Edit tour

Windows Analysis Report
https://metameaskloginr.webflow.io/

Overview

General Information

Sample URL:	https://metameaskloginr.webflow.io/
Analysis ID:	1598188
Infos:

Detection

Score:	64
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Antivirus / Scanner detection for submitted sample

AI detected landing page (webpage, office document or email)

AI detected suspicious URL

Detected non-DNS traffic on DNS port

HTML page contains hidden javascript code

Stores files to the Windows start menu directory

Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

System is w10x64

chrome.exe (PID: 2888 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 3560 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=2024,i,11406649310732958746,6476825312988514925,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 616 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://metameaskloginr.webflow.io/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5744 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Downloads\downloaded (1).htm" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 4068 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1924,i,7478094689977708542,5430438820238343461,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://metameaskloginr.webflow.io/

Avira URL Cloud: detection malicious, Label: phishing

Phishing

AI detected phishing page

Source: https://metameaskloginr.webflow.io/

Joe Sandbox AI: Score: 9 Reasons: The brand 'MetaMask' is a known cryptocurrency wallet service., The legitimate domain for MetaMask is 'metamask.io'., The provided URL 'metameaskloginr.webflow.io' does not match the legitimate domain., The URL contains a misspelling of 'MetaMask' as 'metameask', which is a common phishing tactic., The use of 'webflow.io' as a domain extension is unusual for MetaMask and suggests a third-party hosting service, which is often used in phishing attempts. DOM: 1.0.pages.csv

AI detected landing page (webpage, office document or email)

Source: https://metameaskloginr.webflow.io/	Joe Sandbox AI: Page contains button: 'Download for' Source: '1.0.pages.csv'
Source: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE	Joe Sandbox AI: Page contains button: 'FREE ONLINE DESIGNER CLICK HERE' Source: '4.12.pages.csv'
Source: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE	Joe Sandbox AI: Page contains button: 'FREE ONLINE DESIGNER CLICK HERE' Source: '4.13.pages.csv'
Source: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE	Joe Sandbox AI: Page contains button: 'FREE ONLINE DESIGNER CLICK HERE' Source: '4.14.pages.csv'

AI detected suspicious URL

Source: https://metameaskloginr.webflow.io

Joe Sandbox AI: The URL 'metameaskloginr.webflow.io' appears to be a typosquatting attempt targeting the known brand MetaMask. The legitimate URL for MetaMask is 'metamask.io'. The analyzed URL uses a visual character substitution by replacing 'mask' with 'meask', which could easily be overlooked by users. Additionally, the inclusion of 'loginr' suggests an attempt to mimic a login page, which is a common tactic in phishing attempts. The use of 'webflow.io' as a domain extension is not inherently suspicious, but in this context, it does not suggest a legitimate purpose unrelated to MetaMask. The high similarity score is due to the structural and character-level resemblance to the legitimate brand URL, and the likelihood of user confusion is high, leading to a high spoofed score.

Source: http://ww16.ameddingpersusan.com/3418ba94-35fb-478e-8775-4bf99813581f?sub1=20250124-1105-431e-a5e7-d066b480a916

HTTP Parser: Base64 decoded: cre=1737677144&tcid=ww16.ameddingpersusan.com6792d9583c19a4.27432822&task=search&domain=ameddingpersusan.com&a_id=1&session=XZn4MD9B1cuSRmr41LFU&trackquery=1

Source: http://ww16.ameddingpersusan.com/3418ba94-35fb-478e-8775-4bf99813581f?sub1=20250124-1105-431e-a5e7-d066b480a916	HTTP Parser: No favicon
Source: http://ww16.ameddingpersusan.com/3418ba94-35fb-478e-8775-4bf99813581f?sub1=20250124-1105-431e-a5e7-d066b480a916	HTTP Parser: No favicon
Source: http://ww16.ameddingpersusan.com/3418ba94-35fb-478e-8775-4bf99813581f?sub1=20250124-1105-431e-a5e7-d066b480a916	HTTP Parser: No favicon
Source: http://ww16.ameddingpersusan.com/3418ba94-35fb-478e-8775-4bf99813581f?sub1=20250124-1105-431e-a5e7-d066b480a916	HTTP Parser: No favicon
Source: http://ww16.ameddingpersusan.com/caf/?ses=Y3JlPTE3Mzc2NzcxNDQmdGNpZD13dzE2LmFtZWRkaW5ncGVyc3VzYW4uY29tNjc5MmQ5NTgzYzE5YTQuMjc0MzI4MjImdGFzaz1zZWFyY2gmZG9tYWluPWFtZWRkaW5ncGVyc3VzYW4uY29tJmFfaWQ9MyZzZXNzaW9uPVhabjRNRDlCMWN1U1JtcjQxTEZV&query=Custom+Folders+with+Pockets&afdToken=ChMItsfB6IeNiwMV19ACBx2ikDSQEmQBlLqpj94hoGhprE1xoDQrp5FV54wfTN36DrBy01NcpC5x4m361p5UbDvH7XHpn_Q2FX-iCuhscgO47Ew-yXZHGwPISWV9SQ_QP1IsGSR6NA_UK22kMs7u-Vi7O3MnnLqAHl_MIAE&pcsa=false&nb=0&nm=10&nx=314&ny=78&is=700x534&clkt=3&suid=33609955838	HTTP Parser: No favicon
Source: http://ww16.ameddingpersusan.com/caf/?ses=Y3JlPTE3Mzc2NzcxNDQmdGNpZD13dzE2LmFtZWRkaW5ncGVyc3VzYW4uY29tNjc5MmQ5NTgzYzE5YTQuMjc0MzI4MjImdGFzaz1zZWFyY2gmZG9tYWluPWFtZWRkaW5ncGVyc3VzYW4uY29tJmFfaWQ9MyZzZXNzaW9uPVhabjRNRDlCMWN1U1JtcjQxTEZV&query=Custom+Folders+with+Pockets&afdToken=ChMItsfB6IeNiwMV19ACBx2ikDSQEmQBlLqpj94hoGhprE1xoDQrp5FV54wfTN36DrBy01NcpC5x4m361p5UbDvH7XHpn_Q2FX-iCuhscgO47Ew-yXZHGwPISWV9SQ_QP1IsGSR6NA_UK22kMs7u-Vi7O3MnnLqAHl_MIAE&pcsa=false&nb=0&nm=10&nx=314&ny=78&is=700x534&clkt=3&suid=33609955838	HTTP Parser: No favicon
Source: http://ww16.ameddingpersusan.com/caf/?ses=Y3JlPTE3Mzc2NzcxNDQmdGNpZD13dzE2LmFtZWRkaW5ncGVyc3VzYW4uY29tNjc5MmQ5NTgzYzE5YTQuMjc0MzI4MjImdGFzaz1zZWFyY2gmZG9tYWluPWFtZWRkaW5ncGVyc3VzYW4uY29tJmFfaWQ9MyZzZXNzaW9uPVhabjRNRDlCMWN1U1JtcjQxTEZV&query=Custom+Folders+with+Pockets&afdToken=ChMItsfB6IeNiwMV19ACBx2ikDSQEmQBlLqpj94hoGhprE1xoDQrp5FV54wfTN36DrBy01NcpC5x4m361p5UbDvH7XHpn_Q2FX-iCuhscgO47Ew-yXZHGwPISWV9SQ_QP1IsGSR6NA_UK22kMs7u-Vi7O3MnnLqAHl_MIAE&pcsa=false&nb=0&nm=10&nx=314&ny=78&is=700x534&clkt=3&suid=33609955838	HTTP Parser: No favicon
Source: http://ww16.ameddingpersusan.com/caf/?ses=Y3JlPTE3Mzc2NzcxNDQmdGNpZD13dzE2LmFtZWRkaW5ncGVyc3VzYW4uY29tNjc5MmQ5NTgzYzE5YTQuMjc0MzI4MjImdGFzaz1zZWFyY2gmZG9tYWluPWFtZWRkaW5ncGVyc3VzYW4uY29tJmFfaWQ9MyZzZXNzaW9uPVhabjRNRDlCMWN1U1JtcjQxTEZV&query=Custom+Folders+with+Pockets&afdToken=ChMItsfB6IeNiwMV19ACBx2ikDSQEmQBlLqpj94hoGhprE1xoDQrp5FV54wfTN36DrBy01NcpC5x4m361p5UbDvH7XHpn_Q2FX-iCuhscgO47Ew-yXZHGwPISWV9SQ_QP1IsGSR6NA_UK22kMs7u-Vi7O3MnnLqAHl_MIAE&pcsa=false&nb=0&nm=10&nx=314&ny=78&is=700x534&clkt=3&suid=33609955838	HTTP Parser: No favicon
Source: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE	HTTP Parser: No favicon
Source: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE	HTTP Parser: No favicon
Source: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE	HTTP Parser: No favicon
Source: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE	HTTP Parser: No favicon
Source: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE	HTTP Parser: No favicon
Source: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE	HTTP Parser: No favicon
Source: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE	HTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded%20(1).htm	HTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded%20(1).htm	HTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded%20(1).htm	HTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded%20(1).htm	HTTP Parser: No favicon

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49751 version: TLS 1.0

Source: global traffic

TCP traffic: 192.168.2.5:50322 -> 1.1.1.1:53

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49751 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: metameaskloginr.webflow.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /64d06a686ff6fe477045d93d/css/metameaskloginr.webflow.8ede22f79.css HTTP/1.1Host: cdn.prod.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://metameaskloginr.webflow.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /64d06a686ff6fe477045d93d/js/webflow.24a563ff7.js HTTP/1.1Host: cdn.prod.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://metameaskloginr.webflow.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=64d06a686ff6fe477045d93d HTTP/1.1Host: d3e54v103j8qbb.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://metameaskloginr.webflow.iosec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://metameaskloginr.webflow.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /64d06a686ff6fe477045d93d/js/webflow.24a563ff7.js HTTP/1.1Host: cdn.prod.website-files.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /64d06a686ff6fe477045d93d/64d06a881c7aed371aa5e075_metmask%20banner.png HTTP/1.1Host: cdn.prod.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://metameaskloginr.webflow.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=64d06a686ff6fe477045d93d HTTP/1.1Host: d3e54v103j8qbb.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /64d06a686ff6fe477045d93d/64d06a881c7aed371aa5e075_metmask%20banner.png HTTP/1.1Host: cdn.prod.website-files.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /64d06a686ff6fe477045d93d/64d06c663ebce026879e1f6f_metamask_favicon-.png HTTP/1.1Host: cdn.prod.website-files.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://metameaskloginr.webflow.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /64d06a686ff6fe477045d93d/64d06c663ebce026879e1f6f_metamask_favicon-.png HTTP/1.1Host: cdn.prod.website-files.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /3418ba94-35fb-478e-8775-4bf99813581f HTTP/1.1Host: ameddingpersusan.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://metameaskloginr.webflow.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://ww16.ameddingpersusan.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1Host: afs.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23000000 HTTP/1.1Host: afs.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1Host: afs.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23000000 HTTP/1.1Host: afs.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /svg/larger-globe.svg?c=%2380868B HTTP/1.1Host: afs.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/afs/snowman.png HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /svg/right_chevron_icon.svg?c=%23000000 HTTP/1.1Host: afs.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /svg/larger-globe.svg?c=%2380868B HTTP/1.1Host: afs.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/afs/snowman.png HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /svg/right_chevron_icon.svg?c=%23000000 HTTP/1.1Host: afs.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE HTTP/1.1Host: www.folders911.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-latest.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /style_sheet/style.css HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /style_sheet/main-md-sm-xs.css HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /js/scripts.js HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /js/prototype.js HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /js/scripts.js HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /images/ink_pop.pdf HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /images/stockpopup.pdf HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /js/prototype.js HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /images/aque_coating.pdf HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /images/onlinedbutton.png HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /images/shoping_cart_box.png HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/style_sheet/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /images/logo.png HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /jquery-latest.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/header_top_bg.png HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /images/trans.gif HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /images/onlinedbutton.png HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /images/shoping_cart_box.png HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /images/logo.png HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /ajaxn.php?pid=1&qty=100&sizeid=28&catid=25&turnid=4dayprice&opt=pfolder_price1&proof=0&ch=1&ch=1undefined&ch=1undefined&ch=1&ch=1&ch=1undefined&ch=1&pocket=0&ch=1&pockets=Left%20Pocket&ch=1&ch=1&ch=1&stocks=36&ch=1&coating=&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&c=1undefined&c=1&c=1undefined&c=1undefined&c=1&template=&c=1undefined&c=1&ft_val=0&c=1&bk_val=0&c=1&free_template_url=0&c=1&free_template_url2=0&_= HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Prototype-Version: 1.3.1X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /images/box_2.png HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /UP/product_25.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /images/box_1.png HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /images/headbg.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/style_sheet/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /images/loading6.gif HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /images/help.png HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173
Source: global traffic	HTTP traffic detected: GET /images/x.png HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_01.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_02.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /images/trans.gif HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173
Source: global traffic	HTTP traffic detected: GET /images/header_top_bg.png HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173
Source: global traffic	HTTP traffic detected: GET /images/box_2.png HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173
Source: global traffic	HTTP traffic detected: GET /ajaxn.php?pid=1&qty=100&sizeid=28&catid=25&turnid=4dayprice&opt=pfolder_price1&proof=0&ch=1&ch=1undefined&ch=1undefined&ch=1&ch=1&ch=1undefined&ch=1&pocket=0&ch=1&pockets=Left%20Pocket&ch=1&ch=1&ch=1&stocks=36&ch=1&coating=&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&c=1undefined&c=1&c=1undefined&c=1undefined&c=1&template=&c=1undefined&c=1&ft_val=0&c=1&bk_val=0&c=1&free_template_url=0&c=1&free_template_url2=0&_= HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173
Source: global traffic	HTTP traffic detected: GET /images/box_1.png HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173
Source: global traffic	HTTP traffic detected: GET /UP/product_25.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_03.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_04.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_05.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_06.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_07.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_08.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_09.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_10.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_11.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_12.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_13.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/loading6.gif HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/help.png HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/headbg.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/x.png HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_01.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_02.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_14.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_15.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_16.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_18.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_19.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_17.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_05.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_03.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_06.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_04.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_07.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_08.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_20.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_21.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_22.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_23.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/logo.webp HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/ssl.gif HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/facebook.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/twitter.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/logo_blogger.avif HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/Linked-in.avif HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/pinterest.avif HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/Quora.avif HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/tumblr.avif HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/footbg.webp HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /chat-code.js HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE HTTP/1.1Host: www.folders911.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE HTTP/1.1Host: www.folders911.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE HTTP/1.1Host: www.folders911.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_10.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_09.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_12.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_13.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_11.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_14.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwEAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_16.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_19.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_18.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_17.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_15.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_20.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /jquery-latest.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_23.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/logo.webp HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_22.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/ssl.gif HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_21.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/facebook.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /chat-code.js HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/logo_blogger.avif HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/twitter.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/Linked-in.avif HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/pinterest.avif HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/Quora.avif HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/tumblr.avif HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /images/footbg.webp HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /chat-code.js HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gac_UA-2444955-6=1.1737677174.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gat_UA-2444955-6=1
Source: global traffic	HTTP traffic detected: GET /v1/20885/Endpoints HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json; charset=utf-8Accept: /Origin: https://www.folders911.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/Endpoints HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json; charset=utf-8Accept: /Origin: https://www.folders911.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/Endpoints HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json; charset=utf-8Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json; charset=utf-8Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/Visitor HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json; charset=utf-8Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/GroupSelection HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TiPMix=73.96251956728717; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json; charset=utf-8Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json; charset=utf-8Accept: /Origin: https://www.folders911.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/Visitor HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TiPMix=73.96251956728717; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/Visitor HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TiPMix=73.96251956728717; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/availability?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json; charset=utf-8Accept: /Origin: https://www.folders911.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/GroupSelection HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TiPMix=73.96251956728717; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/Visitor HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TiPMix=73.96251956728717; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/availability?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TiPMix=48.15604542813803; x-ms-routing-name=self
Source: global traffic	HTTP traffic detected: GET /v1/20885/GroupSelection HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TiPMix=73.96251956728717; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json; charset=utf-8Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/GroupSelection HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TiPMix=73.96251956728717; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TiPMix=48.15604542813803; x-ms-routing-name=selfIf-None-Match: "e50b9610-5557-46a2-9bc7-f0c01550a1b2"
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json; charset=utf-8Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: "e50b9610-5557-46a2-9bc7-f0c01550a1b2"
Source: global traffic	HTTP traffic detected: GET /v1/20885/Invites HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TiPMix=73.96251956728717; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json; charset=utf-8Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: "e50b9610-5557-46a2-9bc7-f0c01550a1b2"
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TiPMix=48.15604542813803; x-ms-routing-name=selfIf-None-Match: "e50b9610-5557-46a2-9bc7-f0c01550a1b2"
Source: global traffic	HTTP traffic detected: GET /v1/20885/availability?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json; charset=utf-8Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TiPMix=48.15604542813803; x-ms-routing-name=selfIf-None-Match: "e50b9610-5557-46a2-9bc7-f0c01550a1b2"
Source: global traffic	HTTP traffic detected: GET /v1/20885/Invites HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TiPMix=73.96251956728717; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/Invites HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TiPMix=73.96251956728717; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/Invites HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TiPMix=73.96251956728717; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /jquery-latest.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-latest.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /chat-code.js HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /chat-code.js HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=a60v1g5se2ac2ulfkcf44537ej; _gcl_aw=GCL.1737677173.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; _gcl_gs=2.1.k5$i1737677168$u91091853; _gcl_au=1.1.544425831.1737677173; _ga=GA1.2.999789103.1737677174; _gid=GA1.2.1261598460.1737677174; _gat_UA-2444955-6=1; _gac_UA-2444955-6=1.1737677183.EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE; velaro_endOfDay=%222025-01-23T23%3A59%3A59.999Z%22; velaro_firstvisit=%222025-01-24T00%3A06%3A28.251Z%22; velaro_visitorId=%22SCNKbLnOzkSCMD8uariIAQ%22
Source: global traffic	HTTP traffic detected: GET /v1/20885/Endpoints HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json; charset=utf-8Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/Endpoints HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json; charset=utf-8Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/Visitor HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TiPMix=73.96251956728717; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/GroupSelection HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TiPMix=73.96251956728717; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json; charset=utf-8Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TiPMix=48.15604542813803; x-ms-routing-name=self
Source: global traffic	HTTP traffic detected: GET /v1/20885/availability?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json; charset=utf-8Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/availability?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TiPMix=48.15604542813803; x-ms-routing-name=self
Source: global traffic	HTTP traffic detected: GET /v1/20885/Invites HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TiPMix=73.96251956728717; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/availability?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json; charset=utf-8Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/availability?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TiPMix=48.15604542813803; x-ms-routing-name=self
Source: global traffic	HTTP traffic detected: GET /3418ba94-35fb-478e-8775-4bf99813581f?sub1=20250124-1105-431e-a5e7-d066b480a916 HTTP/1.1Host: ww16.ameddingpersusan.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /search/tsc.php?ses=ogcOSkeE3r4qYoFFBKyxJBitg7RsdSXi9RiofG9VKKQGOaFQGwgB4bS8pQ5xP2RKBb5a8QL72iSMzpsi7A4QEZB8eh3rbdGRQENA20ZIOgJKAvFoLUPBj0Uv75m-nSxHEeVj5RDgppQWDvyTIP8_pJiOGtkbMdk8e3TIXYkiB75jtCm_3-GnAYddBvD1naZsltaYe3EW4aYNIrkRd4M2Dvq899mTmks8eyCdnKuRi8LYT4C35we7w8tmhghRN-IuGwqEA8GWLv5KDfTSAFjHMuHG-YVNVOi5D1OtB2RL56dqD2uzqUHtWTwmGOztT1olMj4tuVQtk7v2NVUnBFBRBEMAgn4aLToxrYpf6yP4bTx4eNHI0bLovyYsF-cnA&cv=2 HTTP/1.1Host: ww16.ameddingpersusan.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ww16.ameddingpersusan.com/3418ba94-35fb-478e-8775-4bf99813581f?sub1=20250124-1105-431e-a5e7-d066b480a916Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /search/tsc.php?ses=ogcOSkeE3r4qYoFFBKyxJBitg7RsdSXi9RiofG9VKKQGOaFQGwgB4bS8pQ5xP2RKBb5a8QL72iSMzpsi7A4QEZB8eh3rbdGRQENA20ZIOgJKAvFoLUPBj0Uv75m-nSxHEeVj5RDgppQWDvyTIP8_pJiOGtkbMdk8e3TIXYkiB75jtCm_3-GnAYddBvD1naZsltaYe3EW4aYNIrkRd4M2Dvq899mTmks8eyCdnKuRi8LYT4C35we7w8tmhghRN-IuGwqEA8GWLv5KDfTSAFjHMuHG-YVNVOi5D1OtB2RL56dqD2uzqUHtWTwmGOztT1olMj4tuVQtk7v2NVUnBFBRBEMAgn4aLToxrYpf6yP4bTx4eNHI0bLovyYsF-cnA&cv=2 HTTP/1.1Host: ww16.ameddingpersusan.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /templates/logos/sedo_logo.png HTTP/1.1Host: img.sedoparking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ww16.ameddingpersusan.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /templates/logos/sedo_logo.png HTTP/1.1Host: img.sedoparking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /caf/?ses=Y3JlPTE3Mzc2NzcxNDQmdGNpZD13dzE2LmFtZWRkaW5ncGVyc3VzYW4uY29tNjc5MmQ5NTgzYzE5YTQuMjc0MzI4MjImdGFzaz1zZWFyY2gmZG9tYWluPWFtZWRkaW5ncGVyc3VzYW4uY29tJmFfaWQ9MyZzZXNzaW9uPVhabjRNRDlCMWN1U1JtcjQxTEZV&query=Custom+Folders+with+Pockets&afdToken=ChMItsfB6IeNiwMV19ACBx2ikDSQEmQBlLqpj94hoGhprE1xoDQrp5FV54wfTN36DrBy01NcpC5x4m361p5UbDvH7XHpn_Q2FX-iCuhscgO47Ew-yXZHGwPISWV9SQ_QP1IsGSR6NA_UK22kMs7u-Vi7O3MnnLqAHl_MIAE&pcsa=false&nb=0&nm=10&nx=314&ny=78&is=700x534&clkt=3&suid=33609955838 HTTP/1.1Host: ww16.ameddingpersusan.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Referer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: __gsas=ID=03585a9c1964ae13:T=1737677146:RT=1737677146:S=ALNI_MYSWw30ne8cz6aALqe4fM-8-LD7LQ
Source: global traffic	HTTP traffic detected: GET /templates/bg/multi-arrows.png HTTP/1.1Host: img.sedoparking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ww16.ameddingpersusan.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /search/tsc.php?ses=ogctPd1yzw7zXdEira5z0E4dvvUiTuJ2BOHYQ9sX2pIn3Zp9jSvNIHrtKHXlSt-EqPvl3FdbIkpk9nz5LbuWmF5nRiuCYWNkRu-43q3CchAHeSinui3Qd-TPswjJZ3f2LGE0mSMnd0JCWRBZVjCJoDSQgoLt_5zJzZIPx642MPL_gZeWeEedwYzrqSbwebdk5fZjPjxxXk8b9_0h1cStJtfEEL7N7pYkEREw0ySiFkvH1TPuSaXcc-TXBoYO8v4Ljwd4auTnW6JjWHpkiFCtKGoXkVwcB017DwjUrTZHMvNBYuoeX0C1Qhniv9ELTp9RKMJB9Iju2hy4G9SGRmcXWoUomZTiR-LmWGyTFuHIkKPCqRo-Fama17Tl5ujIg&cv=2 HTTP/1.1Host: ww16.ameddingpersusan.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ww16.ameddingpersusan.com/caf/?ses=Y3JlPTE3Mzc2NzcxNDQmdGNpZD13dzE2LmFtZWRkaW5ncGVyc3VzYW4uY29tNjc5MmQ5NTgzYzE5YTQuMjc0MzI4MjImdGFzaz1zZWFyY2gmZG9tYWluPWFtZWRkaW5ncGVyc3VzYW4uY29tJmFfaWQ9MyZzZXNzaW9uPVhabjRNRDlCMWN1U1JtcjQxTEZV&query=Custom+Folders+with+Pockets&afdToken=ChMItsfB6IeNiwMV19ACBx2ikDSQEmQBlLqpj94hoGhprE1xoDQrp5FV54wfTN36DrBy01NcpC5x4m361p5UbDvH7XHpn_Q2FX-iCuhscgO47Ew-yXZHGwPISWV9SQ_QP1IsGSR6NA_UK22kMs7u-Vi7O3MnnLqAHl_MIAE&pcsa=false&nb=0&nm=10&nx=314&ny=78&is=700x534&clkt=3&suid=33609955838Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: __gsas=ID=03585a9c1964ae13:T=1737677146:RT=1737677146:S=ALNI_MYSWw30ne8cz6aALqe4fM-8-LD7LQ
Source: global traffic	HTTP traffic detected: GET /templates/bg/multi-arrows.png HTTP/1.1Host: img.sedoparking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /search/tsc.php?ses=ogctPd1yzw7zXdEira5z0E4dvvUiTuJ2BOHYQ9sX2pIn3Zp9jSvNIHrtKHXlSt-EqPvl3FdbIkpk9nz5LbuWmF5nRiuCYWNkRu-43q3CchAHeSinui3Qd-TPswjJZ3f2LGE0mSMnd0JCWRBZVjCJoDSQgoLt_5zJzZIPx642MPL_gZeWeEedwYzrqSbwebdk5fZjPjxxXk8b9_0h1cStJtfEEL7N7pYkEREw0ySiFkvH1TPuSaXcc-TXBoYO8v4Ljwd4auTnW6JjWHpkiFCtKGoXkVwcB017DwjUrTZHMvNBYuoeX0C1Qhniv9ELTp9RKMJB9Iju2hy4G9SGRmcXWoUomZTiR-LmWGyTFuHIkKPCqRo-Fama17Tl5ujIg&cv=2 HTTP/1.1Host: ww16.ameddingpersusan.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: __gsas=ID=03585a9c1964ae13:T=1737677146:RT=1737677146:S=ALNI_MYSWw30ne8cz6aALqe4fM-8-LD7LQ

Source: downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	String found in binary or memory: </a> \| <a target="_blank" href="https://www.linkedin.com/in/folders911/"> equals www.linkedin.com (Linkedin)
Source: downloaded.htm.crdownload.0.dr	String found in binary or memory: <dive class="socialicon"><a target="_blank" href="https://www.facebook.com/Folders911-108006070949891/"> <img src="images/facebook.jpg" border="0" width="20" height="20" alt="alpha press facebook"></a> \| <a target="_blank" href="http://www.twitter.com/apiprint"> equals www.facebook.com (Facebook)
Source: downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	String found in binary or memory: <dive class="socialicon"><a target="_blank" href="https://www.facebook.com/Folders911-108006070949891/"> <img src="images/facebook.jpg" border="0" width="20" height="20" alt="alpha press facebook"></a> \| <a target="_blank" href="http://www.twitter.com/apiprint"> equals www.twitter.com (Twitter)
Source: chromecache_239.8.dr, chromecache_245.8.dr	String found in binary or memory: return f}kF.F="internal.enableAutoEventOnTimer";var Xb=va(["data-gtm-yt-inspected-"]),mF=["www.youtube.com","www.youtube-nocookie.com"],nF,oF=!1; equals www.youtube.com (Youtube)
Source: chromecache_257.8.dr, chromecache_262.8.dr	String found in binary or memory: {"AllowChatRating":true,"AllowChatLineRating":true,"AllowClickToCall":true,"EnableVisitorsToCopyTranscriptsToClipboard":true,"Google":"","Facebook":"https://www.facebook.com/#!/pages/Alpha-Press-Inc/149199941772232","LinkedIn":"","Twitter":"https://www.twitter.com/apiprint","CompanyLogo":"","TitleAvailableText":"Live Chat","TitleUnavailableText":"Live Chat Offline","InlineWindowEyeCatcherEnabled":false,"InlineWindowEyeCatcherOnlineSource":"","InlineWindowEyeCatcherOfflineEnabled":false,"InlineWindowEyeCatcherOfflineSource":"","QueueSystemMessage":"You have been placed in queue. An agent will be with you shortly.","KBHeaderText":"These articles may help. If not, please select continue.","KBButtonText":"Continue","InlineWindowChatRatingEnabled":true,"InlineWindowChatRatingText":"Rate Us","InlineWindowLineRatingEnabled":true,"InlineWindowTypingIndicatorText":"@AgentName is typing...","InlineWindowUploadText":"Upload","EndChatPopupText":"Are you sure you want to end your chat?","InlineWindowEndChatText":"Exit","EmailPopupText":"Enter your email address","InlineWindowEmailText":"Email","InlineWindowPrintText":"Print","InLineChatFacebookVisible":false,"InLineChatTwitterVisible":false,"InLineChatGooglePlusVisible":false,"InLineChatLinkedInVisible":false,"IntroductionText":"Please send us a message to begin chatting.","EnablePrechatSurvey":true,"BotEnabled":false,"PrioritizeAgentsOverBots":false,"PrechatSurvey":{"SurveyID":13798,"DateCreated":"2020-10-22T16:00:22.003Z","LastModified":"2020-10-22T16:00:22.003Z","SiteID":20885,"GroupId":6968,"SiteConfigurationId":null,"SurveyQuestions":[{"QuestionID":48167,"SurveyID":13798,"QuestionType":5,"QuestionText":"What is your name?","Priority":0,"Required":false,"UseCountryCode":null,"MaskVisitorPhone":false,"ValidationFailedMessage":"","InvalidEmailMessage":"Please enter a valid email","HiddenField":true,"DisplayWidth":0,"Html":"","KBSearchQuestion":false,"VariableName":null,"PlaceholderText":null,"SectionID":null,"DefaultSelectText":null,"ExcludedGroupsBlob":null,"GroupOrderBlob":null,"CustomGroupLabelsBlob":null,"SurveyQuestionChoices":[]},{"QuestionID":48168,"SurveyID":13798,"QuestionType":6,"QuestionText":"What is your email address?","Priority":0,"Required":false,"UseCountryCode":null,"MaskVisitorPhone":false,"ValidationFailedMessage":"","InvalidEmailMessage":"Please enter a valid email","HiddenField":true,"DisplayWidth":0,"Html":"","KBSearchQuestion":false,"VariableName":null,"PlaceholderText":null,"SectionID":null,"DefaultSelectText":null,"ExcludedGroupsBlob":null,"GroupOrderBlob":null,"CustomGroupLabelsBlob":null,"SurveyQuestionChoices":[]},{"QuestionID":48169,"SurveyID":13798,"QuestionType":14,"QuestionText":"How can we help you?","Priority":0,"Required":false,"UseCountryCode":null,"MaskVisitorPhone":false,"ValidationFailedMessage":"","InvalidEmailMessage":"Please enter a valid email","HiddenField":true,"DisplayWidth":0,"Html":"","KBSearchQuestion":false,"VariableName":null,"PlaceholderText":null,"Sectio
Source: chromecache_257.8.dr, chromecache_262.8.dr	String found in binary or memory: {"AllowChatRating":true,"AllowChatLineRating":true,"AllowClickToCall":true,"EnableVisitorsToCopyTranscriptsToClipboard":true,"Google":"","Facebook":"https://www.facebook.com/#!/pages/Alpha-Press-Inc/149199941772232","LinkedIn":"","Twitter":"https://www.twitter.com/apiprint","CompanyLogo":"","TitleAvailableText":"Live Chat","TitleUnavailableText":"Live Chat Offline","InlineWindowEyeCatcherEnabled":false,"InlineWindowEyeCatcherOnlineSource":"","InlineWindowEyeCatcherOfflineEnabled":false,"InlineWindowEyeCatcherOfflineSource":"","QueueSystemMessage":"You have been placed in queue. An agent will be with you shortly.","KBHeaderText":"These articles may help. If not, please select continue.","KBButtonText":"Continue","InlineWindowChatRatingEnabled":true,"InlineWindowChatRatingText":"Rate Us","InlineWindowLineRatingEnabled":true,"InlineWindowTypingIndicatorText":"@AgentName is typing...","InlineWindowUploadText":"Upload","EndChatPopupText":"Are you sure you want to end your chat?","InlineWindowEndChatText":"Exit","EmailPopupText":"Enter your email address","InlineWindowEmailText":"Email","InlineWindowPrintText":"Print","InLineChatFacebookVisible":false,"InLineChatTwitterVisible":false,"InLineChatGooglePlusVisible":false,"InLineChatLinkedInVisible":false,"IntroductionText":"Please send us a message to begin chatting.","EnablePrechatSurvey":true,"BotEnabled":false,"PrioritizeAgentsOverBots":false,"PrechatSurvey":{"SurveyID":13798,"DateCreated":"2020-10-22T16:00:22.003Z","LastModified":"2020-10-22T16:00:22.003Z","SiteID":20885,"GroupId":6968,"SiteConfigurationId":null,"SurveyQuestions":[{"QuestionID":48167,"SurveyID":13798,"QuestionType":5,"QuestionText":"What is your name?","Priority":0,"Required":false,"UseCountryCode":null,"MaskVisitorPhone":false,"ValidationFailedMessage":"","InvalidEmailMessage":"Please enter a valid email","HiddenField":true,"DisplayWidth":0,"Html":"","KBSearchQuestion":false,"VariableName":null,"PlaceholderText":null,"SectionID":null,"DefaultSelectText":null,"ExcludedGroupsBlob":null,"GroupOrderBlob":null,"CustomGroupLabelsBlob":null,"SurveyQuestionChoices":[]},{"QuestionID":48168,"SurveyID":13798,"QuestionType":6,"QuestionText":"What is your email address?","Priority":0,"Required":false,"UseCountryCode":null,"MaskVisitorPhone":false,"ValidationFailedMessage":"","InvalidEmailMessage":"Please enter a valid email","HiddenField":true,"DisplayWidth":0,"Html":"","KBSearchQuestion":false,"VariableName":null,"PlaceholderText":null,"SectionID":null,"DefaultSelectText":null,"ExcludedGroupsBlob":null,"GroupOrderBlob":null,"CustomGroupLabelsBlob":null,"SurveyQuestionChoices":[]},{"QuestionID":48169,"SurveyID":13798,"QuestionType":14,"QuestionText":"How can we help you?","Priority":0,"Required":false,"UseCountryCode":null,"MaskVisitorPhone":false,"ValidationFailedMessage":"","InvalidEmailMessage":"Please enter a valid email","HiddenField":true,"DisplayWidth":0,"Html":"","KBSearchQuestion":false,"VariableName":null,"PlaceholderText":null,"Sectio

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: metameaskloginr.webflow.io
Source: global traffic	DNS traffic detected: DNS query: cdn.prod.website-files.com
Source: global traffic	DNS traffic detected: DNS query: d3e54v103j8qbb.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: ameddingpersusan.com
Source: global traffic	DNS traffic detected: DNS query: ww16.ameddingpersusan.com
Source: global traffic	DNS traffic detected: DNS query: syndicatedsearch.goog
Source: global traffic	DNS traffic detected: DNS query: img.sedoparking.com
Source: global traffic	DNS traffic detected: DNS query: afs.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: cc.sedoparking.com
Source: global traffic	DNS traffic detected: DNS query: www.folders911.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: api-main-us-east.velaro.com
Source: global traffic	DNS traffic detected: DNS query: api-visitor-us-east.velaro.com
Source: global traffic	DNS traffic detected: DNS query: api-engagement-us-east.velaro.com

Source: unknown

HTTP traffic detected: POST /search/cc.php?l=ogcFIoaLpmcOxgNn0xyINdr0E2z0X75_81SaOEEQOTuFcX1XhQS9F1K2IAylVmcg45wfuk9oPXIa_QcaOHV_JWnLEPffFn4hXoB06bCajWMUxxZTbDp5Q9-Ec7h9-raMqmz3UH7jlTgtIRCm5cN3Du2-ANG_of_ylSgdSqaDUL4XNV0DP34-6UNglt9ytuqsoFuGKuGgJX8YCJQH6qVtIludfJKWvhD_e5EYFCwoEpYkXQhXJd99lO0BmorqyrF_7xFQiiXsfCTMWAzehwAsR9vH0YlJyq1ypL0GJ3A25Ei5jisOkUfKN8Tu_Xis3IAES0qx1dcz6DDAxWLHnhqYHRsgBqPrVpaYUlHR2k6Qk0qsPsq2B-8plzLOvDAn6uoo3kK_K623Xo-HLrWPGGt2X4mplrd0EQ2mkkSvG46t7H--jFZvRSPbmKD1MsMrgCanc5Y3mriUKOcj-4cW6wRrCAzYcJ94bfiPdDGiIPpnxzpok1UaJkK5Vja63-PyA9UQdqdu-ShOl27bKjqutDI64z4A8MXUxeLy7MqxiL6jL9Sp0esjnd3hJxSgXBNLI9WaOpujntvWB2xSCQqIx1Hi-k0le6nh_gxYedZ0cbW-1VNZF2cWsAp3BvCc1eFSphAuUqih5BLS2FBKCcALGZMPCKB&v=YzJiYzllYjk2Y2YxMDk1YzY0OTE2NmIyNTljMGQ1MTIJMQl3dzE2LmFtZWRkaW5ncGVyc3VzYW4uY29tNjc5MmQ5NTgzYzE5YTQuMjc0MzI4MjIJd3cxNi5hbWVkZGluZ3BlcnN1c2FuLmNvbTY3OTJkOTY1YmIzYzQ0Ljk5ODg2NDQ3CTE3Mzc2NzcxNTcJMA%3D%3D&nc=79773151737677168205 HTTP/1.1Host: cc.sedoparking.comConnection: keep-aliveContent-Length: 0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://syndicatedsearch.googSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	String found in binary or memory: http://folders911.com/envelope-designer/gallery.php?c=25&s=108
Source: chromecache_241.8.dr, chromecache_247.8.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_241.8.dr, chromecache_247.8.dr	String found in binary or memory: http://signalr.net/
Source: downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	String found in binary or memory: http://titheenvelope.com/designer/designer_frame
Source: downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	String found in binary or memory: http://www.bbb.org/central-florida/business-reviews/image-and-graphics-printing/alpha-press-in-orlan
Source: chromecache_245.8.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_243.8.dr, chromecache_252.8.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_248.8.dr, chromecache_263.8.dr	String found in binary or memory: https://api-engagement-us-east.velaro.com/
Source: chromecache_244.8.dr, chromecache_253.8.dr	String found in binary or memory: https://api-main-us-east.velaro.com/
Source: chromecache_248.8.dr, chromecache_263.8.dr	String found in binary or memory: https://api-visitor-us-east.velaro.com/
Source: chromecache_248.8.dr, chromecache_263.8.dr	String found in binary or memory: https://app.velaro.com/
Source: chromecache_239.8.dr, chromecache_245.8.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: downloaded (2).htm.crdownload.0.dr, 85b35863-b31b-42d2-86c4-cf5f1ad6329a.tmp.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr, 45f42837-d1cf-4740-a835-2728c41bd748.tmp.0.dr	String found in binary or memory: https://code.jquery.com/jquery-latest.min.js
Source: chromecache_244.8.dr, chromecache_248.8.dr, chromecache_253.8.dr, chromecache_263.8.dr	String found in binary or memory: https://eastprodcdn.azureedge.net/
Source: downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	String found in binary or memory: https://folders911.blogspot.com/
Source: downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	String found in binary or memory: https://folders911.tumblr.com/
Source: chromecache_242.8.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI
Source: chromecache_242.8.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4iaVI
Source: chromecache_242.8.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4jaVI
Source: chromecache_242.8.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVI
Source: chromecache_242.8.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4saVI
Source: chromecache_242.8.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4taVI
Source: chromecache_242.8.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI
Source: chromecache_242.8.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVI
Source: chromecache_242.8.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B5OaVI
Source: chromecache_242.8.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B5caVI
Source: chromecache_248.8.dr, chromecache_263.8.dr	String found in binary or memory: https://galleryuseastprod.blob.core.windows.net/
Source: chromecache_245.8.dr	String found in binary or memory: https://google.com
Source: chromecache_245.8.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_241.8.dr, chromecache_247.8.dr	String found in binary or memory: https://jquery.com/
Source: chromecache_241.8.dr, chromecache_247.8.dr	String found in binary or memory: https://jquery.org/license
Source: chromecache_245.8.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_239.8.dr, chromecache_245.8.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_248.8.dr, chromecache_263.8.dr	String found in binary or memory: https://signalr-engagement-us-east.velaro.com/
Source: chromecache_241.8.dr, chromecache_247.8.dr	String found in binary or memory: https://sizzlejs.com/
Source: chromecache_252.8.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_243.8.dr, chromecache_252.8.dr	String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_239.8.dr, chromecache_245.8.dr	String found in binary or memory: https://td.doubleclick.net
Source: downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	String found in binary or memory: https://www.folders911.com
Source: downloaded.htm.crdownload.0.dr, 45f42837-d1cf-4740-a835-2728c41bd748.tmp.0.dr	String found in binary or memory: https://www.folders911.com/
Source: downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	String found in binary or memory: https://www.folders911.com/chat-code.js
Source: downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	String found in binary or memory: https://www.folders911.com/contact-us
Source: downloaded (2).htm.crdownload.0.dr, 85b35863-b31b-42d2-86c4-cf5f1ad6329a.tmp.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr, 45f42837-d1cf-4740-a835-2728c41bd748.tmp.0.dr	String found in binary or memory: https://www.folders911.com/images/logo.png
Source: 45f42837-d1cf-4740-a835-2728c41bd748.tmp.0.dr	String found in binary or memory: https://www.folders911.com/presentation-folders.php
Source: downloaded.htm.crdownload.0.dr	String found in binary or memory: https://www.folders911.com/services/presentation-folders-printing
Source: chromecache_239.8.dr, chromecache_245.8.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_243.8.dr, chromecache_252.8.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_243.8.dr, chromecache_252.8.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_243.8.dr, chromecache_252.8.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_245.8.dr	String found in binary or memory: https://www.google.com
Source: chromecache_243.8.dr, chromecache_252.8.dr	String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_245.8.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_245.8.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_239.8.dr, chromecache_245.8.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_243.8.dr, chromecache_252.8.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: downloaded (2).htm.crdownload.0.dr, 85b35863-b31b-42d2-86c4-cf5f1ad6329a.tmp.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr, 45f42837-d1cf-4740-a835-2728c41bd748.tmp.0.dr	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: downloaded (2).htm.crdownload.0.dr, 85b35863-b31b-42d2-86c4-cf5f1ad6329a.tmp.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr, 45f42837-d1cf-4740-a835-2728c41bd748.tmp.0.dr	String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-K3ZVR2P
Source: chromecache_239.8.dr, chromecache_245.8.dr	String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	String found in binary or memory: https://www.linkedin.com/in/folders911/
Source: downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	String found in binary or memory: https://www.pinterest.com/folders911
Source: downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	String found in binary or memory: https://www.quora.com/profile/Folders911

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50177 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 50085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50360 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 50314 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 50165 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50325 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50268 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50292 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 50359 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 50015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50096 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50291 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50303 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50269 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50280 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50337 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50348 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50178 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 50210 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50187 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50293 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50270 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50347 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50335 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50247 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50095 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50370 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50084 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 50038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50281 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50236 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50083 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49993
Source: unknown	Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown	Network traffic detected: HTTP traffic on port 50188 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50220 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50358 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50072 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50302 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50369 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 50013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50216
Source: unknown	Network traffic detected: HTTP traffic on port 50277 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50337
Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50215
Source: unknown	Network traffic detected: HTTP traffic on port 50254 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50217
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50338
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50219
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50210
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50212
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50333
Source: unknown	Network traffic detected: HTTP traffic on port 50094 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50214
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50335
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50213
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50334
Source: unknown	Network traffic detected: HTTP traffic on port 50071 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50305 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50227
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50348
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50105
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50226
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50347
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50108
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50229
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50228
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50186 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50342
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50220
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50341
Source: unknown	Network traffic detected: HTTP traffic on port 50352 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50243 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50343
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50346
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50224
Source: unknown	Network traffic detected: HTTP traffic on port 50025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50289 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50197 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50359
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50237
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50358
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50118
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50239
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50230
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50351
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50350
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50232
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50353
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50231
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50352
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50355
Source: unknown	Network traffic detected: HTTP traffic on port 50351 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50354
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50236
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50114
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50356
Source: unknown	Network traffic detected: HTTP traffic on port 50001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50360
Source: unknown	Network traffic detected: HTTP traffic on port 49963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50288 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50198 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50213 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50232 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50128
Source: unknown	Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50248
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50369
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50009
Source: unknown	Network traffic detected: HTTP traffic on port 50255 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50241
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50362
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50240
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50361
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50001
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50243
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50364
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50000
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50003
Source: unknown	Network traffic detected: HTTP traffic on port 50224 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50247
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50368
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50367
Source: unknown	Network traffic detected: HTTP traffic on port 50266 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50250
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50370
Source: unknown	Network traffic detected: HTTP traffic on port 50082 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50105 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50315 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50338 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50350 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50267 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50362 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50304
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50303
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50305
Source: unknown	Network traffic detected: HTTP traffic on port 50035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50278 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50070 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50300
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50302
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50304 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50212 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50315
Source: unknown	Network traffic detected: HTTP traffic on port 50361 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50314
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50316
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50279 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50310
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50047 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50163 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50204
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50325
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50207
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50196 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50316 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50320
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50203
Source: unknown	Network traffic detected: HTTP traffic on port 50372 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50069 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50054
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50296
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50295
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50177
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50298
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50055
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50178
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50299
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50263 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50286 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50181
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50183
Source: unknown	Network traffic detected: HTTP traffic on port 50068 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50343 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50320 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50251 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50186
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50064
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50188
Source: unknown	Network traffic detected: HTTP traffic on port 50056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50187
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50069
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50068
Source: unknown	Network traffic detected: HTTP traffic on port 50240 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50216 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50183 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50070
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50191
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50071
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50192
Source: unknown	Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50204 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50227 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50252 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50275 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50197
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50196
Source: unknown	Network traffic detected: HTTP traffic on port 50057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50077
Source: unknown	Network traffic detected: HTTP traffic on port 50114 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50198
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50081
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50080
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50083
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50082
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50085
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50084
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50086
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50354 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50241 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50094
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50096
Source: unknown	Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50095
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50149 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50252
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50251
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50372
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50254
Source: unknown	Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50253
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50255
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50016
Source: unknown	Network traffic detected: HTTP traffic on port 50353 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50015
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50261
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50260
Source: unknown	Network traffic detected: HTTP traffic on port 50215 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50230 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50253 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50149
Source: unknown	Network traffic detected: HTTP traffic on port 50299 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50263
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50262
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50267
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown	Network traffic detected: HTTP traffic on port 50226 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50266
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50269
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50026
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50268
Source: unknown	Network traffic detected: HTTP traffic on port 50000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50270
Source: unknown	Network traffic detected: HTTP traffic on port 50021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50272
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50271
Source: unknown	Network traffic detected: HTTP traffic on port 50342 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50298 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50274
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50273
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50276
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50275
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50157
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50278
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50277
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50038
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50037
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50279
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50281
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50280
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50283
Source: unknown	Network traffic detected: HTTP traffic on port 50341 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50364 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50203 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50276 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50171 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50285
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50163
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50284
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50045
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50287
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50165
Source: unknown	Network traffic detected: HTTP traffic on port 50115 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50044
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50286
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50047
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50289
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50046
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50288
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50048
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50169
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50290
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50171
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50292
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50291
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50294
Source: unknown	Network traffic detected: HTTP traffic on port 50287 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50293
Source: unknown	Network traffic detected: HTTP traffic on port 50044 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50214 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50231 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50260 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50283 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50248 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50334 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50219 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50300 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50271 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50237 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50346 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50368 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50272 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49994 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50192 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50207 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50294 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50181 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 50229 -> 443

Source: classification engine

Classification label: mal64.phis.win@57/55@100/25

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=2024,i,11406649310732958746,6476825312988514925,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://metameaskloginr.webflow.io/"
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Downloads\downloaded (1).htm"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1924,i,7478094689977708542,5430438820238343461,262144 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=2024,i,11406649310732958746,6476825312988514925,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1924,i,7478094689977708542,5430438820238343461,262144 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	2 Browser Extensions	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	1 Registry Run Keys / Startup Folder	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	3 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	4 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
https://metameaskloginr.webflow.io/	100%	Avira URL Cloud	phishing

Source	Detection	Scanner	Label
https://www.folders911.com/images/logo.webp	0%	Avira URL Cloud	safe
https://www.folders911.com/UP/product_25.jpg	0%	Avira URL Cloud	safe
https://www.folders911.com/js/prototype.js	0%	Avira URL Cloud	safe
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_15.jpg	0%	Avira URL Cloud	safe
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_07.jpg	0%	Avira URL Cloud	safe
https://www.folders911.com/images/ink_pop.pdf	0%	Avira URL Cloud	safe
https://www.folders911.com/images/loading6.gif	0%	Avira URL Cloud	safe
https://ameddingpersusan.com/3418ba94-35fb-478e-8775-4bf99813581f	0%	Avira URL Cloud	safe
https://www.folders911.com	0%	Avira URL Cloud	safe
https://www.folders911.com/ajaxn.php?pid=1&qty=100&sizeid=28&catid=25&turnid=4dayprice&opt=pfolder_price1&proof=0&ch=1&ch=1undefined&ch=1undefined&ch=1&ch=1&ch=1undefined&ch=1&pocket=0&ch=1&pockets=Left%20Pocket&ch=1&ch=1&ch=1&stocks=36&ch=1&coating=&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&c=1undefined&c=1&c=1undefined&c=1undefined&c=1&template=&c=1undefined&c=1&ft_val=0&c=1&bk_val=0&c=1&free_template_url=0&c=1&free_template_url2=0&_=	0%	Avira URL Cloud	safe
https://www.folders911.com/images/logo.png	0%	Avira URL Cloud	safe
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_13.jpg	0%	Avira URL Cloud	safe
https://www.folders911.com/favicon.ico	0%	Avira URL Cloud	safe
http://folders911.com/envelope-designer/gallery.php?c=25&s=108	0%	Avira URL Cloud	safe
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=64d06a686ff6fe477045d93d	0%	Avira URL Cloud	safe
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_09.jpg	0%	Avira URL Cloud	safe
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_11.jpg	0%	Avira URL Cloud	safe
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_03.jpg	0%	Avira URL Cloud	safe
file:///C:/Users/user/Downloads/downloaded.htm	0%	Avira URL Cloud	safe
https://www.folders911.com/images/headbg.jpg	0%	Avira URL Cloud	safe
https://www.folders911.com/images/footbg.webp	0%	Avira URL Cloud	safe
https://www.folders911.com/images/trans.gif	0%	Avira URL Cloud	safe
https://www.folders911.com/presentation-folders.php	0%	Avira URL Cloud	safe
https://www.folders911.com/images/shoping_cart_box.png	0%	Avira URL Cloud	safe
http://titheenvelope.com/designer/designer_frame	0%	Avira URL Cloud	safe
https://www.folders911.com/images/box_1.png	0%	Avira URL Cloud	safe
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_18.jpg	0%	Avira URL Cloud	safe
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_05.jpg	0%	Avira URL Cloud	safe
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_20.jpg	0%	Avira URL Cloud	safe
https://www.folders911.com/images/Linked-in.avif	0%	Avira URL Cloud	safe
https://folders911.blogspot.com/	0%	Avira URL Cloud	safe
https://www.folders911.com/services/presentation-folders-printing	0%	Avira URL Cloud	safe
https://www.folders911.com/chat-code.js	0%	Avira URL Cloud	safe
https://www.folders911.com/images/onlinedbutton.png	0%	Avira URL Cloud	safe
https://www.folders911.com/style_sheet/style.css	0%	Avira URL Cloud	safe
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_22.jpg	0%	Avira URL Cloud	safe
https://www.folders911.com/contact-us	0%	Avira URL Cloud	safe
https://www.folders911.com/images/help.png	0%	Avira URL Cloud	safe
file:///C:/Users/user/Downloads/downloaded%20(1).htm	0%	Avira URL Cloud	safe
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_16.jpg	0%	Avira URL Cloud	safe
https://www.folders911.com/images/ssl.gif	0%	Avira URL Cloud	safe
https://www.folders911.com/images/tumblr.avif	0%	Avira URL Cloud	safe
https://www.folders911.com/images/twitter.jpg	0%	Avira URL Cloud	safe
https://www.folders911.com/images/logo_blogger.avif	0%	Avira URL Cloud	safe
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_08.jpg	0%	Avira URL Cloud	safe
file:///C:/Users/user/Downloads/downloaded%20(2).htm	0%	Avira URL Cloud	safe
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_14.jpg	0%	Avira URL Cloud	safe
https://www.folders911.com/images/box_2.png	0%	Avira URL Cloud	safe
https://folders911.tumblr.com/	0%	Avira URL Cloud	safe
https://www.folders911.com/style_sheet/main-md-sm-xs.css	0%	Avira URL Cloud	safe
https://www.folders911.com/images/aque_coating.pdf	0%	Avira URL Cloud	safe
https://www.folders911.com/js/scripts.js	0%	Avira URL Cloud	safe
https://www.folders911.com/images/pinterest.avif	0%	Avira URL Cloud	safe
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_01.jpg	0%	Avira URL Cloud	safe
https://www.folders911.com/	0%	Avira URL Cloud	safe
https://www.folders911.com/images/Quora.avif	0%	Avira URL Cloud	safe
https://www.folders911.com/images/facebook.jpg	0%	Avira URL Cloud	safe
http://ww16.ameddingpersusan.com/search/tsc.php?ses=ogctPd1yzw7zXdEira5z0E4dvvUiTuJ2BOHYQ9sX2pIn3Zp9jSvNIHrtKHXlSt-EqPvl3FdbIkpk9nz5LbuWmF5nRiuCYWNkRu-43q3CchAHeSinui3Qd-TPswjJZ3f2LGE0mSMnd0JCWRBZVjCJoDSQgoLt_5zJzZIPx642MPL_gZeWeEedwYzrqSbwebdk5fZjPjxxXk8b9_0h1cStJtfEEL7N7pYkEREw0ySiFkvH1TPuSaXcc-TXBoYO8v4Ljwd4auTnW6JjWHpkiFCtKGoXkVwcB017DwjUrTZHMvNBYuoeX0C1Qhniv9ELTp9RKMJB9Iju2hy4G9SGRmcXWoUomZTiR-LmWGyTFuHIkKPCqRo-Fama17Tl5ujIg&cv=2	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
www.sedoparking.com	64.190.63.136	true	false	high
syndicatedsearch.goog	172.217.16.206	true	false	high
s-part-0017.t-0009.t-msedge.net	13.107.246.45	true	false	high
d3e54v103j8qbb.cloudfront.net	18.244.20.221	true	false	high
code.jquery.com	151.101.194.137	true	false	high
metameaskloginr.webflow.io	104.18.36.248	true	true	unknown
waws-prod-blu-025.eastus.cloudapp.azure.com	40.76.210.54	true	false	high
vip1.g5.cachefly.net	204.93.142.142	true	false	high
cc.sedoparking.com	64.190.63.210	true	false	high
cdn.prod.website-files.com	104.18.161.117	true	false	high
ameddingpersusan.com	103.224.182.210	true	false	high
www.google.com	142.250.185.196	true	false	high
googlehosted.l.googleusercontent.com	142.250.186.161	true	false	high
folders911.com	155.138.141.200	true	false	unknown
ww16.ameddingpersusan.com	unknown	unknown	false	high
afs.googleusercontent.com	unknown	unknown	false	high
www.folders911.com	unknown	unknown	false	high
img.sedoparking.com	unknown	unknown	false	high
api-main-us-east.velaro.com	unknown	unknown	false	high
api-engagement-us-east.velaro.com	unknown	unknown	false	high
api-visitor-us-east.velaro.com	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://api-main-us-east.velaro.com/v1/20885/Endpoints	false		high
https://www.folders911.com/images/logo.webp	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/UP/product_25.jpg	false	Avira URL Cloud: safe	unknown
https://api-main-us-east.velaro.com/v1/20885/EngagementConfiguration?groupId=6968	false		high
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_15.jpg	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_07.jpg	false	Avira URL Cloud: safe	unknown
https://ameddingpersusan.com/3418ba94-35fb-478e-8775-4bf99813581f	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/images/ink_pop.pdf	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/ajaxn.php?pid=1&qty=100&sizeid=28&catid=25&turnid=4dayprice&opt=pfolder_price1&proof=0&ch=1&ch=1undefined&ch=1undefined&ch=1&ch=1&ch=1undefined&ch=1&pocket=0&ch=1&pockets=Left%20Pocket&ch=1&ch=1&ch=1&stocks=36&ch=1&coating=&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&c=1undefined&c=1&c=1undefined&c=1undefined&c=1&template=&c=1undefined&c=1&ft_val=0&c=1&bk_val=0&c=1&free_template_url=0&c=1&free_template_url2=0&_=	false	Avira URL Cloud: safe	unknown
https://www.google.com/adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true	false		high
https://www.folders911.com/js/prototype.js	false	Avira URL Cloud: safe	unknown
http://ww16.ameddingpersusan.com/caf/?ses=Y3JlPTE3Mzc2NzcxNDQmdGNpZD13dzE2LmFtZWRkaW5ncGVyc3VzYW4uY29tNjc5MmQ5NTgzYzE5YTQuMjc0MzI4MjImdGFzaz1zZWFyY2gmZG9tYWluPWFtZWRkaW5ncGVyc3VzYW4uY29tJmFfaWQ9MyZzZXNzaW9uPVhabjRNRDlCMWN1U1JtcjQxTEZV&query=Custom+Folders+with+Pockets&afdToken=ChMItsfB6IeNiwMV19ACBx2ikDSQEmQBlLqpj94hoGhprE1xoDQrp5FV54wfTN36DrBy01NcpC5x4m361p5UbDvH7XHpn_Q2FX-iCuhscgO47Ew-yXZHGwPISWV9SQ_QP1IsGSR6NA_UK22kMs7u-Vi7O3MnnLqAHl_MIAE&pcsa=false&nb=0&nm=10&nx=314&ny=78&is=700x534&clkt=3&suid=33609955838	false		unknown
https://www.folders911.com/images/loading6.gif	false	Avira URL Cloud: safe	unknown
https://www.google.com/images/afs/snowman.png	false		high
https://api-engagement-us-east.velaro.com/v1/20885/availability?groupId=6968	false		high
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=64d06a686ff6fe477045d93d	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/favicon.ico	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_13.jpg	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/images/logo.png	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_09.jpg	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_11.jpg	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_03.jpg	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/images/headbg.jpg	false	Avira URL Cloud: safe	unknown
https://api-visitor-us-east.velaro.com/v1/20885/VisitorSession	false		high
file:///C:/Users/user/Downloads/downloaded.htm	false	Avira URL Cloud: safe	unknown
https://api-visitor-us-east.velaro.com/v1/20885/GroupSelection	false		high
https://www.folders911.com/images/footbg.webp	false	Avira URL Cloud: safe	unknown
https://api-visitor-us-east.velaro.com/v1/20885/Invites	false		high
https://www.folders911.com/images/trans.gif	false	Avira URL Cloud: safe	unknown
http://img.sedoparking.com/templates/logos/sedo_logo.png	false		high
https://www.folders911.com/images/shoping_cart_box.png	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_20.jpg	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/images/box_1.png	false	Avira URL Cloud: safe	unknown
http://img.sedoparking.com/templates/bg/multi-arrows.png	false		high
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_05.jpg	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_18.jpg	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/images/Linked-in.avif	false	Avira URL Cloud: safe	unknown
https://cdn.prod.website-files.com/64d06a686ff6fe477045d93d/64d06a881c7aed371aa5e075_metmask%20banner.png	false		high
https://www.folders911.com/chat-code.js	false	Avira URL Cloud: safe	unknown
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff	false		high
https://afs.googleusercontent.com/svg/right_chevron_icon.svg?c=%23000000	false		high
https://www.folders911.com/images/onlinedbutton.png	false	Avira URL Cloud: safe	unknown
https://cdn.prod.website-files.com/64d06a686ff6fe477045d93d/css/metameaskloginr.webflow.8ede22f79.css	false		high
https://www.folders911.com/style_sheet/style.css	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_22.jpg	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/images/help.png	false	Avira URL Cloud: safe	unknown
file:///C:/Users/user/Downloads/downloaded%20(1).htm	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_16.jpg	false	Avira URL Cloud: safe	unknown
http://ww16.ameddingpersusan.com/3418ba94-35fb-478e-8775-4bf99813581f?sub1=20250124-1105-431e-a5e7-d066b480a916	false		unknown
https://www.folders911.com/images/ssl.gif	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/images/tumblr.avif	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_08.jpg	false	Avira URL Cloud: safe	unknown
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23000000	false		high
https://api-visitor-us-east.velaro.com/v1/20885/Visitor/GoogleAnalyticsId	false		high
https://www.folders911.com/images/twitter.jpg	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/images/logo_blogger.avif	false	Avira URL Cloud: safe	unknown
file:///C:/Users/user/Downloads/downloaded%20(2).htm	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/presentation-folders.php?gad_source=5&gclid=EAIaIQobChMIs92l7oeNiwMVrJSDBx1n9Ca5EAAYASAAEgJ4lfD_BwE	true		unknown
https://cdn.prod.website-files.com/64d06a686ff6fe477045d93d/64d06c663ebce026879e1f6f_metamask_favicon-.png	false		high
https://afs.googleusercontent.com/svg/larger-globe.svg?c=%2380868B	false		high
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_14.jpg	false	Avira URL Cloud: safe	unknown
https://api-engagement-us-east.velaro.com/v1/20885/settings?groupId=6968	false		high
https://www.folders911.com/images/box_2.png	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/images/pinterest.avif	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/style_sheet/main-md-sm-xs.css	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/js/scripts.js	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/images/aque_coating.pdf	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/template/thumb/TemplatesWithGuides_Page_01.jpg	false	Avira URL Cloud: safe	unknown
https://metameaskloginr.webflow.io/	true		unknown
https://api-visitor-us-east.velaro.com/v1/20885/Visitor	false		high
https://www.folders911.com/images/Quora.avif	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/images/facebook.jpg	false	Avira URL Cloud: safe	unknown
http://ww16.ameddingpersusan.com/search/tsc.php?ses=ogctPd1yzw7zXdEira5z0E4dvvUiTuJ2BOHYQ9sX2pIn3Zp9jSvNIHrtKHXlSt-EqPvl3FdbIkpk9nz5LbuWmF5nRiuCYWNkRu-43q3CchAHeSinui3Qd-TPswjJZ3f2LGE0mSMnd0JCWRBZVjCJoDSQgoLt_5zJzZIPx642MPL_gZeWeEedwYzrqSbwebdk5fZjPjxxXk8b9_0h1cStJtfEEL7N7pYkEREw0ySiFkvH1TPuSaXcc-TXBoYO8v4Ljwd4auTnW6JjWHpkiFCtKGoXkVwcB017DwjUrTZHMvNBYuoeX0C1Qhniv9ELTp9RKMJB9Iju2hy4G9SGRmcXWoUomZTiR-LmWGyTFuHIkKPCqRo-Fama17Tl5ujIg&cv=2	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://www.folders911.com	downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	false	Avira URL Cloud: safe	unknown
https://ampcid.google.com/v1/publisher:getClientId	chromecache_243.8.dr, chromecache_252.8.dr	false		high
https://www.google.com	chromecache_245.8.dr	false		high
https://api-main-us-east.velaro.com/	chromecache_244.8.dr, chromecache_253.8.dr	false		high
https://stats.g.doubleclick.net/j/collect	chromecache_252.8.dr	false		high
http://folders911.com/envelope-designer/gallery.php?c=25&s=108	downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	false	Avira URL Cloud: safe	unknown
http://signalr.net/	chromecache_241.8.dr, chromecache_247.8.dr	false		high
https://www.folders911.com/presentation-folders.php	45f42837-d1cf-4740-a835-2728c41bd748.tmp.0.dr	false	Avira URL Cloud: safe	unknown
https://www.linkedin.com/in/folders911/	downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	false		high
https://cct.google/taggy/agent.js	chromecache_239.8.dr, chromecache_245.8.dr	false		high
http://titheenvelope.com/designer/designer_frame	downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	false	Avira URL Cloud: safe	unknown
https://jquery.com/	chromecache_241.8.dr, chromecache_247.8.dr	false		high
https://www.google.%/ads/ga-audiences	chromecache_243.8.dr, chromecache_252.8.dr	false		high
https://folders911.blogspot.com/	downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	false	Avira URL Cloud: safe	unknown
https://www.folders911.com/services/presentation-folders-printing	downloaded.htm.crdownload.0.dr	false	Avira URL Cloud: safe	unknown
https://sizzlejs.com/	chromecache_241.8.dr, chromecache_247.8.dr	false		high
https://www.folders911.com/contact-us	downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	false	Avira URL Cloud: safe	unknown
http://jquery.org/license	chromecache_241.8.dr, chromecache_247.8.dr	false		high
https://folders911.tumblr.com/	downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	false	Avira URL Cloud: safe	unknown
https://www.quora.com/profile/Folders911	downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	false		high
https://www.folders911.com/	downloaded.htm.crdownload.0.dr, 45f42837-d1cf-4740-a835-2728c41bd748.tmp.0.dr	false	Avira URL Cloud: safe	unknown
https://api-engagement-us-east.velaro.com/	chromecache_248.8.dr, chromecache_263.8.dr	false		high
https://www.pinterest.com/folders911	downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	false		high
http://www.bbb.org/central-florida/business-reviews/image-and-graphics-printing/alpha-press-in-orlan	downloaded (2).htm.crdownload.0.dr, downloaded (1).htm.crdownload.0.dr, downloaded.htm.crdownload.0.dr	false		high
https://api-visitor-us-east.velaro.com/	chromecache_248.8.dr, chromecache_263.8.dr	false		high
https://googleads.g.doubleclick.net	chromecache_245.8.dr	false		high
https://tagassistant.google.com/	chromecache_243.8.dr, chromecache_252.8.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
104.18.160.117	unknown	United States	13335	CLOUDFLARENETUS	false
104.18.161.117	cdn.prod.website-files.com	United States	13335	CLOUDFLARENETUS	false
205.234.175.175	unknown	United States	30081	CACHENETWORKSUS	false
40.76.210.54	waws-prod-blu-025.eastus.cloudapp.azure.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
151.101.130.137	unknown	United States	54113	FASTLYUS	false
172.217.18.4	unknown	United States	15169	GOOGLEUS	false
103.224.182.210	ameddingpersusan.com	Australia	133618	TRELLIAN-AS-APTrellianPtyLimitedAU	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.185.196	www.google.com	United States	15169	GOOGLEUS	false
172.217.16.193	unknown	United States	15169	GOOGLEUS	false
104.18.36.248	metameaskloginr.webflow.io	United States	13335	CLOUDFLARENETUS	true
64.190.63.136	www.sedoparking.com	United States	11696	NBS11696US	false
18.244.20.221	d3e54v103j8qbb.cloudfront.net	United States	16509	AMAZON-02US	false
64.190.63.210	cc.sedoparking.com	United States	11696	NBS11696US	false
142.250.186.132	unknown	United States	15169	GOOGLEUS	false
151.101.194.137	code.jquery.com	United States	54113	FASTLYUS	false
155.138.141.200	folders911.com	United States	20473	AS-CHOOPAUS	false
142.250.186.161	googlehosted.l.googleusercontent.com	United States	15169	GOOGLEUS	false
18.244.20.134	unknown	United States	16509	AMAZON-02US	false
151.101.2.137	unknown	United States	54113	FASTLYUS	false
204.93.142.142	vip1.g5.cachefly.net	United States	30081	CACHENETWORKSUS	false
142.250.181.228	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.4
192.168.2.6
192.168.2.5

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1598188
Start date and time:	2025-01-24 01:04:40 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 5m 32s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://metameaskloginr.webflow.io/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	9
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal64.phis.win@57/55@100/25
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.185.67, 216.58.206.78, 142.251.173.84, 142.250.186.142, 142.250.185.142, 142.250.184.238, 172.217.18.106, 142.250.184.227, 142.250.186.138, 172.217.16.138, 142.250.184.226, 199.232.214.172, 2.23.77.188, 142.250.185.194, 142.250.186.42, 216.58.206.42, 142.250.186.170, 142.250.185.170, 142.250.185.138, 142.250.184.202, 142.250.185.74, 216.58.212.170, 142.250.185.106, 172.217.18.10, 216.58.212.138, 142.250.186.74, 142.250.184.234, 172.217.16.202, 172.217.23.106, 142.250.181.234, 142.250.185.174, 142.250.181.238, 142.250.186.162, 142.250.185.98, 142.250.186.46, 142.250.186.40, 216.58.206.46, 216.58.206.72, 142.250.184.200, 142.250.74.194, 142.250.186.78, 142.250.185.78, 142.250.184.232, 216.58.206.35, 172.217.16.142, 34.104.35.123, 142.250.185.99, 142.250.185.195, 172.217.18.3, 172.217.16.206, 108.177.15.84, 172.217.18.8, 142.250.185.72, 142.250.181.232, 142.250.186.106, 216.58.206.74, 142.250.185.202, 142.250.185.234, 142.250.186.99, 142.250.186.174, 142.250.185.
Excluded domains from analysis (whitelisted): www.googleadservices.com, slscr.update.microsoft.com, eastprodcdn.azureedge.net, partner.googleadservices.com, clientservices.googleapis.com, clients2.google.com, ocsp.digicert.com, redirector.gvt1.com, www.googletagmanager.com, update.googleapis.com, www.google-analytics.com, optimizationguide-pa.googleapis.com, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, otelrules.azureedge.net, fonts.gstatic.com, ajax.googleapis.com, ctldl.windowsupdate.com, eastprodcdn.afd.azureedge.net, fe3cr.delivery.mp.microsoft.com, edgedl.me.gvt1.com, azureedge-t-prod.trafficmanager.net, clients.l.google.com
HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtOpenFile calls found.
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://metameaskloginr.webflow.io/

Input	Output
URL: https://metameaskloginr.webflow.io Model: Joe Sandbox AI	```json{ "brand": "MetaMask", "brand_classification": "known", "legit_url": "https://metamask.io", "similarity": 8, "spoofed": 9, "reasoning": "The URL 'metameaskloginr.webflow.io' appears to be a typosquatting attempt targeting the known brand MetaMask. The legitimate URL for MetaMask is 'metamask.io'. The analyzed URL uses a visual character substitution by replacing 'mask' with 'meask', which could easily be overlooked by users. Additionally, the inclusion of 'loginr' suggests an attempt to mimic a login page, which is a common tactic in phishing attempts. The use of 'webflow.io' as a domain extension is not inherently suspicious, but in this context, it does not suggest a legitimate purpose unrelated to MetaMask. The high similarity score is due to the structural and character-level resemblance to the legitimate brand URL, and the likelihood of user confusion is high, leading to a high spoofed score."}
URL: https://metameaskloginr.webflow.io
URL: http://ww16.ameddingpersusan.com/3418ba94-35fb-478... Model: Joe Sandbox AI	{ "risk_score": 6, "reasoning": "The provided JavaScript snippet exhibits several behaviors that raise moderate security concerns. It includes external data transmission, fallback domains, and aggressive DOM manipulation, which collectively warrant a medium risk score. While the script appears to have some legitimate purposes, such as analytics and related search functionality, the use of obfuscated parameters and interactions with potentially untrusted domains introduce an element of suspicion that requires further review." }
var onclick_param_l=dto.signedLink;var onclick_value_l=dto.gFeedSES.default;var onclick_value_al=dto.gFeedSES.alternate;var onclick_param_v=dto.visitorViewId;var onclick_value_v=dto.visitorViewIdJsAds;var fb="";var fb_token="";if(dto.postActionParameter){fb=dto.pu+dto.postActionParameter.feedback;if(dto.postActionParameter.token.pageLoaded){fb_token=dto.postActionParameter.token.pageLoaded}}var pu=dto.pu;var ds=dto.adultFlag;var pus=dto.pus;var tlt=dto.contentType;var dsb=dto.searchbox;var pdto={caf:{colorBackground:"transparent"}};if(dto.jsParameter){for(let key in dto.jsParameter.request){pdto.caf[key]=dto.jsParameter.request[key]}}(function(){let pageOptions=pdto.caf;let noAds=pdto.caf.noAds;delete pdto.caf.noAds;pageOptions.resultsPageBaseUrl=pu+"/caf/?"+pus;let clickControlParams={};clickControlParams[onclick_param_l]=onclick_value_l;clickControlParams[onclick_param_v]=onclick_value_v;function setRlsAmount(){cafEl.forEach(function(part,index){if(cafEl[index].meta.layoutTypes.indexOf(dto.contentType)!==-1&&cafEl[index].caf.type==="relatedsearch"){cafEl[index].caf.number=dto.numberRelatedLinks}})}function addClickTrackUrl(cafObject){let params=Object.keys(clickControlParams).map(function(key){return encodeURIComponent(key)+"="+encodeURIComponent(clickControlParams[key])}).join("&");let parkingClickTrack="//"+dto.clickControlHost+"/search/cc.php?"+params;if(dto.clickTrack.length>0){dto.clickTrack.forEach(function(part,index){this[index]=encodeURI(this[index])},dto.clickTrack);cafObject.clicktrackUrl=[parkingClickTrack].concat(dto.clickTrack)}else{cafObject.clicktrackUrl=parkingClickTrack}}pageOptions.pageLoadedCallback=function(requestAccepted,status){let fb_add_params="";function isAdultStatusCallbackRequired(){if(!("adult"in status)){return false}if(ds===false&&status.adult===true){return true}if(ds===true&&status.adult===false){return true}return false}function isErrorCodeCallbackRequired(){if(!("error_code"in status)){return false}if(isAdultStatusCallbackRequired()&&26===status.error_code){return false}return true}if(isAdultStatusCallbackRequired()){fb_add_params+="&as="+status.adult+"&gc="+status.client}if(isErrorCodeCallbackRequired()){fb_add_params+="&ec="+parseInt(status.error_code)}if(fb_add_params.length===0\|\|fb_token.length===0){return}let request=new XMLHttpRequest;request.open("GET",fb+fb_token+fb_add_params,true);request.send()};function collectCafObjects(){let cafObjects=[pageOptions];cafEl.forEach(function(part,index){if(cafEl[index].meta.layoutTypes.indexOf(tlt)===-1){return}if(cafEl[index].caf.type==="ads"){addClickTrackUrl(cafEl[index].caf);cafEl[index].caf.number=noAds}pdto.caf.uiOptimize=dto.uiOptimize;if(cafEl[index].caf.type==="relatedsearch"&&dto.rls.length>0){return}if(cafEl[index].caf.type==="searchbox"&&dsb===false){return}cafObjects.push(cafEl[index].caf)});return cafObjects}function appendCafRls(){if(dto.rls.length<=0){return}let start=0;let cafRlObjects=[pdto.caf];cafEl.forEach(function(part,index){if(cafEl[index].meta.layoutTypes.indexOf(dto.contentType)!==-1&&cafEl[index].caf.type==="relatedsearch"){let stop=start+cafEl[index].caf.number;let terms=[];for(var i=start;i<stop;i++){if(i>dto.rls.length-1){break}terms[i]=dto.rls[i].term;start=i+1}cafEl[index].caf.terms=terms.join(",");cafEl[index].caf.optimizeTerms=false;cafRlObjects.push(cafEl[index].caf)}});createCaf.apply(this,cafRlObjects)}if(typeof google!=="undefined"){window.createCaf=function(){function F(args){return google.ads.domains.Caf.apply(this,args)}F.prototype=google.ads.domains.Caf.prototype;return function(){return new F(arguments)}}();setRlsAmount();if(dto.advt===1&&dto.contentType!==2&&dto.contentType!==3){appendCafRls()}let cafObjects=collectCafObjects();if(cafObjects.length>1){createCaf.apply(this,cafObjects)}}})();function tscCall(dto){const request=new XMLHttpRequest;request.open("GET",dto.pu+"/search/tsc.php?"+dto.tscQs);request.send()}function isFacebookCookieSet(){const cookieArray=decodeURIComponent(document.cookie)
URL: http://ww16.ameddingpersusan.com/caf/?ses=Y3JlPTE3... Model: Joe Sandbox AI	{ "risk_score": 6, "reasoning": "The script exhibits several moderate-risk indicators, including external data transmission, fallback domains, and aggressive DOM manipulation. While some of the behavior may be related to legitimate functionality like analytics or tracking, the use of obfuscated code and interaction with potentially untrusted domains raises concerns. Further review is recommended to determine the script's true intent and potential risks." }
var dto = {"uiOptimize":false,"singleDomainName":"ameddingpersusan.com","domainName":"ameddingpersusan.com","domainPrice":500,"domainCurrency":"EUR","adultFlag":false,"pu":"//ww16.ameddingpersusan.com","dnsh":true,"dpsh":true,"toSell":true,"cdnHost":"img.sedoparking.com","adblockkey":" data-adblockkey=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_yJLvZul0O1QW7Gz56z8CK+QZFhgb5FfJjPmKscVoka4+h/3rtKJsEuAnaDJvGOisoNBPozTyLj64hPe0DDursA==","tid":"3189","buybox":false,"buyboxTopic":true,"disclaimer":true,"imprint":false,"searchbox":false,"noFollow":false,"slsh":false,"ppsh":true,"dnhlsh":true,"toSellUrl":"","toSellText":"","searchboxPath":"//ww16.ameddingpersusan.com/parking.php","searchParams":{"ses":"Y3JlPTE3Mzc2NzcxNTcmdGNpZD13dzE2LmFtZWRkaW5ncGVyc3VzYW4uY29tNjc5MmQ5NTgzYzE5YTQuMjc0MzI4MjImdGFzaz1zZWFyY2gmZG9tYWluPWFtZWRkaW5ncGVyc3VzYW4uY29tJmFfaWQ9MSZzZXNzaW9uPVhabjRNRDlCMWN1U1JtcjQxTEZVJnRyYWNrcXVlcnk9MQ=="},"imprintUrl":false,"contactUsUrl":false,"contentType":1,"t":"search","pus":"ses=Y3JlPTE3Mzc2NzcxNTcmdGNpZD13dzE2LmFtZWRkaW5ncGVyc3VzYW4uY29tNjc5MmQ5NTgzYzE5YTQuMjc0MzI4MjImdGFzaz1zZWFyY2gmZG9tYWluPWFtZWRkaW5ncGVyc3VzYW4uY29tJmFfaWQ9MyZzZXNzaW9uPVhabjRNRDlCMWN1U1JtcjQxTEZV","postActionParameter":{"feedback":"/search/fb.php?ses=","token":{"pageLoaded":"1565ee8049046bb701737677157cb2403d90a8a50b"}},"gFeedSES":{"default":"ogcFIoaLpmcOxgNn0xyINdr0E2z0X75_81SaOEEQOTuFcX1XhQS9F1K2IAylVmcg45wfuk9oPXIa_QcaOHV_JWnLEPffFn4hXoB06bCajWMUxxZTbDp5Q9-Ec7h9-raMqmz3UH7jlTgtIRCm5cN3Du2-ANG_of_ylSgdSqaDUL4XNV0DP34-6UNglt9ytuqsoFuGKuGgJX8YCJQH6qVtIludfJKWvhD_e5EYFCwoEpYkXQhXJd99lO0BmorqyrF_7xFQiiXsfCTMWAzehwAsR9vH0YlJyq1ypL0GJ3A25Ei5jisOkUfKN8Tu_Xis3IAES0qx1dcz6DDAxWLHnhqYHRsgBqPrVpaYUlHR2k6Qk0qsPsq2B-8plzLOvDAn6uoo3kK_K623Xo-HLrWPGGt2X4mplrd0EQ2mkkSvG46t7H--jFZvRSPbmKD1MsMrgCanc5Y3mriUKOcj-4cW6wRrCAzYcJ94bfiPdDGiIPpnxzpok1UaJkK5Vja63-PyA9UQdqdu-ShOl27bKjqutDI64z4A8MXUxeLy7MqxiL6jL9Sp0esjnd3hJxSgXBNLI9WaOpujntvWB2xSCQqIx1Hi-k0le6nh_gxYedZ0cbW-1VNZF2cWsAp3BvCc1eFSphAuUqih5BLS2FBKCcALGZMPCKB","alternate":""},"visitorViewIdJsAds":"YzJiYzllYjk2Y2YxMDk1YzY0OTE2NmIyNTljMGQ1MTIJMQl3dzE2LmFtZWRkaW5ncGVyc3VzYW4uY29tNjc5MmQ5NTgzYzE5YTQuMjc0MzI4MjIJd3cxNi5hbWVkZGluZ3BlcnN1c2FuLmNvbTY3OTJkOTY1YmIzYzQ0Ljk5ODg2NDQ3CTE3Mzc2NzcxNTcJMA==","jsParameter":{"request":{"pubId":"dp-sedo92_3ph","domainRegistrant":"as-drid-2777688820344496","kw":"","adtest":"off","adsafe":"low","uiOptimize":"true","hl":"en","noAds":"3","ivt":true,"channel":"exp-0046,exp-0051,auxa-control-1,445328"}},"ads":[],"adv":1,"advt":1,"rls":[],"numberRelatedLinks":3,"waUrl":"/search/portal.php?l=ogcFIoaLpmcOxgNn0xyINdr0E2z0X75_81SaOEEQOTuFcX1XhQS9F1K2IAylVmcg45wfuk9oPXIa_QcaOHV_JWnLEPffFn4hXoB06bCajWMUxxZTbDp5Q9-Ec7h9-raMqmz3UH7jlTgtIRCm5cN3Du2-ANG_of_ylSgdSqaDUL4XNV0DP34-6UNglt9ytuqsoFuGKuGgJX8YCJQH6qVtIludfJKWvhD_e5EYFCwoEpYkXQhXJd99lO0BmorqyrF_7xFQiiXsfCTMWAzehwAsR9vH0YlJyq1ypL0GJ3A25Ei5jisOkUfKN8Tu_Xis3IAES0qx1dcz6DDAxWLHnhqYHRsgBqPrVpaYUlHR2k6Qk0qsPsq2B-8plzLOvDAn6uoo3kK_K623Xo-HLrWPGGt2X4mplrd0EQ2mkkSvG46t7H--jFZvRSPbmKD1MsMrgCanc5Y3mriUKOcj-4cW6wRrCAzYcJ94bfiPdDGiIPpnxzpok1UaJkK5Vja63-PyA9UQdqdu-ShOl27bKjqutDI64z4A8MXUxeLy7MqxiL6jL9Sp0esjnd3hJxSgXBNLI9WaOpujntvWB2xSCQqIx1Hi-k0le6nh_gxYedZ0cbW-1VNZF2cWsAp3BvCc1eFSphAuUqih5BLS2FBKCcALGZMPCKB","tsc":true,"tscQs":"ses=ogctPd1yzw7zXdEira5z0E4dvvUiTuJ2BOHYQ9sX2pIn3Zp9jSvNIHrtKHXlSt-EqPvl3FdbIkpk9nz5LbuWmF5nRiuCYWNkRu-43q3CchAHeSinui3Qd-TPswjJZ3f2LGE0mSMnd0JCWRBZVjCJoDSQgoLt_5zJzZIPx642MPL_gZeWeEedwYzrqSbwebdk5fZjPjxxXk8b9_0h1cStJtfEEL7N7pYkEREw0ySiFkvH1TPuSaXcc-TXBoYO8v4Ljwd4auTnW6JjWHpkiFCtKGoXkVwcB017DwjUrTZHMvNBYuoeX0C1Qhniv9ELTp9RKMJB9Iju2hy4G9SGRmcXWoUomZTiR-LmWGyTFuHIkKPCqRo-Fama17Tl5ujIg&cv=2","lang":"en","maid":59,"sedoParkingUrl":"https://www.sedo.com/services/parking.php3","dbg":false,"signedLink":"l","visitorViewId":"v","registrar_params":[],"clickTrack":[],"cookieMessage":false,"cookieMessageInteractive":false,"executeTrackingPixels":false,"cmpBa
URL: https://www.folders911.com/presentation-folders.ph... Model: Joe Sandbox AI	{ "risk_score": 1, "reasoning": "The provided JavaScript snippet appears to be a simple function that checks if a form field has a non-zero value before submitting the form. This behavior is common for form validation and does not exhibit any high-risk indicators. The script is likely benign and used for legitimate purposes." }
function checktemplate(){ if(document.getElementById('template').value!=0){ document.quote_frm.submit(); }else{ alert('Please select Own Design/ Free Template'); } }
URL: http://ww16.ameddingpersusan.com/3418ba94-35fb-478... Model: Joe Sandbox AI	{ "risk_score": 6, "reasoning": "The script exhibits several moderate-risk indicators, including external data transmission, fallback domains, and aggressive DOM manipulation. While some of the behavior may be related to legitimate functionality like analytics or tracking, the use of obfuscated code and interaction with potentially untrusted domains raises concerns. Further investigation would be needed to determine the full extent of the script's activities and its overall risk profile." }
var dto = {"uiOptimize":false,"singleDomainName":"ameddingpersusan.com","domainName":"ameddingpersusan.com","domainPrice":500,"domainCurrency":"EUR","adultFlag":false,"pu":"//ww16.ameddingpersusan.com","dnsh":true,"dpsh":true,"toSell":true,"cdnHost":"img.sedoparking.com","adblockkey":" data-adblockkey=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_HX3F7d8MMt7MIFpwHnZO2CZaiWtPY1EayqUrDlSBRpsPlV4Pm+4P5Sy7sv5anUk/BlfL74wJZXfC2gCbBxaT6g==","tid":3196,"buybox":true,"buyboxTopic":true,"disclaimer":true,"imprint":false,"searchbox":true,"noFollow":false,"slsh":false,"ppsh":true,"dnhlsh":true,"toSellUrl":"https://sedo.com/search/details/?partnerid=14456&language=us&domain=ameddingpersusan.com&origin=parking&utm_medium=Parking&utm_campaign=template&utm_source=3196","toSellText":"","searchboxPath":"//ww16.ameddingpersusan.com/parking.php","searchParams":{"ses":"Y3JlPTE3Mzc2NzcxNDQmdGNpZD13dzE2LmFtZWRkaW5ncGVyc3VzYW4uY29tNjc5MmQ5NTgzYzE5YTQuMjc0MzI4MjImdGFzaz1zZWFyY2gmZG9tYWluPWFtZWRkaW5ncGVyc3VzYW4uY29tJmFfaWQ9MSZzZXNzaW9uPVhabjRNRDlCMWN1U1JtcjQxTEZVJnRyYWNrcXVlcnk9MQ=="},"imprintUrl":false,"contactUsUrl":false,"contentType":5,"t":"content","pus":"ses=Y3JlPTE3Mzc2NzcxNDQmdGNpZD13dzE2LmFtZWRkaW5ncGVyc3VzYW4uY29tNjc5MmQ5NTgzYzE5YTQuMjc0MzI4MjImdGFzaz1zZWFyY2gmZG9tYWluPWFtZWRkaW5ncGVyc3VzYW4uY29tJmFfaWQ9MyZzZXNzaW9uPVhabjRNRDlCMWN1U1JtcjQxTEZV","postActionParameter":{"feedback":"/search/fb.php?ses=","token":{"pageLoaded":"9af340ba601bb6780173767714465bc6f44f7abee0"}},"gFeedSES":{"default":"ogcavFOBvsGGrM_rWsqDb_d-jSscPEix1QQs9mOQT7dqbpaw2NDpzDSfAtFDulwcsS5Ujvn7fQO7LNqsti6815aMIC-N9jha-sF5H1wd0tGv_RwR8vWAohi6RCP2cdbhVZqwzWYsk4c_sYBZDo0KOmQaSnkWKj2RunL3PaaudMTfk1De6bYD-vnrWUmBYWR4skXMezMu6EM2EX8Vjs19NXnemaJa5GRMA5x6Gu-3xS107uXGIHjU8cadTJZwQ95TgTxWT8bbk-O_2il3dFNF0OIbg6Wg_QrD7Wi_X3aZ2NdWNEcaccOnS9v7fDFhDI_92Ge1vO4tXOeO4NSfXWt7i-hoDQF0X3Kp7C-ZAKq0yjpX31b-3Bir_VCyEMM9_49bjvLeE0nWwegdy7bP_4wLS41kirZhpYVooUvORVOPb1m2XixTlUwkYOCjdyyw4Jdb4tSIm0RmMV1likizMnehdAUtSUtiA7L12xJEws8XFMJD3i1g_GUuks8DT-McWZE2jSU_WI6mCMWkuo-IPTmX0NwKbu4Vi24YohbP4tb-00ax8_T5QAierY0wjBVZ3GKMBb_jucO29ie3jwu6JcAADyMc-LZt8rdX9HCGh6PgzlhlPqydrM1UWWURLDuR4hwD2MR","alternate":""},"visitorViewIdJsAds":"MDdiMTI3NjQwMzI5NjI4YzY4NWZjMThkMWExNzBkYTYJMQl3dzE2LmFtZWRkaW5ncGVyc3VzYW4uY29tNjc5MmQ5NTgzYzE5YTQuMjc0MzI4MjIJd3cxNi5hbWVkZGluZ3BlcnN1c2FuLmNvbTY3OTJkOTU4M2MxYzYyLjg1MDQ1MjE0CTE3Mzc2NzcxNDQJMA==","jsParameter":{"request":{"pubId":"dp-sedo92_3ph","domainRegistrant":"as-drid-2777688820344496","kw":"","adtest":"off","adsafe":"low","uiOptimize":"true","hl":"en","noAds":5,"ivt":true,"channel":"exp-0051,auxa-control-1,445328"}},"ads":[],"adv":1,"advt":1,"rls":[],"numberRelatedLinks":3,"waUrl":"/search/portal.php?l=ogcavFOBvsGGrM_rWsqDb_d-jSscPEix1QQs9mOQT7dqbpaw2NDpzDSfAtFDulwcsS5Ujvn7fQO7LNqsti6815aMIC-N9jha-sF5H1wd0tGv_RwR8vWAohi6RCP2cdbhVZqwzWYsk4c_sYBZDo0KOmQaSnkWKj2RunL3PaaudMTfk1De6bYD-vnrWUmBYWR4skXMezMu6EM2EX8Vjs19NXnemaJa5GRMA5x6Gu-3xS107uXGIHjU8cadTJZwQ95TgTxWT8bbk-O_2il3dFNF0OIbg6Wg_QrD7Wi_X3aZ2NdWNEcaccOnS9v7fDFhDI_92Ge1vO4tXOeO4NSfXWt7i-hoDQF0X3Kp7C-ZAKq0yjpX31b-3Bir_VCyEMM9_49bjvLeE0nWwegdy7bP_4wLS41kirZhpYVooUvORVOPb1m2XixTlUwkYOCjdyyw4Jdb4tSIm0RmMV1likizMnehdAUtSUtiA7L12xJEws8XFMJD3i1g_GUuks8DT-McWZE2jSU_WI6mCMWkuo-IPTmX0NwKbu4Vi24YohbP4tb-00ax8_T5QAierY0wjBVZ3GKMBb_jucO29ie3jwu6JcAADyMc-LZt8rdX9HCGh6PgzlhlPqydrM1UWWURLDuR4hwD2MR","tsc":true,"tscQs":"ses=ogcOSkeE3r4qYoFFBKyxJBitg7RsdSXi9RiofG9VKKQGOaFQGwgB4bS8pQ5xP2RKBb5a8QL72iSMzpsi7A4QEZB8eh3rbdGRQENA20ZIOgJKAvFoLUPBj0Uv75m-nSxHEeVj5RDgppQWDvyTIP8_pJiOGtkbMdk8e3TIXYkiB75jtCm_3-GnAYddBvD1naZsltaYe3EW4aYNIrkRd4M2Dvq899mTmks8eyCdnKuRi8LYT4C35we7w8tmhghRN-IuGwqEA8GWLv5KDfTSAFjHMuHG-YVNVOi5D1OtB2RL56dqD2uzqUHtWTwmGOztT1olMj4tuVQtk7v2NVUnBFBRBEMAgn4aLToxrYpf6yP4bTx4eNHI0bLovyYsF-cnA&cv=2","lang":"en","maid":59,"sedoParkingUrl":"https://www.sedo.com/services/parking.php3","dbg":false,"signedLink":"l","visitorViewId":"v","registrar_params":[],"
URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.... Model: Joe Sandbox AI	{ "risk_score": 1, "reasoning": "This appears to be the standard jQuery library, which is a widely used and trusted JavaScript library. The code does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or obfuscated code/URLs. The behaviors observed are typical of a legitimate JavaScript library, including DOM manipulation, event handling, and utility functions. While the code uses some older APIs like `XDomainRequest`, these pose minor risks and are not inherently malicious. Overall, this script is considered low risk." }
/! jQuery v3.5.1 \| (c) JS Foundation and other contributors \| jquery.org/license / !function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n\|\|E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"object"==typeof e\|\|"function"==typeof e?n[o.call(e)]\|\|"object":typeof e}var f="3.5.1",S=function(e,t){return new S.fn.init(e,t)};function p(e){var t=!!e&&"length"in e&&e.length,n=w(e);return!m(e)&&!x(e)&&("array"===n\|\|0===t\|\|"number"==typeof t&&0<t&&t-1 in e)}S.fn=S.prototype={jquery:f,constructor:S,length:0,toArray:function(){return s.call(this)},get:function(e){return null==e?s.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=S.merge(this.constructor(),e);return t.prevObject=this,t},each:function(e){return S.each(this,e)},map:function(n){return this.pushStack(S.map(this,function(e,t){return n.call(e,t,e)}))},slice:function(){return this.pushStack(s.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},even:function(){return this.pushStack(S.grep(this,function(e,t){return(t+1)%2}))},odd:function(){return this.pushStack(S.grep(this,function(e,t){return t%2}))},eq:function(e){var t=this.length,n=+e+(e<0?t:0);return this.pushStack(0<=n&&n<t?[this[n]]:[])},end:function(){return this.prevObject\|\|this.constructor()},push:u,sort:t.sort,splice:t.splice},S.extend=S.fn.extend=function(){var e,t,n,r,i,o,a=arguments[0]\|\|{},s=1,u=arguments.length,l=!1;for("boolean"==typeof a&&(l=a,a=arguments[s]\|\|{},s++),"object"==typeof a\|\|m(a)\|\|(a={}),s===u&&(a=this,s--);s<u;s++)if(null!=(e=arguments[s]))for(t in e)r=e[t],"__proto__"!==t&&a!==r&&(l&&r&&(S.isPlainObject(r)\|\|(i=Array.isArray(r)))?(n=a[t],o=i&&!Array.isArray(n)?[]:i\|\|S.isPlainObject(n)?n:{},i=!1,a[t]=S.extend(l,o,r)):void 0!==r&&(a[t]=r));return a},S.extend({expando:"jQuery"+(f+Math.random()).replace(/\D/g,""),isReady:!0,error:function(e){throw new Error(e)},noop:function(){},isPlainObject:function(e){var t,n;return!(!e\|\|"[object Object]"!==o.call(e))&&(!(t=r(e))\|\|"function"==typeof(n=v.call(t,"constructor")&&t.constructor)&&a.call(n)===l)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},globalEval:function(e,t,n){b(e,{nonce:t&&t.nonce},n)},each:function(e,t){var n,r=0;if(p(e)){for(n=e.length;r<n;r++)if(!1===t.call(e[r],r,e[r]))break}else for(r in e)if(!1===t.call(e[r],r,e[r]))break;return e},makeArray:function(e,t){var n=t\|\|[];return null!=e&&(p(Object(e))?S.merge(n,"string"==typeof e?[e]:e):u.call(n,e)),n},inArray:function(e,t,n){return null==t?-1:i.call(t,e,n)},merge:function(e,t){for(var n=+t.length,r=0,i=e.length;r<n;r++)e[i++]=t[r];return e.length=i,e},grep:function(e,t,n){for(var r=[],i=0,o=e.length,a=!n;i<o;i++)!t(e[i],i)!==a&&r.push(e[i]);return r},map:function(e,t,n){var r,i,o=0,a=[];if(p(e))for(r=e.length;o<r;o++)null!=(i=t(e[o],o,n))&&a.push(i);else for(o in e)null!=(i=t(e[o],o,n))&&a.push(i);return g(a)},guid:1,support:y}),"function"==typeof Symbol&&(S.fn[Symbol.iterator]=t[Symbol.iterator]),S.each("Boolean Number String Function Array Date RegExp Object Error Symbol".split(" "),function(e,t){n["[object "+t+"]"]=t.toLowerCase()});var d=function(n){var e,d,b,o,i,h,f,g,w,u,l,T,C,a,E,v,s,c,y,S="sizzle"+1*new Date,p=n.document,
URL: https://www.folders911.com/js/scripts.js... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The provided JavaScript code appears to be a utility function for opening a popup window with a specific URL and dimensions. It does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or obfuscated code. The code is primarily focused on window management and does not exhibit any suspicious behavior. Additionally, the URL being used is for a known domain (folders911.com), which suggests a legitimate context. Overall, the risk score is low, and the code can be considered benign." }
// JavaScript Document function openWin(file){ var url = "https://www.folders911.com/"+file; var title = "Presentation Folders"; PopupCenter(url, title, 900, 600); } function PopupCenter(url, title, w, h) { // Fixes dual-screen position Most browsers Firefox var dualScreenLeft = window.screenLeft != undefined ? window.screenLeft : window.screenX; var dualScreenTop = window.screenTop != undefined ? window.screenTop : window.screenY; var width = window.innerWidth ? window.innerWidth : document.documentElement.clientWidth ? document.documentElement.clientWidth : screen.width; var height = window.innerHeight ? window.innerHeight : document.documentElement.clientHeight ? document.documentElement.clientHeight : screen.height; var left = ((width / 2) - (w / 2)) + dualScreenLeft; var top = ((height / 2) - (h / 2)) + dualScreenTop; var newWindow = window.open(url, title, 'toolbar=no,scrollbars=yes, width=' + w + ', height=' + h + ', top=' + top + ', left=' + left); // Puts focus on the newWindow if (window.focus) { newWindow.focus(); } } function FillCustomBrochure(val){ if(val==1){ var msg = ""; var organization_name1 = document.getElementById('organization_name1').value; var organization_address = document.getElementById('organization_address').value; var organization_email = document.getElementById('organization_email').value; var organization_phone = document.getElementById('organization_phone').value; var logo = document.getElementById('logos').value; var organization_state = document.getElementById('organization_state').value; var organization_detail = document.getElementById('organization_detail').value; var organization_color = document.getElementById('organization_color').value; var organization_contact = document.getElementById('organization_contact').value; if(organization_name1==""){ msg +="Please enter company name\n"; } if(organization_address==""){ msg +="Please enter address\n"; } if(organization_email==""){ msg +="Please enter email or web\n"; } if(organization_phone==""){ msg +="Please enter phone number\n"; } if(logo==""){ msg +="Please select logo\n"; } if(organization_state==""){ msg +="Please enter state\n"; } if(organization_detail==""){ msg +="Please enter information\n"; } if(organization_color==""){ msg +="Please enter color\n"; } if(organization_contact==""){ msg +="Please enter Contact information\n"; } if(msg==""){ document.getElementById('basicgray').style.display='none'; document.getElementById('div_2').style.display='none'; document.getElementById('div_15').style.display='none'; }else{ alert(msg); } }else{ document.getElementById('basicgray').style.display='none'; document.getElementById('div_2').style.display='none'; document.getElementById('template').value='0' } } function refreshopt(catid){ get_prod_prices(catid); /var sizeid = $('sizes').value; var opt = $('opt').value; var params = 'pid=2&catid='+catid+'&sizeid='+sizeid+'&opt='+opt; $('opt').innerHTML='Loading....'; var url = 'ajaxn.php'; var myAjax = new Ajax.Updater('opt',url, {method: 'get', parameters: params}); / } function get_prod_prices(catid){ //alert(catid); var sizeid = $('sizes').value; var qty = $('qty').value; var opt = $('opt').value; var turnid = $('turnaround').value; var proof = $('proof').value; var windows =''; if(catid==1){ var hole_placement = $('hole_placement').value; var hole ='&hole_placement='+hole_placement; var stock ='&stocks='+ $('stocks').value; var coating ='&coating='+ $('coating').value; var colors ='&colorss='+ $('colorss').value; }else{ var hole=''; } if(catid==2){ var
URL: https://www.folders911.com/presentation-folders.ph... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The provided JavaScript code appears to be a simple function that opens a new window with a specific URL, and hides some HTML elements on the current page. This behavior is common for web applications that allow users to preview or design content. The code does not exhibit any high-risk indicators, such as dynamic code execution, data exfiltration, or obfuscation. The functions are straightforward and do not appear to have any malicious intent. Therefore, the risk score is low." }
function showPreview(ID) { window.open("http://titheenvelope.com/designer/designer_frame"+ID+".php","Online-Designer","scrollbars=1,location=0,directories=0,menubar=0,status=0,width=990,height=750,resize=no"); document.getElementById('basicmodal').style.display='none'; document.getElementById('basicgray').style.display='none'; document.getElementById('basicmodal2').style.display='none'; document.getElementById('browse_template').style.display='none'; document.getElementById('free_template').style.display='none'; } function showPreviewD(URL) { window.open(URL,"Online-Designer","scrollbars=no,location=0,directories=0,menubar=0,status=0,width=990,height=750,resize=no"); document.getElementById('basicmodal').style.display='none'; document.getElementById('basicgray').style.display='none'; document.getElementById('basicmodal2').style.display='none'; document.getElementById('browse_template').style.display='none'; document.getElementById('free_template').style.display='none'; }
URL: https://www.folders911.com/presentation-folders.ph... Model: Joe Sandbox AI	{ "risk_score": 5, "reasoning": "The script dynamically loads a JavaScript file from an external domain, which could potentially be used for data exfiltration or other malicious purposes. However, the script does not exhibit any high-risk behaviors like dynamic code execution or obfuscation, and the domain name 'folders911.com' does not immediately raise suspicion. Further investigation may be needed to determine the legitimacy of the script's purpose." }
var s = document.createElement('script'); s.id = 'widgets/shim'; s.src = 'https://www.folders911.com/chat-code.js'; s.async = true; s.defer = true; document.getElementsByTagName('head')[0].appendChild(s);
URL: https://www.folders911.com/js/prototype.js... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The provided JavaScript snippet appears to be a part of the Prototype JavaScript framework, which is a legitimate and widely-used library. It does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or obfuscated code. The script primarily focuses on providing utility functions, object extension, and event handling, which are common and expected behaviors in a framework of this nature. While it uses some legacy practices like `XDomainRequest`, these pose minor risks and are not inherently malicious. Overall, this script is likely benign and intended for legitimate use cases." }
/* Prototype JavaScript framework, version 1.3.1 * (c) 2005 Sam Stephenson <sam@conio.net> * * THIS FILE IS AUTOMATICALLY GENERATED. When sending patches, please diff * against the source tree, available from the Prototype darcs repository. * * Prototype is freely distributable under the terms of an MIT-style license. * * For details, see the Prototype web site: http://prototype.conio.net/ * /--------------------------------------------------------------------------/ var Prototype = { Version: '1.3.1', emptyFunction: function() {} } var Class = { create: function() { return function() { this.initialize.apply(this, arguments); } } } var Abstract = new Object(); Object.extend = function(destination, source) { for (property in source) { destination[property] = source[property]; } return destination; } Object.prototype.extend = function(object) { return Object.extend.apply(this, [this, object]); } Function.prototype.bind = function(object) { var __method = this; return function() { __method.apply(object, arguments); } } Function.prototype.bindAsEventListener = function(object) { var __method = this; return function(event) { __method.call(object, event \|\| window.event); } } Number.prototype.toColorPart = function() { var digits = this.toString(16); if (this < 16) return '0' + digits; return digits; } var Try = { these: function() { var returnValue; for (var i = 0; i < arguments.length; i++) { var lambda = arguments[i]; try { returnValue = lambda(); break; } catch (e) {} } return returnValue; } } /--------------------------------------------------------------------------/ var PeriodicalExecuter = Class.create(); PeriodicalExecuter.prototype = { initialize: function(callback, frequency) { this.callback = callback; this.frequency = frequency; this.currentlyExecuting = false; this.registerCallback(); }, registerCallback: function() { setInterval(this.onTimerEvent.bind(this), this.frequency * 1000); }, onTimerEvent: function() { if (!this.currentlyExecuting) { try { this.currentlyExecuting = true; this.callback(); } finally { this.currentlyExecuting = false; } } } } /--------------------------------------------------------------------------/ function $() { var elements = new Array(); for (var i = 0; i < arguments.length; i++) { var element = arguments[i]; if (typeof element == 'string') element = document.getElementById(element); if (arguments.length == 1) return element; elements.push(element); } return elements; } if (!Array.prototype.push) { Array.prototype.push = function() { var startLength = this.length; for (var i = 0; i < arguments.length; i++) this[startLength + i] = arguments[i]; return this.length; } } if (!Function.prototype.apply) { // Based on code from http://www.youngpup.net/ Function.prototype.apply = function(object, parameters) { var parameterStrings = new Array(); if (!object) object = window; if (!parameters) parameters = new Array(); for (var i = 0; i < parameters.length; i++) parameterStrings[i] = 'parameters[' + i + ']'; object.__apply__ = this; var result = eval('object.__apply__(' + parameterStrings.join(', ') + ')'); object.__apply__ = null; return result; } } String.prototype.extend({ stripTags: function() { return this.replace(/<\/?[^>]+>/gi, ''); }, escapeHTML: function() { var div = document.createElement('div'); var text = document.createTextNode(this); div.appendChild(text); return div.innerHTML; }, unescapeHTML: function() { var div = document.creat
URL: https://metameaskloginr.webflow.io/ Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "A crypto wallet & gateway to blockchain apps", "prominent_button_name": "Download for", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false, "page_classification": "file hosting" } Google indexed: False

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://metameaskloginr.webflow.io/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Windows Analysis Report
https://metameaskloginr.webflow.io/