903 CEST	192.168.2.4	1.1.1.1	0x48e8	Standard query (0)	www.progressive.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:32.759716988 CEST	192.168.2.4	1.1.1.1	0x24c2	Standard query (0)	www.progressive.com	65	IN (0x0001)	false
Apr 25, 2024 20:33:33.112606049 CEST	192.168.2.4	1.1.1.1	0xb45e	Standard query (0)	www.progressive.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:33.112986088 CEST	192.168.2.4	1.1.1.1	0x3aff	Standard query (0)	www.progressive.com	65	IN (0x0001)	false
Apr 25, 2024 20:33:34.307393074 CEST	192.168.2.4	1.1.1.1	0x5873	Standard query (0)	images.contentstack.io	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:34.307737112 CEST	192.168.2.4	1.1.1.1	0x9a22	Standard query (0)	images.contentstack.io	65	IN (0x0001)	false
Apr 25, 2024 20:33:34.320354939 CEST	192.168.2.4	1.1.1.1	0xac8d	Standard query (0)	aa.agkn.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:34.322402954 CEST	192.168.2.4	1.1.1.1	0x6c7e	Standard query (0)	aa.agkn.com	65	IN (0x0001)	false
Apr 25, 2024 20:33:34.436621904 CEST	192.168.2.4	1.1.1.1	0x9c25	Standard query (0)	progressive.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:34.436760902 CEST	192.168.2.4	1.1.1.1	0x901b	Standard query (0)	progressive.com	65	IN (0x0001)	false
Apr 25, 2024 20:33:34.437711954 CEST	192.168.2.4	1.1.1.1	0x4b08	Standard query (0)	stats.g.doubleclick.net	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:34.437845945 CEST	192.168.2.4	1.1.1.1	0x798d	Standard query (0)	stats.g.doubleclick.net	65	IN (0x0001)	false
Apr 25, 2024 20:33:34.556232929 CEST	192.168.2.4	1.1.1.1	0x60a5	Standard query (0)	se.monetate.net	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:34.556852102 CEST	192.168.2.4	1.1.1.1	0x5339	Standard query (0)	se.monetate.net	65	IN (0x0001)	false
Apr 25, 2024 20:33:35.269721985 CEST	192.168.2.4	1.1.1.1	0xa113	Standard query (0)	api.progressive.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:35.270056009 CEST	192.168.2.4	1.1.1.1	0x23cc	Standard query (0)	api.progressive.com	65	IN (0x0001)	false
Apr 25, 2024 20:33:35.271846056 CEST	192.168.2.4	1.1.1.1	0x11c9	Standard query (0)	s.go-mpulse.net	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:35.271990061 CEST	192.168.2.4	1.1.1.1	0xefe5	Standard query (0)	s.go-mpulse.net	65	IN (0x0001)	false
Apr 25, 2024 20:33:35.780673981 CEST	192.168.2.4	1.1.1.1	0xdc9b	Standard query (0)	c.go-mpulse.net	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:35.781605959 CEST	192.168.2.4	1.1.1.1	0x75a2	Standard query (0)	c.go-mpulse.net	65	IN (0x0001)	false
Apr 25, 2024 20:33:35.782294035 CEST	192.168.2.4	1.1.1.1	0x2ef4	Standard query (0)	col.eum-appdynamics.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:35.782582045 CEST	192.168.2.4	1.1.1.1	0x9f83	Standard query (0)	col.eum-appdynamics.com	65	IN (0x0001)	false
Apr 25, 2024 20:33:35.898140907 CEST	192.168.2.4	1.1.1.1	0x5600	Standard query (0)	cdn.appdynamics.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:35.898400068 CEST	192.168.2.4	1.1.1.1	0x287e	Standard query (0)	cdn.appdynamics.com	65	IN (0x0001)	false
Apr 25, 2024 20:33:35.902431965 CEST	192.168.2.4	1.1.1.1	0xbe25	Standard query (0)	gateway.answerscloud.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:35.902721882 CEST	192.168.2.4	1.1.1.1	0x8943	Standard query (0)	gateway.answerscloud.com	65	IN (0x0001)	false
Apr 25, 2024 20:33:36.036928892 CEST	192.168.2.4	1.1.1.1	0x7d01	Standard query (0)	d.agkn.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:36.037082911 CEST	192.168.2.4	1.1.1.1	0xce15	Standard query (0)	d.agkn.com	65	IN (0x0001)	false
Apr 25, 2024 20:33:36.060144901 CEST	192.168.2.4	1.1.1.1	0x77ab	Standard query (0)	pt.ispot.tv	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:36.060498953 CEST	192.168.2.4	1.1.1.1	0x9352	Standard query (0)	pt.ispot.tv	65	IN (0x0001)	false
Apr 25, 2024 20:33:36.214206934 CEST	192.168.2.4	1.1.1.1	0xf13e	Standard query (0)	bid.g.doubleclick.net	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:36.214405060 CEST	192.168.2.4	1.1.1.1	0x9526	Standard query (0)	bid.g.doubleclick.net	65	IN (0x0001)	false
Apr 25, 2024 20:33:36.217338085 CEST	192.168.2.4	1.1.1.1	0xe85e	Standard query (0)	googleads.g.doubleclick.net	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:36.217609882 CEST	192.168.2.4	1.1.1.1	0x470d	Standard query (0)	googleads.g.doubleclick.net	65	IN (0x0001)	false
Apr 25, 2024 20:33:36.269067049 CEST	192.168.2.4	1.1.1.1	0x8019	Standard query (0)	images.contentstack.io	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:36.269587040 CEST	192.168.2.4	1.1.1.1	0xaa9c	Standard query (0)	images.contentstack.io	65	IN (0x0001)	false
Apr 25, 2024 20:33:36.274703026 CEST	192.168.2.4	1.1.1.1	0xd63b	Standard query (0)	www.progressive.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:36.274852037 CEST	192.168.2.4	1.1.1.1	0x89c2	Standard query (0)	www.progressive.com	65	IN (0x0001)	false
Apr 25, 2024 20:33:36.326822996 CEST	192.168.2.4	1.1.1.1	0x4a63	Standard query (0)	adservice.google.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:36.326962948 CEST	192.168.2.4	1.1.1.1	0x6b6f	Standard query (0)	adservice.google.com	65	IN (0x0001)	false
Apr 25, 2024 20:33:36.330082893 CEST	192.168.2.4	1.1.1.1	0xe720	Standard query (0)	1384245.fls.doubleclick.net	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:36.330229044 CEST	192.168.2.4	1.1.1.1	0xc7b0	Standard query (0)	1384245.fls.doubleclick.net	65	IN (0x0001)	false
Apr 25, 2024 20:33:36.573714972 CEST	192.168.2.4	1.1.1.1	0x9a51	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:36.574347973 CEST	192.168.2.4	1.1.1.1	0x5cd0	Standard query (0)	www.google.com	65	IN (0x0001)	false
Apr 25, 2024 20:33:36.692650080 CEST	192.168.2.4	1.1.1.1	0xbe3d	Standard query (0)	f.monetate.net	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:36.693120003 CEST	192.168.2.4	1.1.1.1	0xe3d	Standard query (0)	f.monetate.net	65	IN (0x0001)	false
Apr 25, 2024 20:33:36.695544004 CEST	192.168.2.4	1.1.1.1	0xcd56	Standard query (0)	engine.monetate.net	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:36.696171045 CEST	192.168.2.4	1.1.1.1	0x3fb6	Standard query (0)	engine.monetate.net	65	IN (0x0001)	false
Apr 25, 2024 20:33:36.809140921 CEST	192.168.2.4	1.1.1.1	0x36e4	Standard query (0)	e.monetate.net	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:36.809648991 CEST	192.168.2.4	1.1.1.1	0xc5ce	Standard query (0)	e.monetate.net	65	IN (0x0001)	false
Apr 25, 2024 20:33:36.813441992 CEST	192.168.2.4	1.1.1.1	0xf88	Standard query (0)	rtds.progressive.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:36.813657999 CEST	192.168.2.4	1.1.1.1	0x47f0	Standard query (0)	rtds.progressive.com	65	IN (0x0001)	false
Apr 25, 2024 20:33:37.592423916 CEST	192.168.2.4	1.1.1.1	0x4ce2	Standard query (0)	sb.monetate.net	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:37.592598915 CEST	192.168.2.4	1.1.1.1	0x2a05	Standard query (0)	sb.monetate.net	65	IN (0x0001)	false
Apr 25, 2024 20:33:38.971995115 CEST	192.168.2.4	1.1.1.1	0x3120	Standard query (0)	fid.agkn.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:38.975656986 CEST	192.168.2.4	1.1.1.1	0x611f	Standard query (0)	fid.agkn.com	65	IN (0x0001)	false
Apr 25, 2024 20:33:40.576360941 CEST	192.168.2.4	1.1.1.1	0x50de	Standard query (0)	fid.agkn.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:40.576613903 CEST	192.168.2.4	1.1.1.1	0x3fa	Standard query (0)	fid.agkn.com	65	IN (0x0001)	false
Apr 25, 2024 20:33:40.654726982 CEST	192.168.2.4	1.1.1.1	0xc4c9	Standard query (0)	c.go-mpulse.net	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:40.654885054 CEST	192.168.2.4	1.1.1.1	0x596e	Standard query (0)	c.go-mpulse.net	65	IN (0x0001)	false
Apr 25, 2024 20:33:40.696718931 CEST	192.168.2.4	1.1.1.1	0x20e0	Standard query (0)	engine.monetate.net	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:40.696897984 CEST	192.168.2.4	1.1.1.1	0xbb09	Standard query (0)	engine.monetate.net	65	IN (0x0001)	false
Apr 25, 2024 20:33:41.096121073 CEST	192.168.2.4	1.1.1.1	0xdfb5	Standard query (0)	f.monetate.net	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:41.096257925 CEST	192.168.2.4	1.1.1.1	0x86a1	Standard query (0)	f.monetate.net	65	IN (0x0001)	false
Apr 25, 2024 20:33:41.175561905 CEST	192.168.2.4	1.1.1.1	0xcaf2	Standard query (0)	stats.g.doubleclick.net	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:41.175961018 CEST	192.168.2.4	1.1.1.1	0xc7eb	Standard query (0)	stats.g.doubleclick.net	65	IN (0x0001)	false
Apr 25, 2024 20:33:41.589829922 CEST	192.168.2.4	1.1.1.1	0x901c	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:41.590065002 CEST	192.168.2.4	1.1.1.1	0x9d7	Standard query (0)	www.google.com	65	IN (0x0001)	false
Apr 25, 2024 20:33:42.024180889 CEST	192.168.2.4	1.1.1.1	0xc04a	Standard query (0)	qm2.progressive.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:42.024380922 CEST	192.168.2.4	1.1.1.1	0x4a8f	Standard query (0)	qm2.progressive.com	65	IN (0x0001)	false
Apr 25, 2024 20:33:42.464546919 CEST	192.168.2.4	1.1.1.1	0x5698	Standard query (0)	col.eum-appdynamics.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:42.464699984 CEST	192.168.2.4	1.1.1.1	0x13b2	Standard query (0)	col.eum-appdynamics.com	65	IN (0x0001)	false
Apr 25, 2024 20:33:42.777162075 CEST	192.168.2.4	1.1.1.1	0xfc0b	Standard query (0)	qm2.progressive.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:42.777476072 CEST	192.168.2.4	1.1.1.1	0x24e8	Standard query (0)	qm2.progressive.com	65	IN (0x0001)	false
Apr 25, 2024 20:33:43.491107941 CEST	192.168.2.4	1.1.1.1	0xa25f	Standard query (0)	rl.progressive.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:43.491420984 CEST	192.168.2.4	1.1.1.1	0xdad9	Standard query (0)	rl.progressive.com	65	IN (0x0001)	false
Apr 25, 2024 20:33:44.902295113 CEST	192.168.2.4	1.1.1.1	0xe8a4	Standard query (0)	rl.progressive.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:33:44.902420998 CEST	192.168.2.4	1.1.1.1	0xd76b	Standard query (0)	rl.progressive.com	65	IN (0x0001)	false
Apr 25, 2024 20:34:43.023031950 CEST	192.168.2.4	1.1.1.1	0x8d99	Standard query (0)	qm2.progressive.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:34:43.023317099 CEST	192.168.2.4	1.1.1.1	0x820	Standard query (0)	qm2.progressive.com	65	IN (0x0001)	false
Apr 25, 2024 20:34:49.702672005 CEST	192.168.2.4	1.1.1.1	0xaf46	Standard query (0)	res.cisco.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:34:49.702924013 CEST	192.168.2.4	1.1.1.1	0x2be1	Standard query (0)	res.cisco.com	65	IN (0x0001)	false
Apr 25, 2024 20:35:43.172873974 CEST	192.168.2.4	1.1.1.1	0x62b4	Standard query (0)	qm2.progressive.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:35:43.173206091 CEST	192.168.2.4	1.1.1.1	0xbfb8	Standard query (0)	qm2.progressive.com	65	IN (0x0001)	false
Apr 25, 2024 20:35:50.890841961 CEST	192.168.2.4	1.1.1.1	0x6fa8	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Apr 25, 2024 20:35:50.891009092 CEST	192.168.2.4	1.1.1.1	0xb329	Standard query (0)	www.google.com	65	IN (0x0001)	false

Timestamp	Bytes transferred	Direction	Data
2024-04-25 18:32:46 UTC	542	OUT	GET /ajax/libs/select2/4.0.12/css/select2.min.css HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-25 18:32:47 UTC	953	IN	HTTP/1.1 200 OK Date: Thu, 25 Apr 2024 18:32:47 GMT Content-Type: text/css; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: W/"5eb03fcb-3a76" Last-Modified: Mon, 04 May 2020 16:16:11 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: HIT Age: 19577 Expires: Tue, 15 Apr 2025 18:32:47 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2FZA%2FkYPmipv%2BVz1r0fz7u1sWHrr9jouE%2BwDKmzkv4tjHbHP%2FnCdX%2Fjxo0Lc1zThMX7%2BYkaBeDr7HKA4i3%2FMx84koj3bsJ8X6NAgfQQMaXad8Y7m0j5LYFYYhDimd9zK6OXdlf7G"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 87a06aee4d374587-ATL alt-svc: h3=":443"; ma=86400
2024-04-25 18:32:47 UTC	416	IN	Data Raw: 33 61 37 36 0d 0a 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 6d 61 72 67 69 6e 3a 30 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 6d 69 64 64 6c 65 7d 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 73 65 6c 65 63 74 32 2d 73 65 6c 65 63 74 69 6f 6e 2d 2d 73 69 6e 67 6c 65 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 68 65 69 67 68 74 3a 32 38 70 78 3b 75 73 65 72 2d 73 65 6c 65 63 74 3a 6e 6f 6e 65 3b 2d 77 65 62 6b 69 74 2d 75 73 65 72 Data Ascii: 3a76.select2-container{box-sizing:border-box;display:inline-block;margin:0;position:relative;vertical-align:middle}.select2-container .select2-selection--single{box-sizing:border-box;cursor:pointer;display:block;height:28px;user-select:none;-webkit-user
2024-04-25 18:32:47 UTC	1369	IN	Data Raw: 65 72 66 6c 6f 77 3a 65 6c 6c 69 70 73 69 73 3b 77 68 69 74 65 2d 73 70 61 63 65 3a 6e 6f 77 72 61 70 7d 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 73 65 6c 65 63 74 32 2d 73 65 6c 65 63 74 69 6f 6e 2d 2d 73 69 6e 67 6c 65 20 2e 73 65 6c 65 63 74 32 2d 73 65 6c 65 63 74 69 6f 6e 5f 5f 63 6c 65 61 72 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 5b 64 69 72 3d 22 72 74 6c 22 5d 20 2e 73 65 6c 65 63 74 32 2d 73 65 6c 65 63 74 69 6f 6e 2d 2d 73 69 6e 67 6c 65 20 2e 73 65 6c 65 63 74 32 2d 73 65 6c 65 63 74 69 6f 6e 5f 5f 72 65 6e 64 65 72 65 64 7b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 38 70 78 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 32 30 70 78 7d 2e 73 65 6c 65 63 74 32 Data Ascii: erflow:ellipsis;white-space:nowrap}.select2-container .select2-selection--single .select2-selection__clear{position:relative}.select2-container[dir="rtl"] .select2-selection--single .select2-selection__rendered{padding-right:8px;padding-left:20px}.select2
2024-04-25 18:32:47 UTC	1369	IN	Data Raw: 6c 65 63 74 32 2d 64 72 6f 70 64 6f 77 6e 2d 2d 61 62 6f 76 65 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 6e 6f 6e 65 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 30 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 30 7d 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 2d 2d 6f 70 65 6e 20 2e 73 65 6c 65 63 74 32 2d 64 72 6f 70 64 6f 77 6e 2d 2d 62 65 6c 6f 77 7b 62 6f 72 64 65 72 2d 74 6f 70 3a 6e 6f 6e 65 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 30 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 30 7d 2e 73 65 6c 65 63 74 32 2d 73 65 61 72 63 68 2d 2d 64 72 6f 70 64 6f 77 6e 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b Data Ascii: lect2-dropdown--above{border-bottom:none;border-bottom-left-radius:0;border-bottom-right-radius:0}.select2-container--open .select2-dropdown--below{border-top:none;border-top-left-radius:0;border-top-right-radius:0}.select2-search--dropdown{display:block;
2024-04-25 18:32:47 UTC	1369	IN	Data Raw: 74 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 7d 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 2d 2d 64 65 66 61 75 6c 74 20 2e 73 65 6c 65 63 74 32 2d 73 65 6c 65 63 74 69 6f 6e 2d 2d 73 69 6e 67 6c 65 20 2e 73 65 6c 65 63 74 32 2d 73 65 6c 65 63 74 69 6f 6e 5f 5f 70 6c 61 63 65 68 6f 6c 64 65 72 7b 63 6f 6c 6f 72 3a 23 39 39 39 7d 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 2d 2d 64 65 66 61 75 6c 74 20 2e 73 65 6c 65 63 74 32 2d 73 65 6c 65 63 74 69 6f 6e 2d 2d 73 69 6e 67 6c 65 20 2e 73 65 6c 65 63 74 32 2d 73 65 6c 65 63 74 69 6f 6e 5f 5f 61 72 72 6f 77 7b 68 65 69 67 68 74 3a 32 36 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 31 70 78 3b 72 69 67 68 74 3a 31 70 78 3b 77 69 64 74 68 3a 32 30 70 Data Ascii: t;font-weight:bold}.select2-container--default .select2-selection--single .select2-selection__placeholder{color:#999}.select2-container--default .select2-selection--single .select2-selection__arrow{height:26px;position:absolute;top:1px;right:1px;width:20p
2024-04-25 18:32:47 UTC	1369	IN	Data Raw: 65 6c 65 63 74 69 6f 6e 5f 5f 72 65 6e 64 65 72 65 64 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 6c 69 73 74 2d 73 74 79 6c 65 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 20 35 70 78 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 2d 2d 64 65 66 61 75 6c 74 20 2e 73 65 6c 65 63 74 32 2d 73 65 6c 65 63 74 69 6f 6e 2d 2d 6d 75 6c 74 69 70 6c 65 20 2e 73 65 6c 65 63 74 32 2d 73 65 6c 65 63 74 69 6f 6e 5f 5f 72 65 6e 64 65 72 65 64 20 6c 69 7b 6c 69 73 74 2d 73 74 79 6c 65 3a 6e 6f 6e 65 7d 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 2d 2d 64 65 66 61 75 6c 74 20 2e 73 65 6c 65 63 74 32 2d 73 65 6c 65 63 74 69 6f 6e 2d 2d 6d 75 6c 74 69 70 6c 65 20 2e 73 Data Ascii: election__rendered{box-sizing:border-box;list-style:none;margin:0;padding:0 5px;width:100%}.select2-container--default .select2-selection--multiple .select2-selection__rendered li{list-style:none}.select2-container--default .select2-selection--multiple .s
2024-04-25 18:32:47 UTC	1369	IN	Data Raw: 74 32 2d 63 6f 6e 74 61 69 6e 65 72 2d 2d 66 6f 63 75 73 20 2e 73 65 6c 65 63 74 32 2d 73 65 6c 65 63 74 69 6f 6e 2d 2d 6d 75 6c 74 69 70 6c 65 7b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 62 6c 61 63 6b 20 31 70 78 3b 6f 75 74 6c 69 6e 65 3a 30 7d 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 2d 2d 64 65 66 61 75 6c 74 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 2d 2d 64 69 73 61 62 6c 65 64 20 2e 73 65 6c 65 63 74 32 2d 73 65 6c 65 63 74 69 6f 6e 2d 2d 6d 75 6c 74 69 70 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 65 65 65 3b 63 75 72 73 6f 72 3a 64 65 66 61 75 6c 74 7d 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 2d 2d 64 65 66 61 75 6c 74 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 2d 2d 64 69 73 61 Data Ascii: t2-container--focus .select2-selection--multiple{border:solid black 1px;outline:0}.select2-container--default.select2-container--disabled .select2-selection--multiple{background-color:#eee;cursor:default}.select2-container--default.select2-container--disa
2024-04-25 18:32:47 UTC	1369	IN	Data Raw: 74 32 2d 63 6f 6e 74 61 69 6e 65 72 2d 2d 64 65 66 61 75 6c 74 20 2e 73 65 6c 65 63 74 32 2d 72 65 73 75 6c 74 73 5f 5f 6f 70 74 69 6f 6e 5b 61 72 69 61 2d 73 65 6c 65 63 74 65 64 3d 74 72 75 65 5d 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 64 64 64 7d 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 2d 2d 64 65 66 61 75 6c 74 20 2e 73 65 6c 65 63 74 32 2d 72 65 73 75 6c 74 73 5f 5f 6f 70 74 69 6f 6e 20 2e 73 65 6c 65 63 74 32 2d 72 65 73 75 6c 74 73 5f 5f 6f 70 74 69 6f 6e 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 65 6d 7d 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 2d 2d 64 65 66 61 75 6c 74 20 2e 73 65 6c 65 63 74 32 2d 72 65 73 75 6c 74 73 5f 5f 6f 70 74 69 6f 6e 20 2e 73 65 6c 65 63 74 32 2d 72 65 73 75 6c 74 73 5f 5f Data Ascii: t2-container--default .select2-results__option[aria-selected=true]{background-color:#ddd}.select2-container--default .select2-results__option .select2-results__option{padding-left:1em}.select2-container--default .select2-results__option .select2-results__
2024-04-25 18:32:47 UTC	1369	IN	Data Raw: 6e 65 72 2d 2d 64 65 66 61 75 6c 74 20 2e 73 65 6c 65 63 74 32 2d 72 65 73 75 6c 74 73 5f 5f 67 72 6f 75 70 7b 63 75 72 73 6f 72 3a 64 65 66 61 75 6c 74 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 70 61 64 64 69 6e 67 3a 36 70 78 7d 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 2d 2d 63 6c 61 73 73 69 63 20 2e 73 65 6c 65 63 74 32 2d 73 65 6c 65 63 74 69 6f 6e 2d 2d 73 69 6e 67 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 37 66 37 66 37 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 61 61 61 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 3b 6f 75 74 6c 69 6e 65 3a 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 77 65 62 6b 69 74 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 20 23 Data Ascii: ner--default .select2-results__group{cursor:default;display:block;padding:6px}.select2-container--classic .select2-selection--single{background-color:#f7f7f7;border:1px solid #aaa;border-radius:4px;outline:0;background-image:-webkit-linear-gradient(top, #
2024-04-25 18:32:47 UTC	1369	IN	Data Raw: 31 30 30 25 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 20 62 6f 74 74 6f 6d 2c 20 23 65 65 65 20 35 30 25 2c 20 23 63 63 63 20 31 30 30 25 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 72 65 70 65 61 74 2d 78 3b 66 69 6c 74 65 72 3a 70 72 6f 67 69 64 3a 44 58 49 6d 61 67 65 54 72 61 6e 73 66 6f 72 6d 2e 4d 69 63 72 6f 73 6f 66 74 2e 67 72 61 64 69 65 6e 74 28 73 74 61 72 74 43 6f 6c 6f 72 73 74 72 3d 27 23 46 46 45 45 45 45 45 45 27 2c 20 65 6e 64 43 6f 6c 6f 72 73 74 72 3d 27 23 46 46 43 43 43 43 43 43 27 2c 20 47 72 61 64 69 65 6e 74 54 79 70 65 3d 30 29 7d 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 2d 2d 63 6c 61 73 73 69 63 20 2e 73 65 6c 65 63 74 32 2d 73 65 Data Ascii: 100%);background-image:linear-gradient(to bottom, #eee 50%, #ccc 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#FFEEEEEE', endColorstr='#FFCCCCCC', GradientType=0)}.select2-container--classic .select2-se
2024-04-25 18:32:47 UTC	1369	IN	Data Raw: 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 30 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 77 65 62 6b 69 74 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 20 23 66 66 66 20 30 25 2c 20 23 65 65 65 20 35 30 25 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 6f 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 20 23 66 66 66 20 30 25 2c 20 23 65 65 65 20 35 30 25 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 20 62 6f 74 74 6f 6d 2c 20 23 66 66 66 20 30 25 2c 20 23 65 65 65 20 35 30 25 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 72 65 70 Data Ascii: r-top-left-radius:0;border-top-right-radius:0;background-image:-webkit-linear-gradient(top, #fff 0%, #eee 50%);background-image:-o-linear-gradient(top, #fff 0%, #eee 50%);background-image:linear-gradient(to bottom, #fff 0%, #eee 50%);background-repeat:rep

Timestamp	Bytes transferred	Direction	Data
2024-04-25 18:32:46 UTC	526	OUT	GET /ajax/libs/select2/4.0.12/js/select2.min.js HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-25 18:32:47 UTC	966	IN	HTTP/1.1 200 OK Date: Thu, 25 Apr 2024 18:32:47 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: W/"5eb03fcb-112d5" Last-Modified: Mon, 04 May 2020 16:16:11 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: HIT Age: 56918 Expires: Tue, 15 Apr 2025 18:32:47 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oGmiyccIZLGDmHbcgn1gZY7Tw%2FVSxvV%2BjNQQfplZZVyYV9Z6mMRUNR4p%2F0Hs8DB1ear80Epp0FycZ8lHB%2BQ%2FliBwpYF0w620Z07Q68wi%2BvcM8xOWXZMcQWcVJG8eOSSQr25MKB%2Bq"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 87a06aee486b137d-ATL alt-svc: h3=":443"; ma=86400
2024-04-25 18:32:47 UTC	403	IN	Data Raw: 37 62 65 39 0d 0a 2f 2a 21 20 53 65 6c 65 63 74 32 20 34 2e 30 2e 31 32 20 7c 20 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 73 65 6c 65 63 74 32 2f 73 65 6c 65 63 74 32 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 2e 6d 64 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 5b 22 6a 71 75 65 72 79 22 5d 2c 6e 29 3a 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 76 6f 69 64 20 30 3d 3d 3d 74 26 26 28 74 3d 22 75 6e 64 Data Ascii: 7be9/! Select2 4.0.12 \| https://github.com/select2/select2/blob/master/LICENSE.md /!function(n){"function"==typeof define&&define.amd?define(["jquery"],n):"object"==typeof module&&module.exports?module.exports=function(e,t){return void 0===t&&(t="und
2024-04-25 18:32:47 UTC	1369	IN	Data Raw: 32 2e 61 6d 64 29 76 61 72 20 65 3d 75 2e 66 6e 2e 73 65 6c 65 63 74 32 2e 61 6d 64 3b 76 61 72 20 74 2c 6e 2c 72 2c 68 2c 6f 2c 73 2c 66 2c 67 2c 6d 2c 76 2c 79 2c 5f 2c 69 2c 61 2c 77 3b 66 75 6e 63 74 69 6f 6e 20 62 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 69 2e 63 61 6c 6c 28 65 2c 74 29 7d 66 75 6e 63 74 69 6f 6e 20 6c 28 65 2c 74 29 7b 76 61 72 20 6e 2c 72 2c 69 2c 6f 2c 73 2c 61 2c 6c 2c 63 2c 75 2c 64 2c 70 2c 68 3d 74 26 26 74 2e 73 70 6c 69 74 28 22 2f 22 29 2c 66 3d 79 2e 6d 61 70 2c 67 3d 66 26 26 66 5b 22 2a 22 5d 7c 7c 7b 7d 3b 69 66 28 65 29 7b 66 6f 72 28 73 3d 28 65 3d 65 2e 73 70 6c 69 74 28 22 2f 22 29 29 2e 6c 65 6e 67 74 68 2d 31 2c 79 2e 6e 6f 64 65 49 64 43 6f 6d 70 61 74 26 26 77 2e 74 65 73 74 28 65 5b 73 5d 29 26 26 28 65 5b 73 5d Data Ascii: 2.amd)var e=u.fn.select2.amd;var t,n,r,h,o,s,f,g,m,v,y,_,i,a,w;function b(e,t){return i.call(e,t)}function l(e,t){var n,r,i,o,s,a,l,c,u,d,p,h=t&&t.split("/"),f=y.map,g=f&&f["*"]\|\|{};if(e){for(s=(e=e.split("/")).length-1,y.nodeIdCompat&&w.test(e[s])&&(e[s]
2024-04-25 18:32:47 UTC	1369	IN	Data Raw: 31 5d 3b 72 65 74 75 72 6e 20 65 3d 72 5b 31 5d 2c 69 26 26 28 6e 3d 44 28 69 3d 6c 28 69 2c 6f 29 29 29 2c 69 3f 65 3d 6e 26 26 6e 2e 6e 6f 72 6d 61 6c 69 7a 65 3f 6e 2e 6e 6f 72 6d 61 6c 69 7a 65 28 65 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6c 28 65 2c 74 29 7d 7d 28 6f 29 29 3a 6c 28 65 2c 6f 29 3a 28 69 3d 28 72 3d 63 28 65 3d 6c 28 65 2c 6f 29 29 29 5b 30 5d 2c 65 3d 72 5b 31 5d 2c 69 26 26 28 6e 3d 44 28 69 29 29 29 2c 7b 66 3a 69 3f 69 2b 22 21 22 2b 65 3a 65 2c 6e 3a 65 2c 70 72 3a 69 2c 70 3a 6e 7d 7d 2c 67 3d 7b 72 65 71 75 69 72 65 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 41 28 65 29 7d 2c 65 78 70 6f 72 74 73 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b Data Ascii: 1];return e=r[1],i&&(n=D(i=l(i,o))),i?e=n&&n.normalize?n.normalize(e,function(t){return function(e){return l(e,t)}}(o)):l(e,o):(i=(r=c(e=l(e,o)))[0],e=r[1],i&&(n=D(i))),{f:i?i+"!"+e:e,n:e,pr:i,p:n}},g={require:function(e){return A(e)},exports:function(e){
2024-04-25 18:32:47 UTC	1369	IN	Data Raw: 77 20 45 72 72 6f 72 28 22 53 65 65 20 61 6c 6d 6f 6e 64 20 52 45 41 44 4d 45 3a 20 69 6e 63 6f 72 72 65 63 74 20 6d 6f 64 75 6c 65 20 62 75 69 6c 64 2c 20 6e 6f 20 6d 6f 64 75 6c 65 20 6e 61 6d 65 22 29 3b 74 2e 73 70 6c 69 63 65 7c 7c 28 6e 3d 74 2c 74 3d 5b 5d 29 2c 62 28 6d 2c 65 29 7c 7c 62 28 76 2c 65 29 7c 7c 28 76 5b 65 5d 3d 5b 65 2c 74 2c 6e 5d 29 7d 29 2e 61 6d 64 3d 7b 6a 51 75 65 72 79 3a 21 30 7d 2c 65 2e 72 65 71 75 69 72 65 6a 73 3d 74 2c 65 2e 72 65 71 75 69 72 65 3d 6e 2c 65 2e 64 65 66 69 6e 65 3d 72 29 2c 65 2e 64 65 66 69 6e 65 28 22 61 6c 6d 6f 6e 64 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 29 2c 65 2e 64 65 66 69 6e 65 28 22 6a 71 75 65 72 79 22 2c 5b 5d 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 75 7c 7c 24 3b 72 65 74 Data Ascii: w Error("See almond README: incorrect module build, no module name");t.splice\|\|(n=t,t=[]),b(m,e)\|\|b(v,e)\|\|(v[e]=[e,t,n])}).amd={jQuery:!0},e.requirejs=t,e.require=n,e.define=r),e.define("almond",function(){}),e.define("jquery",[],function(){var e=u\|\|$;ret
2024-04-25 18:32:47 UTC	1369	IN	Data Raw: 65 6e 74 73 2c 74 29 2c 6e 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 7d 7d 66 6f 72 28 76 61 72 20 6c 3d 30 3b 6c 3c 65 2e 6c 65 6e 67 74 68 3b 6c 2b 2b 29 7b 76 61 72 20 63 3d 65 5b 6c 5d 3b 6f 2e 70 72 6f 74 6f 74 79 70 65 5b 63 5d 3d 61 28 63 29 7d 72 65 74 75 72 6e 20 6f 7d 3b 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 74 68 69 73 2e 6c 69 73 74 65 6e 65 72 73 3d 7b 7d 7d 65 2e 70 72 6f 74 6f 74 79 70 65 2e 6f 6e 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 74 68 69 73 2e 6c 69 73 74 65 6e 65 72 73 3d 74 68 69 73 2e 6c 69 73 74 65 6e 65 72 73 7c 7c 7b 7d 2c 65 20 69 6e 20 74 68 69 73 2e 6c 69 73 74 65 6e 65 72 73 3f 74 68 69 73 2e 6c 69 73 74 65 6e 65 72 73 5b 65 5d 2e 70 75 73 68 28 74 29 3a 74 68 69 73 2e 6c 69 73 74 65 6e 65 72 Data Ascii: ents,t),n.apply(this,arguments)}}for(var l=0;l<e.length;l++){var c=e[l];o.prototype[c]=a(c)}return o};function e(){this.listeners={}}e.prototype.on=function(e,t){this.listeners=this.listeners\|\|{},e in this.listeners?this.listeners[e].push(t):this.listener
2024-04-25 18:32:47 UTC	1369	IN	Data Raw: 22 2c 22 3e 22 3a 22 26 67 74 3b 22 2c 27 22 27 3a 22 26 71 75 6f 74 3b 22 2c 22 27 22 3a 22 26 23 33 39 3b 22 2c 22 2f 22 3a 22 26 23 34 37 3b 22 7d 3b 72 65 74 75 72 6e 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 65 3f 65 3a 53 74 72 69 6e 67 28 65 29 2e 72 65 70 6c 61 63 65 28 2f 5b 26 3c 3e 22 27 5c 2f 5c 5c 5d 2f 67 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 5b 65 5d 7d 29 7d 2c 69 2e 61 70 70 65 6e 64 4d 61 6e 79 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 66 28 22 31 2e 37 22 3d 3d 3d 6f 2e 66 6e 2e 6a 71 75 65 72 79 2e 73 75 62 73 74 72 28 30 2c 33 29 29 7b 76 61 72 20 6e 3d 6f 28 29 3b 6f 2e 6d 61 70 28 74 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 6e 3d 6e 2e 61 64 64 28 65 29 7d 29 2c 74 3d 6e 7d 65 2e 61 70 70 65 6e Data Ascii: ",">":">",'"':""","'":"'","/":"/"};return"string"!=typeof e?e:String(e).replace(/[&<>"'\/\\]/g,function(e){return t[e]})},i.appendMany=function(e,t){if("1.7"===o.fn.jquery.substr(0,3)){var n=o();o.map(t,function(e){n=n.add(e)}),t=n}e.appen
2024-04-25 18:32:47 UTC	1369	IN	Data Raw: 74 28 22 65 73 63 61 70 65 4d 61 72 6b 75 70 22 29 3b 74 68 69 73 2e 63 6c 65 61 72 28 29 2c 74 68 69 73 2e 68 69 64 65 4c 6f 61 64 69 6e 67 28 29 3b 76 61 72 20 6e 3d 68 28 27 3c 6c 69 20 72 6f 6c 65 3d 22 61 6c 65 72 74 22 20 61 72 69 61 2d 6c 69 76 65 3d 22 61 73 73 65 72 74 69 76 65 22 20 63 6c 61 73 73 3d 22 73 65 6c 65 63 74 32 2d 72 65 73 75 6c 74 73 5f 5f 6f 70 74 69 6f 6e 22 3e 3c 2f 6c 69 3e 27 29 2c 72 3d 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 67 65 74 28 22 74 72 61 6e 73 6c 61 74 69 6f 6e 73 22 29 2e 67 65 74 28 65 2e 6d 65 73 73 61 67 65 29 3b 6e 2e 61 70 70 65 6e 64 28 74 28 72 28 65 2e 61 72 67 73 29 29 29 2c 6e 5b 30 5d 2e 63 6c 61 73 73 4e 61 6d 65 2b 3d 22 20 73 65 6c 65 63 74 32 2d 72 65 73 75 6c 74 73 5f 5f 6d 65 73 73 61 67 65 22 2c Data Ascii: t("escapeMarkup");this.clear(),this.hideLoading();var n=h('<li role="alert" aria-live="assertive" class="select2-results__option"></li>'),r=this.options.get("translations").get(e.message);n.append(t(r(e.args))),n[0].className+=" select2-results__message",
2024-04-25 18:32:47 UTC	1369	IN	Data Raw: 65 6c 65 6d 65 6e 74 2e 73 65 6c 65 63 74 65 64 7c 7c 6e 75 6c 6c 3d 3d 74 2e 65 6c 65 6d 65 6e 74 26 26 2d 31 3c 68 2e 69 6e 41 72 72 61 79 28 6e 2c 72 29 3f 65 2e 61 74 74 72 28 22 61 72 69 61 2d 73 65 6c 65 63 74 65 64 22 2c 22 74 72 75 65 22 29 3a 65 2e 61 74 74 72 28 22 61 72 69 61 2d 73 65 6c 65 63 74 65 64 22 2c 22 66 61 6c 73 65 22 29 7d 29 7d 29 7d 2c 72 2e 70 72 6f 74 6f 74 79 70 65 2e 73 68 6f 77 4c 6f 61 64 69 6e 67 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 74 68 69 73 2e 68 69 64 65 4c 6f 61 64 69 6e 67 28 29 3b 76 61 72 20 74 3d 7b 64 69 73 61 62 6c 65 64 3a 21 30 2c 6c 6f 61 64 69 6e 67 3a 21 30 2c 74 65 78 74 3a 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 67 65 74 28 22 74 72 61 6e 73 6c 61 74 69 6f 6e 73 22 29 2e 67 65 74 28 22 73 65 61 72 63 68 Data Ascii: element.selected\|\|null==t.element&&-1<h.inArray(n,r)?e.attr("aria-selected","true"):e.attr("aria-selected","false")})})},r.prototype.showLoading=function(e){this.hideLoading();var t={disabled:!0,loading:!0,text:this.options.get("translations").get("search
2024-04-25 18:32:47 UTC	1369	IN	Data Raw: 28 6c 29 2c 73 2e 61 70 70 65 6e 64 28 61 29 2c 73 2e 61 70 70 65 6e 64 28 70 29 7d 65 6c 73 65 20 74 68 69 73 2e 74 65 6d 70 6c 61 74 65 28 65 2c 74 29 3b 72 65 74 75 72 6e 20 66 2e 53 74 6f 72 65 44 61 74 61 28 74 2c 22 64 61 74 61 22 2c 65 29 2c 74 7d 2c 72 2e 70 72 6f 74 6f 74 79 70 65 2e 62 69 6e 64 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 76 61 72 20 6c 3d 74 68 69 73 2c 6e 3d 74 2e 69 64 2b 22 2d 72 65 73 75 6c 74 73 22 3b 74 68 69 73 2e 24 72 65 73 75 6c 74 73 2e 61 74 74 72 28 22 69 64 22 2c 6e 29 2c 74 2e 6f 6e 28 22 72 65 73 75 6c 74 73 3a 61 6c 6c 22 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 6c 2e 63 6c 65 61 72 28 29 2c 6c 2e 61 70 70 65 6e 64 28 65 2e 64 61 74 61 29 2c 74 2e 69 73 4f 70 65 6e 28 29 26 26 28 6c 2e 73 65 74 43 6c 61 73 73 65 Data Ascii: (l),s.append(a),s.append(p)}else this.template(e,t);return f.StoreData(t,"data",e),t},r.prototype.bind=function(t,e){var l=this,n=t.id+"-results";this.$results.attr("id",n),t.on("results:all",function(e){l.clear(),l.append(e.data),t.isOpen()&&(l.setClasse
2024-04-25 18:32:47 UTC	1369	IN	Data Raw: 65 29 3b 69 66 28 21 28 6e 3c 3d 30 29 29 7b 76 61 72 20 72 3d 6e 2d 31 3b 30 3d 3d 3d 65 2e 6c 65 6e 67 74 68 26 26 28 72 3d 30 29 3b 76 61 72 20 69 3d 74 2e 65 71 28 72 29 3b 69 2e 74 72 69 67 67 65 72 28 22 6d 6f 75 73 65 65 6e 74 65 72 22 29 3b 76 61 72 20 6f 3d 6c 2e 24 72 65 73 75 6c 74 73 2e 6f 66 66 73 65 74 28 29 2e 74 6f 70 2c 73 3d 69 2e 6f 66 66 73 65 74 28 29 2e 74 6f 70 2c 61 3d 6c 2e 24 72 65 73 75 6c 74 73 2e 73 63 72 6f 6c 6c 54 6f 70 28 29 2b 28 73 2d 6f 29 3b 30 3d 3d 3d 72 3f 6c 2e 24 72 65 73 75 6c 74 73 2e 73 63 72 6f 6c 6c 54 6f 70 28 30 29 3a 73 2d 6f 3c 30 26 26 6c 2e 24 72 65 73 75 6c 74 73 2e 73 63 72 6f 6c 6c 54 6f 70 28 61 29 7d 7d 29 2c 74 2e 6f 6e 28 22 72 65 73 75 6c 74 73 3a 6e 65 78 74 22 2c 66 75 6e 63 74 69 6f 6e 28 29 Data Ascii: e);if(!(n<=0)){var r=n-1;0===e.length&&(r=0);var i=t.eq(r);i.trigger("mouseenter");var o=l.$results.offset().top,s=i.offset().top,a=l.$results.scrollTop()+(s-o);0===r?l.$results.scrollTop(0):s-o<0&&l.$results.scrollTop(a)}}),t.on("results:next",function()

Timestamp	Bytes transferred	Direction	Data
2024-04-25 18:32:46 UTC	506	OUT	GET /postx.css HTTP/1.1 Host: static.cres-aws.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-25 18:32:47 UTC	523	IN	HTTP/1.1 200 OK Content-Type: text/css Content-Length: 125526 Connection: close Date: Thu, 25 Apr 2024 18:32:48 GMT Last-Modified: Fri, 06 Oct 2023 15:16:52 GMT ETag: "1444470212c91839f71d8f970716c08e" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding X-Cache: Miss from cloudfront Via: 1.1 414783beeaeb2ca5f172ef001c407572.cloudfront.net (CloudFront) X-Amz-Cf-Pop: ATL58-P9 X-Amz-Cf-Id: yJihP5INdF5zdNKl0qFNuAMmjWhrGy7-fOmfWKM6BG9t2g-pGduofQ== Vary: Origin
2024-04-25 18:32:47 UTC	6396	IN	Data Raw: 0a 2f 2a 20 49 6e 74 65 72 20 46 6f 6e 74 20 4c 69 62 72 61 72 79 20 2a 2f 0a 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 49 6e 74 65 72 22 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 31 30 30 3b 0a 20 20 20 20 73 72 63 3a 20 75 72 6c 28 22 2e 2f 66 6f 6e 74 73 2f 49 6e 74 65 72 2f 49 6e 74 65 72 2d 54 68 69 6e 2e 74 74 66 22 29 20 66 6f 72 6d 61 74 28 22 74 72 75 65 74 79 70 65 22 29 3b 0a 20 20 7d 0a 20 20 0a 20 20 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 49 6e 74 65 72 22 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 32 30 30 3b 0a 20 20 20 20 73 72 63 3a 20 75 72 6c 28 22 2e 2f 66 6f 6e 74 73 2f 49 6e 74 65 72 2f 49 6e 74 65 Data Ascii: /* Inter Font Library */@font-face { font-family: "Inter"; font-weight: 100; src: url("./fonts/Inter/Inter-Thin.ttf") format("truetype"); } @font-face { font-family: "Inter"; font-weight: 200; src: url("./fonts/Inter/Inte
2024-04-25 18:32:47 UTC	2099	IN	Data Raw: 64 43 68 65 63 6b 62 6f 78 3a 66 6f 63 75 73 20 7b 0a 20 20 62 6f 78 2d 73 68 61 64 6f 77 3a 20 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 7d 0a 0a 2e 6d 64 73 2d 69 6e 70 75 74 20 7b 0a 20 20 70 61 64 64 69 6e 67 3a 20 37 70 78 20 31 32 70 78 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 20 20 67 61 70 3a 20 32 30 70 78 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 20 20 62 6f 72 64 65 72 3a 20 32 70 78 20 73 6f 6c 69 64 20 23 38 38 39 30 39 39 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 36 70 78 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 49 6e 74 65 72 22 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 20 21 69 6d 70 6f 72 74 61 6e Data Ascii: dCheckbox:focus { box-shadow: none !important;}.mds-input { padding: 7px 12px !important; gap: 20px !important; border: 2px solid #889099 !important; border-radius: 6px !important; font-family: "Inter" !important; color: #000000 !importan
2024-04-25 18:32:47 UTC	16384	IN	Data Raw: 65 69 67 68 74 20 73 61 6d 65 20 61 73 20 6c 6f 67 20 6d 61 78 20 68 65 69 67 68 74 20 2a 2f 0a 7d 0a 0a 2e 68 6f 72 42 61 72 20 7b 0a 20 20 63 6c 65 61 72 3a 20 62 6f 74 68 3b 0a 20 20 2f 2a 0a 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 2d 31 70 78 3b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2f 77 65 62 73 61 66 65 2f 69 6d 61 67 65 73 2f 73 6b 69 6e 73 2f 6d 65 6e 75 5f 62 61 63 6b 2e 67 69 66 29 3b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 20 72 65 70 65 61 74 2d 78 3b 0a 20 20 20 20 2a 2f 0a 7d 0a 0a 23 77 65 6c 63 6f 6d 65 43 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 74 Data Ascii: eight same as log max height /}.horBar { clear: both; / margin-bottom: -1px; background-image: url(/websafe/images/skins/menu_back.gif); background-repeat: repeat-x; */}#welcomeContainer { float: right; font-size: 14px; t
2024-04-25 18:32:47 UTC	16384	IN	Data Raw: 6e 65 72 69 63 4e 6f 74 65 48 65 61 64 69 6e 67 20 62 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 49 6e 74 65 72 22 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 36 70 78 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 32 70 78 3b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 36 35 36 63 37 35 3b 0a 7d 0a 23 77 69 64 65 57 69 64 74 68 43 6f 6e 74 72 6f 6c 20 7b 0a 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 6d 61 72 67 69 6e 3a 20 30 70 78 20 61 75 74 6f 3b 0a 20 20 64 69 73 70 6c 61 79 3a 20 74 61 62 6c 65 2d 63 65 6c 6c 3b 0a 7d 0a 2e 6d 64 73 2d Data Ascii: nericNoteHeading b { font-family: "Inter"; font-style: normal; font-weight: bold; font-size: 16px; line-height: 22px; text-align: center; color: #656c75;}#wideWidthControl { width: 100%; margin: 0px auto; display: table-cell;}.mds-
2024-04-25 18:32:47 UTC	12232	IN	Data Raw: 72 74 61 6e 74 3b 0a 20 20 20 20 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 70 78 20 32 70 78 20 35 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 30 35 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 20 20 7d 0a 0a 20 20 23 6e 61 76 42 61 72 43 6f 6e 74 65 6e 74 2e 73 68 6f 77 4e 61 76 42 61 72 57 69 74 68 50 41 20 7b 0a 20 20 20 20 68 65 69 67 68 74 3a 20 32 30 33 70 78 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 30 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 6e 61 76 42 61 72 43 6c 6f 73 65 72 20 7b 0a 20 20 20 20 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 31 25 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 38 70 78 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e Data Ascii: rtant; box-shadow: 0px 2px 5px rgba(0, 0, 0, 0.05) !important; } #navBarContent.showNavBarWithPA { height: 203px; margin-bottom: 10px; } #navBarCloser { float: right; margin-right: 1%; font-size: 18px; text-decoration
2024-04-25 18:32:47 UTC	16384	IN	Data Raw: 3a 20 23 30 30 33 33 36 36 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 32 70 78 3b 0a 7d 0a 73 65 6c 65 63 74 2c 0a 69 6e 70 75 74 20 7b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 2e 74 6f 54 69 74 6c 65 2c 0a 2e 63 63 54 69 74 6c 65 2c 0a 2e 62 63 63 54 69 74 6c 65 2c 0a 2e 73 75 62 6a 65 63 74 54 69 74 6c 65 2c 0a 2e 65 6d 61 69 6c 54 69 74 6c 65 2c 0a 2e 63 75 73 74 6f 6d 54 69 74 6c 65 2c 0a 2e 66 72 6f 6d 54 69 74 6c 65 2c 0a 2e 64 61 74 65 54 69 74 6c 65 2c 0a 2e 75 73 65 72 69 64 54 69 74 6c 65 2c 0a 2e Data Ascii: : #003366; line-height: 12px;}select,input { font-size: 12px; font-family: Verdana, Arial, Helvetica, sans-serif; color: #000000;}.toTitle,.ccTitle,.bccTitle,.subjectTitle,.emailTitle,.customTitle,.fromTitle,.dateTitle,.useridTitle,.
2024-04-25 18:32:47 UTC	1024	IN	Data Raw: 3a 20 76 61 72 28 2d 2d 73 69 7a 65 2d 6e 6f 6e 65 29 3b 0a 20 20 2d 2d 73 68 61 64 6f 77 2d 61 64 6d 69 6e 2d 63 6f 6e 74 61 69 6e 3a 20 76 61 72 28 2d 2d 73 68 61 64 6f 77 2d 73 75 62 74 6c 65 29 3b 0a 20 20 2d 2d 68 65 69 67 68 74 2d 73 6b 65 6c 65 74 6f 6e 2d 6c 67 3a 20 76 61 72 28 2d 2d 73 69 7a 65 2d 78 6c 29 3b 0a 20 20 2d 2d 68 65 69 67 68 74 2d 73 6b 65 6c 65 74 6f 6e 2d 6d 64 3a 20 76 61 72 28 2d 2d 73 69 7a 65 2d 6c 67 29 3b 0a 20 20 2d 2d 68 65 69 67 68 74 2d 73 6b 65 6c 65 74 6f 6e 2d 73 6d 3a 20 76 61 72 28 2d 2d 73 69 7a 65 2d 6d 64 29 3b 0a 20 20 2d 2d 63 6f 6c 6f 72 2d 74 65 78 74 2d 73 74 72 6f 6e 67 3a 20 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 6e 65 75 74 72 61 6c 2d 31 36 29 3b 0a 20 20 2d 2d 63 6f 6c 6f 72 2d 74 65 78 74 2d 6d 65 64 69 Data Ascii: : var(--size-none); --shadow-admin-contain: var(--shadow-subtle); --height-skeleton-lg: var(--size-xl); --height-skeleton-md: var(--size-lg); --height-skeleton-sm: var(--size-md); --color-text-strong: var(--color-neutral-16); --color-text-medi
2024-04-25 18:32:47 UTC	16384	IN	Data Raw: 6b 67 72 6f 75 6e 64 2d 6d 65 64 69 75 6d 2d 64 69 73 61 62 6c 65 64 3a 20 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 77 68 69 74 65 29 3b 0a 20 20 2d 2d 63 6f 6c 6f 72 2d 69 6e 74 65 72 61 63 74 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 6d 65 64 69 75 6d 2d 68 6f 76 65 72 3a 20 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 62 6c 75 65 2d 32 29 3b 0a 20 20 2d 2d 63 6f 6c 6f 72 2d 69 6e 74 65 72 61 63 74 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 6d 65 64 69 75 6d 3a 20 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 6e 65 75 74 72 61 6c 2d 31 29 3b 0a 20 20 2d 2d 63 6f 6c 6f 72 2d 69 6e 74 65 72 61 63 74 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 6c 69 67 68 74 2d 68 6f 76 65 72 3a 20 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 62 6c 75 65 2d 32 29 3b 0a 20 20 2d 2d 63 6f 6c 6f 72 2d 69 6e 74 65 72 61 63 74 2d Data Ascii: kground-medium-disabled: var(--color-white); --color-interact-background-medium-hover: var(--color-blue-2); --color-interact-background-medium: var(--color-neutral-1); --color-interact-background-light-hover: var(--color-blue-2); --color-interact-
2024-04-25 18:32:47 UTC	16384	IN	Data Raw: 72 3a 20 76 61 72 28 0a 20 20 20 20 2d 2d 63 6f 6c 6f 72 2d 61 64 6d 69 6e 2d 69 6e 74 65 72 61 63 74 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 6c 69 67 68 74 2d 68 6f 76 65 72 0a 20 20 29 3b 0a 20 20 2d 2d 6d 64 73 2d 62 75 74 74 6f 6e 2d 63 6f 6c 6f 72 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 64 69 73 61 62 6c 65 64 3a 20 76 61 72 28 0a 20 20 20 20 2d 2d 63 6f 6c 6f 72 2d 61 64 6d 69 6e 2d 69 6e 74 65 72 61 63 74 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 6c 69 67 68 74 0a 20 20 29 3b 0a 20 20 2d 2d 6d 64 73 2d 62 75 74 74 6f 6e 2d 63 6f 6c 6f 72 2d 74 65 78 74 3a 20 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 61 64 6d 69 6e 2d 69 6e 74 65 72 61 63 74 2d 74 65 78 74 2d 6d 65 64 69 75 6d 29 3b 0a 20 20 2d 2d 6d 64 73 2d 62 75 74 74 6f 6e 2d 63 6f 6c 6f 72 2d 74 65 78 74 2d 68 6f Data Ascii: r: var( --color-admin-interact-background-light-hover ); --mds-button-color-background-disabled: var( --color-admin-interact-background-light ); --mds-button-color-text: var(--color-admin-interact-text-medium); --mds-button-color-text-ho
2024-04-25 18:32:47 UTC	16384	IN	Data Raw: 20 63 69 72 63 6c 65 20 7b 0a 20 20 63 78 3a 20 31 30 70 78 3b 0a 7d 0a 2e 6d 64 73 2d 73 77 69 74 63 68 2e 6d 64 73 2d 73 77 69 74 63 68 2d 6b 69 6e 64 2d 74 6f 67 67 6c 65 5b 61 72 69 61 2d 63 68 65 63 6b 65 64 3d 5c 22 74 72 75 65 5c 22 5d 2c 0a 2e 6d 64 73 2d 73 77 69 74 63 68 2e 6d 64 73 2d 73 77 69 74 63 68 2d 6b 69 6e 64 2d 74 6f 67 67 6c 65 5b 61 72 69 61 2d 63 68 65 63 6b 65 64 3d 5c 22 6d 69 78 65 64 5c 22 5d 20 7b 0a 20 20 2d 2d 6d 64 73 2d 73 77 69 74 63 68 2d 73 76 67 2d 66 69 6c 6c 3a 20 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 62 6c 75 65 2d 37 29 3b 0a 20 20 2d 2d 6d 64 73 2d 73 77 69 74 63 68 2d 73 76 67 2d 66 69 6c 6c 2d 68 6f 76 65 72 3a 20 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 62 6c 75 65 2d 39 29 3b 0a 20 20 2d 2d 6d 64 73 2d 73 77 69 74 63 Data Ascii: circle { cx: 10px;}.mds-switch.mds-switch-kind-toggle[aria-checked=\"true\"],.mds-switch.mds-switch-kind-toggle[aria-checked=\"mixed\"] { --mds-switch-svg-fill: var(--color-blue-7); --mds-switch-svg-fill-hover: var(--color-blue-9); --mds-switc

Timestamp	Bytes transferred	Direction	Data
2024-04-25 18:32:47 UTC	691	OUT	GET /envelopeopener/pf/ZGJAVG9rZW4yMTQ2NjozNDY1Mw!!/0N6hUsKKauBjMzwVWRL3lACaQ04JhqeB2y5vxmSrA.Tp60gJp9EubxQvpoMtpqQ2vpRTZKsf7-8ccLen9fmwXtpcB7COr5GUIg!!/?lp=en HTTP/1.1 Host: res.cisco.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-25 18:32:47 UTC	395	IN	HTTP/1.1 200 OK Content-Type: image/gif Content-Length: 49 Connection: close Date: Thu, 25 Apr 2024 18:32:47 GMT Server: unknown Strict-Transport-Security: max-age=31536000; includeSubDomains Strict-Transport-Security: max-age=31536000; includeSubDomains Expires: Thu, 01 Jan 1970 00:00:00 GMT Pragma: no-cache Cache-Control: max-age=0, must-revalidate, no-cache, no-store, private
2024-04-25 18:32:47 UTC	49	IN	Data Raw: 47 49 46 38 39 61 01 00 01 00 91 00 00 00 00 00 ff ff ff ff ff ff 00 00 00 21 f9 04 01 00 00 02 00 2c 00 00 00 00 01 00 01 00 00 02 02 54 01 00 3b Data Ascii: GIF89a!,T;

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report securedoc_20240425T124814.html

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 146

Chrome Cache Entry: 147

Chrome Cache Entry: 148

Chrome Cache Entry: 149

Chrome Cache Entry: 150

Chrome Cache Entry: 151

Chrome Cache Entry: 152

Chrome Cache Entry: 153

Chrome Cache Entry: 154

Chrome Cache Entry: 155

Chrome Cache Entry: 156

Chrome Cache Entry: 157

Chrome Cache Entry: 158

Chrome Cache Entry: 159

Chrome Cache Entry: 160

Chrome Cache Entry: 161

Chrome Cache Entry: 162

Chrome Cache Entry: 163

Chrome Cache Entry: 164

Chrome Cache Entry: 165

Chrome Cache Entry: 166

Chrome Cache Entry: 167

Chrome Cache Entry: 168

Chrome Cache Entry: 169

Chrome Cache Entry: 170

Chrome Cache Entry: 171

Chrome Cache Entry: 172

Chrome Cache Entry: 173

Windows Analysis Report
securedoc_20240425T124814.html