Edit tour

Windows Analysis Report
https://trezorewllet.webflow.io/

Overview

General Information

Sample URL:	https://trezorewllet.webflow.io/
Analysis ID:	1638960
Infos:

Detection

HTMLPhisher

Score:	64
Range:	0 - 100
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Yara detected HtmlPhish64

AI detected landing page (webpage, office document or email)

AI detected suspicious URL

Creates files inside the system directory

Deletes files inside the Windows folder

Detected non-DNS traffic on DNS port

Drops files with a non-matching file extension (content does not match file extension)

HTML page contains hidden javascript code

Sample execution stops while process was sleeping (likely an evasion)

Classification

Process Tree

System is w10x64

chrome.exe (PID: 472 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)

chrome.exe (PID: 5256 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2092,i,10821691785136042850,10674702246833228324,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2120 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)

chrome.exe (PID: 7052 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://trezorewllet.webflow.io/" MD5: E81F54E6C1129887AEA47E7D092680BF)

conhost.exe (PID: 3336 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

chrome.exe (PID: 4488 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)

chrome.exe (PID: 1864 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "C:\Users\user\Downloads\downloaded (2).htm" MD5: E81F54E6C1129887AEA47E7D092680BF)

chrome.exe (PID: 7044 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --metrics-shmem-handle=1964,i,1521385490743556988,16212202123071933184,524288 --field-trial-handle=2040,i,194206186397504397,5955453874656790405,262144 --variations-seed-version=20250314-130103.800000 --mojo-platform-channel-handle=2148 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)

cleanup

Yara Signatures

HTML

Source	Rule	Description	Author	Strings
0.0.pages.csv	JoeSecurity_HtmlPhish_64	Yara detected HtmlPhish_64	Joe Security

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://trezorewllet.webflow.io/

Avira URL Cloud: detection malicious, Label: phishing

Phishing

Yara detected HtmlPhish64

Source: Yara match

File source: 0.0.pages.csv, type: HTML

AI detected landing page (webpage, office document or email)

Source: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE	Joe Sandbox AI: Page contains button: 'FREE ONLINE DESIGNER CLICK HERE' Source: '3.10.pages.csv'
Source: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE	Joe Sandbox AI: Page contains button: 'FREE ONLINE DESIGNER CLICK HERE' Source: '3.12.pages.csv'

AI detected suspicious URL

Source: https://trezorewllet.webflow.io

Joe Sandbox AI: The URL 'https://trezorewllet.webflow.io' appears to be a typosquatting attempt targeting the known cryptocurrency hardware wallet brand 'Trezor'. The legitimate URL for Trezor is 'https://trezor.io'. The analyzed URL uses a visual character substitution by adding 'ewllet' which resembles 'wallet', a term commonly associated with Trezor's products. The use of 'webflow.io' as a domain extension is not inherently suspicious, as Webflow is a legitimate platform for hosting websites. However, the combination of 'trezorewllet' in the subdomain is likely intended to confuse users into thinking they are accessing a legitimate Trezor-related site. The structural similarity and the context of the URL suggest a high likelihood of typosquatting, as it closely mimics the legitimate brand's domain and could easily mislead users.

Source: https://ww25.ameddingpersusan.com/42f19e68-4041-4a2d-a9a2-7cc76eb3fbe2?subid1=20250315-1054-576e-bb2b-3e4171597a42

HTTP Parser: Base64 decoded: {"uuid":"2e03d6e3-ebc3-4b29-94f8-195da8f6609a","page_time":1741996499,"page_url":"https://ww25.ameddingpersusan.com/42f19e68-4041-4a2d-a9a2-7cc76eb3fbe2?subid1=20250315-1054-576e-bb2b-3e4171597a42","page_method":"GET","page_request":{"subid1":"20250315-10...

Source: https://ww25.ameddingpersusan.com/42f19e68-4041-4a2d-a9a2-7cc76eb3fbe2?subid1=20250315-1054-576e-bb2b-3e4171597a42	HTTP Parser: No favicon
Source: https://ww25.ameddingpersusan.com/?caf=1&bpt=345&subid1=20250315-1054-576e-bb2b-3e4171597a42&query=Custom+Folders+with+Pockets&afdToken=ChMIt9an1uKKjAMVNIH9Bx23PyjvEmoBlLqpj8qe5_T878Zj1SIKPDugiU7ZuKU6XSL7NsP25UaaGZCQf0Zeiuox9HqqwGKkqlvny4s7QRaRevVEKjjluHp7II-ainx9OdD-hv4IHwkQbBsoYV0B9xnCnd20pyIF8hPcR5g15RZ-IAE&pcsa=false&nb=0&nm=8&nx=170&ny=36&is=700x363&clkt=3	HTTP Parser: No favicon
Source: https://ww25.ameddingpersusan.com/?caf=1&bpt=345&subid1=20250315-1054-576e-bb2b-3e4171597a42&query=Custom+Folders+with+Pockets&afdToken=ChMIt9an1uKKjAMVNIH9Bx23PyjvEmoBlLqpj8qe5_T878Zj1SIKPDugiU7ZuKU6XSL7NsP25UaaGZCQf0Zeiuox9HqqwGKkqlvny4s7QRaRevVEKjjluHp7II-ainx9OdD-hv4IHwkQbBsoYV0B9xnCnd20pyIF8hPcR5g15RZ-IAE&pcsa=false&nb=0&nm=8&nx=170&ny=36&is=700x363&clkt=3	HTTP Parser: No favicon
Source: https://ww25.ameddingpersusan.com/?caf=1&bpt=345&subid1=20250315-1054-576e-bb2b-3e4171597a42&query=Custom+Folders+with+Pockets&afdToken=ChMIt9an1uKKjAMVNIH9Bx23PyjvEmoBlLqpj8qe5_T878Zj1SIKPDugiU7ZuKU6XSL7NsP25UaaGZCQf0Zeiuox9HqqwGKkqlvny4s7QRaRevVEKjjluHp7II-ainx9OdD-hv4IHwkQbBsoYV0B9xnCnd20pyIF8hPcR5g15RZ-IAE&pcsa=false&nb=0&nm=8&nx=170&ny=36&is=700x363&clkt=3	HTTP Parser: No favicon
Source: https://ww25.ameddingpersusan.com/?caf=1&bpt=345&subid1=20250315-1054-576e-bb2b-3e4171597a42&query=Custom+Folders+with+Pockets&afdToken=ChMIt9an1uKKjAMVNIH9Bx23PyjvEmoBlLqpj8qe5_T878Zj1SIKPDugiU7ZuKU6XSL7NsP25UaaGZCQf0Zeiuox9HqqwGKkqlvny4s7QRaRevVEKjjluHp7II-ainx9OdD-hv4IHwkQbBsoYV0B9xnCnd20pyIF8hPcR5g15RZ-IAE&pcsa=false&nb=0&nm=8&nx=170&ny=36&is=700x363&clkt=3	HTTP Parser: No favicon
Source: https://ww25.ameddingpersusan.com/?caf=1&bpt=345&subid1=20250315-1054-576e-bb2b-3e4171597a42&query=Custom+Folders+with+Pockets&afdToken=ChMIt9an1uKKjAMVNIH9Bx23PyjvEmoBlLqpj8qe5_T878Zj1SIKPDugiU7ZuKU6XSL7NsP25UaaGZCQf0Zeiuox9HqqwGKkqlvny4s7QRaRevVEKjjluHp7II-ainx9OdD-hv4IHwkQbBsoYV0B9xnCnd20pyIF8hPcR5g15RZ-IAE&pcsa=false&nb=0&nm=8&nx=170&ny=36&is=700x363&clkt=3	HTTP Parser: No favicon
Source: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE	HTTP Parser: No favicon
Source: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE	HTTP Parser: No favicon
Source: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE	HTTP Parser: No favicon
Source: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE	HTTP Parser: No favicon
Source: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE	HTTP Parser: No favicon
Source: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE	HTTP Parser: No favicon
Source: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE	HTTP Parser: No favicon
Source: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE	HTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded%20(1).htm	HTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded%20(1).htm	HTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded%20(1).htm	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 142.250.181.228:443 -> 192.168.2.6:49693 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.64.151.8:443 -> 192.168.2.6:49695 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.64.151.8:443 -> 192.168.2.6:49696 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.160.117:443 -> 192.168.2.6:49700 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.160.117:443 -> 192.168.2.6:49699 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.222.232.39:443 -> 192.168.2.6:49697 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.161.117:443 -> 192.168.2.6:49705 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 103.224.182.210:443 -> 192.168.2.6:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 103.224.182.210:443 -> 192.168.2.6:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.59.243.228:443 -> 192.168.2.6:49714 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.36:443 -> 192.168.2.6:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.36:443 -> 192.168.2.6:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.59.243.228:443 -> 192.168.2.6:49720 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.206:443 -> 192.168.2.6:49721 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.181.238:443 -> 192.168.2.6:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.225:443 -> 192.168.2.6:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.225:443 -> 192.168.2.6:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.97:443 -> 192.168.2.6:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.97:443 -> 192.168.2.6:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.58.206.68:443 -> 192.168.2.6:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.100:443 -> 192.168.2.6:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.59.243.205:443 -> 192.168.2.6:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 155.138.141.200:443 -> 192.168.2.6:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 155.138.141.200:443 -> 192.168.2.6:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.2.137:443 -> 192.168.2.6:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 155.138.141.200:443 -> 192.168.2.6:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 155.138.141.200:443 -> 192.168.2.6:49768 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.100:443 -> 192.168.2.6:49792 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.100:443 -> 192.168.2.6:49793 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.194.137:443 -> 192.168.2.6:49874 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 155.138.141.200:443 -> 192.168.2.6:49876 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.100:443 -> 192.168.2.6:49883 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.100:443 -> 192.168.2.6:49885 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49895 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49907 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49908 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49909 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49910 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49912 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49922 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49921 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49923 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49926 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49932 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49937 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49954 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49964 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49967 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49974 version: TLS 1.2

Source: global traffic	TCP traffic: 192.168.2.6:49953 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.6:49882 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.42.65.91
Source: unknown	TCP traffic detected without corresponding DNS query: 20.42.65.91
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.42.65.91
Source: unknown	TCP traffic detected without corresponding DNS query: 20.42.65.91
Source: unknown	TCP traffic detected without corresponding DNS query: 20.42.65.91
Source: unknown	TCP traffic detected without corresponding DNS query: 20.42.65.91
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.42.65.91
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.215
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.215
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: trezorewllet.webflow.ioConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /64f837453a05ffa0050a550a/css/trezorewllet.webflow.66a951ca5.css HTTP/1.1Host: cdn.prod.website-files.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://trezorewllet.webflow.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /64f837453a05ffa0050a550a/js/webflow.24a563ff7.js HTTP/1.1Host: cdn.prod.website-files.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://trezorewllet.webflow.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=64f837453a05ffa0050a550a HTTP/1.1Host: d3e54v103j8qbb.cloudfront.netConnection: keep-aliveOrigin: https://trezorewllet.webflow.iosec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://trezorewllet.webflow.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /64f837453a05ffa0050a550a/64f838805250893ee7ddd782_trezor%20wallet.32.png HTTP/1.1Host: cdn.prod.website-files.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://trezorewllet.webflow.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /64f837453a05ffa0050a550a/64f837d0f19c754015ead1bf_trezor%20wallet.png HTTP/1.1Host: cdn.prod.website-files.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://trezorewllet.webflow.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /64f837453a05ffa0050a550a/64f838805250893ee7ddd782_trezor%20wallet.32.png HTTP/1.1Host: cdn.prod.website-files.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /64f837453a05ffa0050a550a/64f837d0f19c754015ead1bf_trezor%20wallet.png HTTP/1.1Host: cdn.prod.website-files.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CO6MywE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /42f19e68-4041-4a2d-a9a2-7cc76eb3fbe2 HTTP/1.1Host: ameddingpersusan.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://trezorewllet.webflow.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /42f19e68-4041-4a2d-a9a2-7cc76eb3fbe2?subid1=20250315-1054-576e-bb2b-3e4171597a42 HTTP/1.1Host: ww25.ameddingpersusan.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /42f19e68-4041-4a2d-a9a2-7cc76eb3fbe2?subid1=20250315-1054-576e-bb2b-3e4171597a42 HTTP/1.1Host: ww25.ameddingpersusan.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-prefers-color-scheme: lightSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: parking_session=2e03d6e3-ebc3-4b29-94f8-195da8f6609a
Source: global traffic	HTTP traffic detected: GET /bUsDvQYkk.js HTTP/1.1Host: ww25.ameddingpersusan.comConnection: keep-alivesec-ch-ua-platform: "Windows"sec-ch-prefers-color-scheme: lightsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ww25.ameddingpersusan.com/42f19e68-4041-4a2d-a9a2-7cc76eb3fbe2?subid1=20250315-1054-576e-bb2b-3e4171597a42Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: parking_session=2e03d6e3-ebc3-4b29-94f8-195da8f6609a
Source: global traffic	HTTP traffic detected: GET /adsense/domains/caf.js?abp=1&bodis=true HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /X-Client-Data: CO6MywE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://ww25.ameddingpersusan.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_fd?subid1=20250315-1054-576e-bb2b-3e4171597a42 HTTP/1.1Host: ww25.ameddingpersusan.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: parking_session=2e03d6e3-ebc3-4b29-94f8-195da8f6609a
Source: global traffic	HTTP traffic detected: GET /afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol123%2Cpid-bodis-gcontrol495%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=1&rpbu=https%3A%2F%2Fww25.ameddingpersusan.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20250315-1054-576e-bb2b-3e4171597a42&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2589285024539458&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3&nocache=1751741996501653&num=0&output=afd_ads&domain_name=ww25.ameddingpersusan.com&v=3&bsl=8&pac=0&u_his=2&u_tz=-240&dt=1741996501654&u_w=1280&u_h=1024&biw=1280&bih=897&psw=1280&psh=807&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=735462593&rurl=https%3A%2F%2Fww25.ameddingpersusan.com%2F42f19e68-4041-4a2d-a9a2-7cc76eb3fbe2%3Fsubid1%3D20250315-1054-576e-bb2b-3e4171597a42 HTTP/1.1Host: syndicatedsearch.googConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://ww25.ameddingpersusan.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /adsense/domains/caf.js?pac=0 HTTP/1.1Host: syndicatedsearch.googConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1Host: afs.googleusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CO6MywE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1Host: afs.googleusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CO6MywE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_tr HTTP/1.1Host: ww25.ameddingpersusan.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: parking_session=2e03d6e3-ebc3-4b29-94f8-195da8f6609a; __gsas=ID=16d105bac709f136:T=1741996503:RT=1741996503:S=ALNI_MYUX4n2x-006IQ1XYOrw09O0uanKQ
Source: global traffic	HTTP traffic detected: GET /afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=r15zzznj8dm6&cd_fexp=72717108&aqid=18HUZ8nVHaK4juwP4uP1oAw&psid=3113057640&pbt=bs&adbx=290&adby=143&adbh=363&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=735462593&csala=4%7C0%7C1104%7C1187%7C24&lle=0&ifv=1&hpt=0 HTTP/1.1Host: syndicatedsearch.googConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://ww25.ameddingpersusan.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1Host: afs.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /X-Client-Data: CO6MywE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1Host: afs.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /X-Client-Data: CO6MywE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=735z0pwniccp&cd_fexp=72717108&aqid=18HUZ8nVHaK4juwP4uP1oAw&psid=3113057640&pbt=bv&adbx=290&adby=143&adbh=363&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=735462593&csala=4%7C0%7C1104%7C1187%7C24&lle=0&ifv=1&hpt=0 HTTP/1.1Host: syndicatedsearch.googConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://ww25.ameddingpersusan.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?caf=1&bpt=345&subid1=20250315-1054-576e-bb2b-3e4171597a42&query=Custom+Folders+with+Pockets&afdToken=ChMIt9an1uKKjAMVNIH9Bx23PyjvEmoBlLqpj8qe5_T878Zj1SIKPDugiU7ZuKU6XSL7NsP25UaaGZCQf0Zeiuox9HqqwGKkqlvny4s7QRaRevVEKjjluHp7II-ainx9OdD-hv4IHwkQbBsoYV0B9xnCnd20pyIF8hPcR5g15RZ-IAE&pcsa=false&nb=0&nm=8&nx=170&ny=36&is=700x363&clkt=3 HTTP/1.1Host: ww25.ameddingpersusan.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-prefers-color-scheme: lightUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: parking_session=2e03d6e3-ebc3-4b29-94f8-195da8f6609a; __gsas=ID=16d105bac709f136:T=1741996503:RT=1741996503:S=ALNI_MYUX4n2x-006IQ1XYOrw09O0uanKQ
Source: global traffic	HTTP traffic detected: GET /bJHtOCktS.js HTTP/1.1Host: ww25.ameddingpersusan.comConnection: keep-alivesec-ch-ua-platform: "Windows"sec-ch-prefers-color-scheme: lightsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ww25.ameddingpersusan.com/?caf=1&bpt=345&subid1=20250315-1054-576e-bb2b-3e4171597a42&query=Custom+Folders+with+Pockets&afdToken=ChMIt9an1uKKjAMVNIH9Bx23PyjvEmoBlLqpj8qe5_T878Zj1SIKPDugiU7ZuKU6XSL7NsP25UaaGZCQf0Zeiuox9HqqwGKkqlvny4s7QRaRevVEKjjluHp7II-ainx9OdD-hv4IHwkQbBsoYV0B9xnCnd20pyIF8hPcR5g15RZ-IAE&pcsa=false&nb=0&nm=8&nx=170&ny=36&is=700x363&clkt=3Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: parking_session=2e03d6e3-ebc3-4b29-94f8-195da8f6609a; __gsas=ID=16d105bac709f136:T=1741996503:RT=1741996503:S=ALNI_MYUX4n2x-006IQ1XYOrw09O0uanKQ
Source: global traffic	HTTP traffic detected: GET /afs/ads/i/iframe.html HTTP/1.1Host: syndicatedsearch.googConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://ww25.ameddingpersusan.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_fd?caf=1&bpt=345&subid1=20250315-1054-576e-bb2b-3e4171597a42&query=Custom+Folders+with+Pockets&afdToken=ChMIt9an1uKKjAMVNIH9Bx23PyjvEmoBlLqpj8qe5_T878Zj1SIKPDugiU7ZuKU6XSL7NsP25UaaGZCQf0Zeiuox9HqqwGKkqlvny4s7QRaRevVEKjjluHp7II-ainx9OdD-hv4IHwkQbBsoYV0B9xnCnd20pyIF8hPcR5g15RZ-IAE&pcsa=false&nb=0&nm=8&nx=170&ny=36&is=700x363&clkt=3 HTTP/1.1Host: ww25.ameddingpersusan.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: parking_session=2e03d6e3-ebc3-4b29-94f8-195da8f6609a; __gsas=ID=16d105bac709f136:T=1741996503:RT=1741996503:S=ALNI_MYUX4n2x-006IQ1XYOrw09O0uanKQ
Source: global traffic	HTTP traffic detected: GET /afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol123%2Cpid-bodis-gcontrol495%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&sct=ID%3D16d105bac709f136%3AT%3D1741996503%3ART%3D1741996503%3AS%3DALNI_MYUX4n2x-006IQ1XYOrw09O0uanKQ&sc_status=6&hl=en&ivt=1&rpbu=https%3A%2F%2Fww25.ameddingpersusan.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20250315-1054-576e-bb2b-3e4171597a42%26query%3DCustom%2BFolders%2Bwith%2BPockets%26afdToken%3DChMIt9an1uKKjAMVNIH9Bx23PyjvEmoBlLqpj8qe5_T878Zj1SIKPDugiU7ZuKU6XSL7NsP25UaaGZCQf0Zeiuox9HqqwGKkqlvny4s7QRaRevVEKjjluHp7II-ainx9OdD-hv4IHwkQbBsoYV0B9xnCnd20pyIF8hPcR5g15RZ-IAE%26pcsa%3Dfalse%26nb%3D0%26nm%3D8%26nx%3D170%26ny%3D36%26is%3D700x363%26clkt%3D3&max_radlink_len=50&type=0&uiopt=false&swp=as-drid-2589285024539458&q=Custom%20Folders%20with%20Pockets&afdt=ChMIt9an1uKKjAMVNIH9Bx23PyjvEmoBlLqpj8qe5_T878Zj1SIKPDugiU7ZuKU6XSL7NsP25UaaGZCQf0Zeiuox9HqqwGKkqlvny4s7QRaRevVEKjjluHp7II-ainx9OdD-hv4IHwkQbBsoYV0B9xnCnd20pyIF8hPcR5g15RZ-IAE&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717107&format=n3&ad=n3&nocache=7241741996509331&num=0&output=afd_ads&domain_name=ww25.ameddingpersusan.com&v=3&bsl=8&pac=0&u_his=3&u_tz=-240&dt=1741996509332&u_w=1280&u_h=1024&biw=1280&bih=897&psw=1280&psh=807&frm=0&uio=-&cont=ad-1&drt=0&jsid=caf&nfp=1&jsv=735462593&rurl=https%3A%2F%2Fww25.ameddingpersusan.com%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20250315-1054-576e-bb2b-3e4171597a42%26query%3DCustom%2BFolders%2Bwith%2BPockets%26afdToken%3DChMIt9an1uKKjAMVNIH9Bx23PyjvEmoBlLqpj8qe5_T878Zj1SIKPDugiU7ZuKU6XSL7NsP25UaaGZCQf0Zeiuox9HqqwGKkqlvny4s7QRaRevVEKjjluHp7II-ainx9OdD-hv4IHwkQbBsoYV0B9xnCnd20pyIF8hPcR5g15RZ-IAE%26pcsa%3Dfalse%26nb%3D0%26nm%3D8%26nx%3D170%26ny%3D36%26is%3D700x363%26clkt%3D3&referer=https%3A%2F%2Fsyndicatedsearch.goog%2F HTTP/1.1Host: syndicatedsearch.googConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://ww25.ameddingpersusan.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /afs/ads/i/iframe.html HTTP/1.1Host: syndicatedsearch.googConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://ww25.ameddingpersusan.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9If-Modified-Since: Tue, 17 Sep 2024 06:00:00 GMT
Source: global traffic	HTTP traffic detected: GET /svg/larger-globe.svg?c=%2380868B HTTP/1.1Host: afs.googleusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CO6MywE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /svg/right_chevron_icon.svg?c=%23ffffff HTTP/1.1Host: afs.googleusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CO6MywE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/afs/snowman.png HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CO6MywE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_tr HTTP/1.1Host: ww25.ameddingpersusan.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: parking_session=2e03d6e3-ebc3-4b29-94f8-195da8f6609a; __gsas=ID=16d105bac709f136:T=1741996503:RT=1741996503:S=ALNI_MYUX4n2x-006IQ1XYOrw09O0uanKQ
Source: global traffic	HTTP traffic detected: GET /afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=2mwdw2265tft&cd_fexp=72717107&aqid=38HUZ7XAD-mCxdwP_pXwmAs&psid=3113057640&pbt=bs&adbx=381.5&adby=143&adbh=1072&adbw=500&adbah=368%2C368%2C310&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=735462593&csala=17%7C0%7C1290%7C11%7C41&lle=0&ifv=1&hpt=1 HTTP/1.1Host: syndicatedsearch.googConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://ww25.ameddingpersusan.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /svg/larger-globe.svg?c=%2380868B HTTP/1.1Host: afs.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /X-Client-Data: CO6MywE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /svg/right_chevron_icon.svg?c=%23ffffff HTTP/1.1Host: afs.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /X-Client-Data: CO6MywE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/afs/snowman.png HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /X-Client-Data: CO6MywE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=xme5a7vorg2r&cd_fexp=72717107&aqid=38HUZ7XAD-mCxdwP_pXwmAs&psid=3113057640&pbt=bv&adbx=381.5&adby=143&adbh=1072&adbw=500&adbah=368%2C368%2C310&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=735462593&csala=17%7C0%7C1290%7C11%7C41&lle=0&ifv=1&hpt=1 HTTP/1.1Host: syndicatedsearch.googConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://ww25.ameddingpersusan.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE HTTP/1.1Host: www.folders911.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /style_sheet/style.css HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /style_sheet/main-md-sm-xs.css HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /js/scripts.js HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /js/prototype.js HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /images/x.png HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /jquery-latest.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_01.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /images/x.png HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /images/ink_pop.pdf HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /images/stockpopup.pdf HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_01.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /images/aque_coating.pdf HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /ajaxn.php?pid=1&qty=100&sizeid=28&catid=25&turnid=4dayprice&opt=pfolder_price1&proof=0&ch=1&ch=1undefined&ch=1undefined&ch=1&ch=1&ch=1undefined&ch=1&pocket=0&ch=1&pockets=Left%20Pocket&ch=1&ch=1&ch=1&stocks=36&ch=1&coating=&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&c=1undefined&c=1&c=1undefined&c=1undefined&c=1&template=&c=1undefined&c=1&ft_val=0&c=1&bk_val=0&c=1&free_template_url=0&c=1&free_template_url2=0&_= HTTP/1.1Host: www.folders911.comConnection: keep-aliveX-Prototype-Version: 1.3.1sec-ch-ua-platform: "Windows"X-Requested-With: XMLHttpRequestUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /images/logo.png HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /images/onlinedbutton.png HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /images/shoping_cart_box.png HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/style_sheet/style.cssAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /images/loading6.gif HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /UP/product_25.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /images/box_1.png HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /images/headbg.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/style_sheet/style.cssAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /ajaxn.php?pid=1&qty=100&sizeid=28&catid=25&turnid=4dayprice&opt=pfolder_price1&proof=0&ch=1&ch=1undefined&ch=1undefined&ch=1&ch=1&ch=1undefined&ch=1&pocket=0&ch=1&pockets=Left%20Pocket&ch=1&ch=1&ch=1&stocks=36&ch=1&coating=&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&ch=1undefined&c=1undefined&c=1&c=1undefined&c=1undefined&c=1&template=&c=1undefined&c=1&ft_val=0&c=1&bk_val=0&c=1&free_template_url=0&c=1&free_template_url2=0&_= HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /images/onlinedbutton.png HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /images/logo.png HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /images/trans.gif HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /images/header_top_bg.png HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /images/box_2.png HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /images/help.png HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /images/shoping_cart_box.png HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /images/loading6.gif HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /images/box_1.png HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_02.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_03.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_04.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_05.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_06.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_07.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88
Source: global traffic	HTTP traffic detected: GET /images/headbg.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /UP/product_25.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/trans.gif HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/box_2.png HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/header_top_bg.png HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/help.png HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_08.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_09.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_10.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_11.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_12.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_13.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_02.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_03.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_05.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_06.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_04.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_14.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_07.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_15.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_16.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_17.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_18.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_19.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_08.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_09.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_10.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_12.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_20.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_13.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_11.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_21.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_22.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_23.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/logo.webp HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/ssl.gif HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_14.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_16.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_15.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_17.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/facebook.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_18.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_19.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/twitter.jpg HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/logo_blogger.avif HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/Linked-in.avif HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/pinterest.avif HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/Quora.avif HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_20.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_23.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_22.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/logo.webp HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/tumblr.avif HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/ssl.gif HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /template/thumb/TemplatesWithGuides_Page_21.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/footbg.webp HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /chat-code.js HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE HTTP/1.1Host: www.folders911.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE HTTP/1.1Host: www.folders911.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/facebook.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE HTTP/1.1Host: www.folders911.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/twitter.jpg HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/pinterest.avif HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/Linked-in.avif HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/logo_blogger.avif HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/Quora.avif HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /images/tumblr.avif HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.folders911.com/presentation-folders.php?utm_source=google&utm_medium=cpc&utm_campaign=pmax_presentation_folders&utm_term=&gad_source=5&gclid=EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwEAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /jquery-latest.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /chat-code.js HTTP/1.1Host: www.folders911.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/footbg.webp HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.folders911.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj7mb2ahsc22qutgh96jbc8o88; _gcl_aw=GCL.1741996524.EAIaIQobChMI9auD2uKKjAMVaUGRBR3-ChyzEAAYASAAEgJavPD_BwE; _gcl_gs=2.1.k5$i1741996519$u91091853; _gcl_au=1.1.1740783994.1741996524
Source: global traffic	HTTP traffic detected: GET /v1/20885/Endpoints HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: https://www.folders911.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: https://www.folders911.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/Endpoints HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/Endpoints HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/Visitor HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/GroupSelection HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TiPMix=93.02511250415391; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=82tce5oioisv&cd_fexp=72717107&aqid=38HUZ7XAD-mCxdwP_pXwmAs&psid=3113057640&pbt=cd&csacd=21569 HTTP/1.1Host: syndicatedsearch.googConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://ww25.ameddingpersusan.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: https://www.folders911.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/Visitor HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TiPMix=93.02511250415391; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/Visitor HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TiPMix=93.02511250415391; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/Visitor HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TiPMix=93.02511250415391; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/availability?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: https://www.folders911.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/GroupSelection HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TiPMix=93.02511250415391; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/GroupSelection HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TiPMix=93.02511250415391; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/Visitor HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TiPMix=93.02511250415391; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/availability?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TiPMix=94.34928454945923; x-ms-routing-name=self
Source: global traffic	HTTP traffic detected: GET /v1/20885/GroupSelection HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TiPMix=93.02511250415391; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9If-None-Match: "adcbc563-afef-4b1d-a572-3b8be4f44da1"
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TiPMix=94.34928454945923; x-ms-routing-name=selfIf-None-Match: "adcbc563-afef-4b1d-a572-3b8be4f44da1"
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9If-None-Match: "adcbc563-afef-4b1d-a572-3b8be4f44da1"
Source: global traffic	HTTP traffic detected: GET /v1/20885/Invites HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TiPMix=93.02511250415391; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/GroupSelection HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TiPMix=93.02511250415391; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/availability?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TiPMix=94.34928454945923; x-ms-routing-name=selfIf-None-Match: "adcbc563-afef-4b1d-a572-3b8be4f44da1"
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TiPMix=94.34928454945923; x-ms-routing-name=selfIf-None-Match: "adcbc563-afef-4b1d-a572-3b8be4f44da1"
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9If-None-Match: "adcbc563-afef-4b1d-a572-3b8be4f44da1"
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TiPMix=94.34928454945923; x-ms-routing-name=selfIf-None-Match: "adcbc563-afef-4b1d-a572-3b8be4f44da1"
Source: global traffic	HTTP traffic detected: GET /v1/20885/Invites HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TiPMix=93.02511250415391; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/Invites HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TiPMix=93.02511250415391; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/Invites HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TiPMix=93.02511250415391; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/Invites HTTP/1.1Host: api-visitor-us-east.velaro.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: TiPMix=93.02511250415391; x-ms-routing-name=self; ARRAffinity=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a; ARRAffinitySameSite=a4b00dc5bfdf9d77e19e4ba06bdc81ea570769a1414e5b80f7ccaf7703d1dc3a
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9If-None-Match: "adcbc563-afef-4b1d-a572-3b8be4f44da1"
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/availability?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9If-None-Match: "adcbc563-afef-4b1d-a572-3b8be4f44da1"
Source: global traffic	HTTP traffic detected: GET /v1/20885/EngagementConfiguration?groupId=6968 HTTP/1.1Host: api-main-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: https://www.folders911.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9If-None-Match: "adcbc563-afef-4b1d-a572-3b8be4f44da1"
Source: global traffic	HTTP traffic detected: GET /v1/20885/settings?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: https://www.folders911.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9If-None-Match: "adcbc563-afef-4b1d-a572-3b8be4f44da1"
Source: global traffic	HTTP traffic detected: GET /v1/20885/availability?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: https://www.folders911.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/availability?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/20885/availability?groupId=6968 HTTP/1.1Host: api-engagement-us-east.velaro.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json; charset=utf-8sec-ch-ua-mobile: ?0Accept: /Origin: https://www.folders911.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9

Source: d0d5120a-906d-4940-9e51-068bde6c7f6e.tmp.2.dr, ff78f19c-410b-4114-9a87-076c1a63b944.tmp.2.dr, downloaded.htm.crdownload.2.dr	String found in binary or memory: </a> \| <a target="_blank" href="https://www.linkedin.com/in/folders911/"> equals www.linkedin.com (Linkedin)
Source: downloaded.htm.crdownload.2.dr	String found in binary or memory: <dive class="socialicon"><a target="_blank" href="https://www.facebook.com/Folders911-108006070949891/"> <img src="images/facebook.jpg" border="0" width="20" height="20" alt="alpha press facebook"></a> \| <a target="_blank" href="http://www.twitter.com/apiprint"> equals www.facebook.com (Facebook)
Source: d0d5120a-906d-4940-9e51-068bde6c7f6e.tmp.2.dr, ff78f19c-410b-4114-9a87-076c1a63b944.tmp.2.dr, downloaded.htm.crdownload.2.dr	String found in binary or memory: <dive class="socialicon"><a target="_blank" href="https://www.facebook.com/Folders911-108006070949891/"> <img src="images/facebook.jpg" border="0" width="20" height="20" alt="alpha press facebook"></a> \| <a target="_blank" href="http://www.twitter.com/apiprint"> equals www.twitter.com (Twitter)
Source: chromecache_376.3.dr, chromecache_295.3.dr, chromecache_365.3.dr, chromecache_261.3.dr	String found in binary or memory: return f}BG.K="internal.enableAutoEventOnTimer";var bc=wa(["data-gtm-yt-inspected-"]),DG=["www.youtube.com","www.youtube-nocookie.com"],EG,FG=!1; equals www.youtube.com (Youtube)
Source: chromecache_331.3.dr, chromecache_380.3.dr, chromecache_312.3.dr	String found in binary or memory: {"AllowChatRating":true,"AllowChatLineRating":true,"AllowClickToCall":true,"EnableVisitorsToCopyTranscriptsToClipboard":true,"Google":"","Facebook":"https://www.facebook.com/#!/pages/Alpha-Press-Inc/149199941772232","LinkedIn":"","Twitter":"https://www.twitter.com/apiprint","CompanyLogo":"","TitleAvailableText":"Live Chat","TitleUnavailableText":"Live Chat Offline","InlineWindowEyeCatcherEnabled":false,"InlineWindowEyeCatcherOnlineSource":"","InlineWindowEyeCatcherOfflineEnabled":false,"InlineWindowEyeCatcherOfflineSource":"","QueueSystemMessage":"You have been placed in queue. An agent will be with you shortly.","KBHeaderText":"These articles may help. If not, please select continue.","KBButtonText":"Continue","InlineWindowChatRatingEnabled":true,"InlineWindowChatRatingText":"Rate Us","InlineWindowLineRatingEnabled":true,"InlineWindowTypingIndicatorText":"@AgentName is typing...","InlineWindowUploadText":"Upload","EndChatPopupText":"Are you sure you want to end your chat?","InlineWindowEndChatText":"Exit","EmailPopupText":"Enter your email address","InlineWindowEmailText":"Email","InlineWindowPrintText":"Print","InLineChatFacebookVisible":false,"InLineChatTwitterVisible":false,"InLineChatGooglePlusVisible":false,"InLineChatLinkedInVisible":false,"IntroductionText":"Please send us a message to begin chatting.","EnablePrechatSurvey":true,"BotEnabled":false,"PrioritizeAgentsOverBots":false,"PrechatSurvey":{"SurveyID":13798,"DateCreated":"2020-10-22T16:00:22.003Z","LastModified":"2020-10-22T16:00:22.003Z","SiteID":20885,"GroupId":6968,"SiteConfigurationId":null,"SurveyQuestions":[{"QuestionID":48167,"SurveyID":13798,"QuestionType":5,"QuestionText":"What is your name?","Priority":0,"Required":false,"UseCountryCode":null,"MaskVisitorPhone":false,"ValidationFailedMessage":"","InvalidEmailMessage":"Please enter a valid email","HiddenField":true,"DisplayWidth":0,"Html":"","KBSearchQuestion":false,"VariableName":null,"PlaceholderText":null,"SectionID":null,"DefaultSelectText":null,"ExcludedGroupsBlob":null,"GroupOrderBlob":null,"CustomGroupLabelsBlob":null,"SurveyQuestionChoices":[]},{"QuestionID":48168,"SurveyID":13798,"QuestionType":6,"QuestionText":"What is your email address?","Priority":0,"Required":false,"UseCountryCode":null,"MaskVisitorPhone":false,"ValidationFailedMessage":"","InvalidEmailMessage":"Please enter a valid email","HiddenField":true,"DisplayWidth":0,"Html":"","KBSearchQuestion":false,"VariableName":null,"PlaceholderText":null,"SectionID":null,"DefaultSelectText":null,"ExcludedGroupsBlob":null,"GroupOrderBlob":null,"CustomGroupLabelsBlob":null,"SurveyQuestionChoices":[]},{"QuestionID":48169,"SurveyID":13798,"QuestionType":14,"QuestionText":"How can we help you?","Priority":0,"Required":false,"UseCountryCode":null,"MaskVisitorPhone":false,"ValidationFailedMessage":"","InvalidEmailMessage":"Please enter a valid email","HiddenField":true,"DisplayWidth":0,"Html":"","KBSearchQuestion":false,"VariableName":null,"PlaceholderText":null,"Sectio
Source: chromecache_331.3.dr, chromecache_380.3.dr, chromecache_312.3.dr	String found in binary or memory: {"AllowChatRating":true,"AllowChatLineRating":true,"AllowClickToCall":true,"EnableVisitorsToCopyTranscriptsToClipboard":true,"Google":"","Facebook":"https://www.facebook.com/#!/pages/Alpha-Press-Inc/149199941772232","LinkedIn":"","Twitter":"https://www.twitter.com/apiprint","CompanyLogo":"","TitleAvailableText":"Live Chat","TitleUnavailableText":"Live Chat Offline","InlineWindowEyeCatcherEnabled":false,"InlineWindowEyeCatcherOnlineSource":"","InlineWindowEyeCatcherOfflineEnabled":false,"InlineWindowEyeCatcherOfflineSource":"","QueueSystemMessage":"You have been placed in queue. An agent will be with you shortly.","KBHeaderText":"These articles may help. If not, please select continue.","KBButtonText":"Continue","InlineWindowChatRatingEnabled":true,"InlineWindowChatRatingText":"Rate Us","InlineWindowLineRatingEnabled":true,"InlineWindowTypingIndicatorText":"@AgentName is typing...","InlineWindowUploadText":"Upload","EndChatPopupText":"Are you sure you want to end your chat?","InlineWindowEndChatText":"Exit","EmailPopupText":"Enter your email address","InlineWindowEmailText":"Email","InlineWindowPrintText":"Print","InLineChatFacebookVisible":false,"InLineChatTwitterVisible":false,"InLineChatGooglePlusVisible":false,"InLineChatLinkedInVisible":false,"IntroductionText":"Please send us a message to begin chatting.","EnablePrechatSurvey":true,"BotEnabled":false,"PrioritizeAgentsOverBots":false,"PrechatSurvey":{"SurveyID":13798,"DateCreated":"2020-10-22T16:00:22.003Z","LastModified":"2020-10-22T16:00:22.003Z","SiteID":20885,"GroupId":6968,"SiteConfigurationId":null,"SurveyQuestions":[{"QuestionID":48167,"SurveyID":13798,"QuestionType":5,"QuestionText":"What is your name?","Priority":0,"Required":false,"UseCountryCode":null,"MaskVisitorPhone":false,"ValidationFailedMessage":"","InvalidEmailMessage":"Please enter a valid email","HiddenField":true,"DisplayWidth":0,"Html":"","KBSearchQuestion":false,"VariableName":null,"PlaceholderText":null,"SectionID":null,"DefaultSelectText":null,"ExcludedGroupsBlob":null,"GroupOrderBlob":null,"CustomGroupLabelsBlob":null,"SurveyQuestionChoices":[]},{"QuestionID":48168,"SurveyID":13798,"QuestionType":6,"QuestionText":"What is your email address?","Priority":0,"Required":false,"UseCountryCode":null,"MaskVisitorPhone":false,"ValidationFailedMessage":"","InvalidEmailMessage":"Please enter a valid email","HiddenField":true,"DisplayWidth":0,"Html":"","KBSearchQuestion":false,"VariableName":null,"PlaceholderText":null,"SectionID":null,"DefaultSelectText":null,"ExcludedGroupsBlob":null,"GroupOrderBlob":null,"CustomGroupLabelsBlob":null,"SurveyQuestionChoices":[]},{"QuestionID":48169,"SurveyID":13798,"QuestionType":14,"QuestionText":"How can we help you?","Priority":0,"Required":false,"UseCountryCode":null,"MaskVisitorPhone":false,"ValidationFailedMessage":"","InvalidEmailMessage":"Please enter a valid email","HiddenField":true,"DisplayWidth":0,"Html":"","KBSearchQuestion":false,"VariableName":null,"PlaceholderText":null,"Sectio

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: trezorewllet.webflow.io
Source: global traffic	DNS traffic detected: DNS query: cdn.prod.website-files.com
Source: global traffic	DNS traffic detected: DNS query: d3e54v103j8qbb.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: ameddingpersusan.com
Source: global traffic	DNS traffic detected: DNS query: ww25.ameddingpersusan.com
Source: global traffic	DNS traffic detected: DNS query: syndicatedsearch.goog
Source: global traffic	DNS traffic detected: DNS query: afs.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: click-use1.bodis.com
Source: global traffic	DNS traffic detected: DNS query: www.folders911.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: api-main-us-east.velaro.com
Source: global traffic	DNS traffic detected: DNS query: api-visitor-us-east.velaro.com
Source: global traffic	DNS traffic detected: DNS query: api-engagement-us-east.velaro.com
Source: global traffic	DNS traffic detected: DNS query: beacons.gcp.gvt2.com

Source: unknown

HTTP traffic detected: POST /_fd?subid1=20250315-1054-576e-bb2b-3e4171597a42 HTTP/1.1Host: ww25.ameddingpersusan.comConnection: keep-aliveContent-Length: 0sec-ch-ua-platform: "Windows"sec-ch-prefers-color-scheme: lightAccept: application/jsonsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Origin: https://ww25.ameddingpersusan.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ww25.ameddingpersusan.com/42f19e68-4041-4a2d-a9a2-7cc76eb3fbe2?subid1=20250315-1054-576e-bb2b-3e4171597a42Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: parking_session=2e03d6e3-ebc3-4b29-94f8-195da8f6609a

Source: d0d5120a-906d-4940-9e51-068bde6c7f6e.tmp.2.dr, chromecache_352.3.dr, ff78f19c-410b-4114-9a87-076c1a63b944.tmp.2.dr, downloaded.htm.crdownload.2.dr	String found in binary or memory: http://folders911.com/envelope-designer/gallery.php?c=25&s=108
Source: chromecache_240.3.dr, chromecache_271.3.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_337.3.dr	String found in binary or memory: http://prototype.conio.net/
Source: chromecache_240.3.dr, chromecache_271.3.dr	String found in binary or memory: http://signalr.net/
Source: d0d5120a-906d-4940-9e51-068bde6c7f6e.tmp.2.dr, ff78f19c-410b-4114-9a87-076c1a63b944.tmp.2.dr, downloaded.htm.crdownload.2.dr	String found in binary or memory: http://titheenvelope.com/designer/designer_frame
Source: chromecache_282.3.dr	String found in binary or memory: http://underscorejs.org
Source: d0d5120a-906d-4940-9e51-068bde6c7f6e.tmp.2.dr, ff78f19c-410b-4114-9a87-076c1a63b944.tmp.2.dr, downloaded.htm.crdownload.2.dr	String found in binary or memory: http://www.bbb.org/central-florida/business-reviews/image-and-graphics-printing/alpha-press-in-orlan
Source: chromecache_337.3.dr	String found in binary or memory: http://www.youngpup.net/
Source: chromecache_261.3.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_379.3.dr	String found in binary or memory: https://afs.googleusercontent.com/svg/right_chevron_icon.svg?c=%23ffffff
Source: chromecache_305.3.dr	String found in binary or memory: https://ameddingpersusan.com/42f19e68-4041-4a2d-a9a2-7cc76eb3fbe2
Source: chromecache_275.3.dr, chromecache_259.3.dr, chromecache_338.3.dr	String found in binary or memory: https://api-engagement-us-east.velaro.com/
Source: chromecache_288.3.dr, chromecache_257.3.dr	String found in binary or memory: https://api-main-us-east.velaro.com/
Source: chromecache_275.3.dr, chromecache_259.3.dr, chromecache_338.3.dr	String found in binary or memory: https://api-visitor-us-east.velaro.com/
Source: chromecache_275.3.dr, chromecache_259.3.dr, chromecache_338.3.dr	String found in binary or memory: https://app.velaro.com/
Source: chromecache_376.3.dr, chromecache_295.3.dr, chromecache_365.3.dr, chromecache_261.3.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_305.3.dr	String found in binary or memory: https://cdn.prod.website-files.com/64f837453a05ffa0050a550a/64f837d0f19c754015ead1bf_trezor%20wallet
Source: chromecache_305.3.dr	String found in binary or memory: https://cdn.prod.website-files.com/64f837453a05ffa0050a550a/64f838805250893ee7ddd782_trezor%20wallet
Source: chromecache_305.3.dr	String found in binary or memory: https://cdn.prod.website-files.com/64f837453a05ffa0050a550a/css/trezorewllet.webflow.66a951ca5.css
Source: chromecache_305.3.dr	String found in binary or memory: https://cdn.prod.website-files.com/64f837453a05ffa0050a550a/js/webflow.24a563ff7.js
Source: chromecache_305.3.dr	String found in binary or memory: https://cdn.prod.website-files.com/img/webclip.png
Source: b5082596-2990-4ab5-a008-0ea28b6b3676.tmp.2.dr, d0d5120a-906d-4940-9e51-068bde6c7f6e.tmp.2.dr, ff78f19c-410b-4114-9a87-076c1a63b944.tmp.2.dr, downloaded.htm.crdownload.2.dr	String found in binary or memory: https://code.jquery.com/jquery-latest.min.js
Source: chromecache_305.3.dr	String found in binary or memory: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=64f837453a05ffa0050a550
Source: chromecache_288.3.dr, chromecache_275.3.dr, chromecache_259.3.dr, chromecache_257.3.dr, chromecache_338.3.dr	String found in binary or memory: https://eastprodcdn.azureedge.net/
Source: d0d5120a-906d-4940-9e51-068bde6c7f6e.tmp.2.dr, ff78f19c-410b-4114-9a87-076c1a63b944.tmp.2.dr, downloaded.htm.crdownload.2.dr	String found in binary or memory: https://folders911.blogspot.com/
Source: d0d5120a-906d-4940-9e51-068bde6c7f6e.tmp.2.dr, ff78f19c-410b-4114-9a87-076c1a63b944.tmp.2.dr, downloaded.htm.crdownload.2.dr	String found in binary or memory: https://folders911.tumblr.com/
Source: chromecache_313.3.dr, chromecache_263.3.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=
Source: chromecache_249.3.dr, chromecache_361.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI
Source: chromecache_249.3.dr, chromecache_361.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4iaVI
Source: chromecache_249.3.dr, chromecache_361.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4jaVI
Source: chromecache_249.3.dr, chromecache_361.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVI
Source: chromecache_249.3.dr, chromecache_361.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4saVI
Source: chromecache_249.3.dr, chromecache_361.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4taVI
Source: chromecache_249.3.dr, chromecache_361.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI
Source: chromecache_249.3.dr, chromecache_361.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVI
Source: chromecache_249.3.dr, chromecache_361.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B5OaVI
Source: chromecache_249.3.dr, chromecache_361.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B5caVI
Source: chromecache_275.3.dr, chromecache_259.3.dr, chromecache_338.3.dr	String found in binary or memory: https://galleryuseastprod.blob.core.windows.net/
Source: chromecache_282.3.dr	String found in binary or memory: https://github.com/bkwld/tram
Source: chromecache_261.3.dr	String found in binary or memory: https://google.com
Source: chromecache_261.3.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_240.3.dr, chromecache_271.3.dr	String found in binary or memory: https://jquery.com/
Source: chromecache_240.3.dr, chromecache_271.3.dr	String found in binary or memory: https://jquery.org/license
Source: chromecache_261.3.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_376.3.dr, chromecache_313.3.dr, chromecache_295.3.dr, chromecache_365.3.dr, chromecache_263.3.dr, chromecache_261.3.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_313.3.dr, chromecache_263.3.dr	String found in binary or memory: https://partner.googleadservices.com/gampad/cookie.js
Source: chromecache_275.3.dr, chromecache_259.3.dr, chromecache_338.3.dr	String found in binary or memory: https://signalr-engagement-us-east.velaro.com/
Source: chromecache_240.3.dr, chromecache_271.3.dr	String found in binary or memory: https://sizzlejs.com/
Source: chromecache_376.3.dr, chromecache_295.3.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_376.3.dr, chromecache_295.3.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_313.3.dr, chromecache_263.3.dr	String found in binary or memory: https://syndicatedsearch.goog
Source: chromecache_318.3.dr, chromecache_379.3.dr	String found in binary or memory: https://syndicatedsearch.goog/
Source: chromecache_376.3.dr, chromecache_295.3.dr, chromecache_365.3.dr, chromecache_261.3.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_305.3.dr	String found in binary or memory: https://webflow.com
Source: d0d5120a-906d-4940-9e51-068bde6c7f6e.tmp.2.dr, ff78f19c-410b-4114-9a87-076c1a63b944.tmp.2.dr, downloaded.htm.crdownload.2.dr	String found in binary or memory: https://www.folders911.com
Source: downloaded.htm.crdownload.2.dr	String found in binary or memory: https://www.folders911.com/
Source: d0d5120a-906d-4940-9e51-068bde6c7f6e.tmp.2.dr, ff78f19c-410b-4114-9a87-076c1a63b944.tmp.2.dr, downloaded.htm.crdownload.2.dr	String found in binary or memory: https://www.folders911.com/chat-code.js
Source: d0d5120a-906d-4940-9e51-068bde6c7f6e.tmp.2.dr, ff78f19c-410b-4114-9a87-076c1a63b944.tmp.2.dr, downloaded.htm.crdownload.2.dr	String found in binary or memory: https://www.folders911.com/contact-us
Source: b5082596-2990-4ab5-a008-0ea28b6b3676.tmp.2.dr, d0d5120a-906d-4940-9e51-068bde6c7f6e.tmp.2.dr, ff78f19c-410b-4114-9a87-076c1a63b944.tmp.2.dr, downloaded.htm.crdownload.2.dr	String found in binary or memory: https://www.folders911.com/images/logo.png
Source: downloaded.htm.crdownload.2.dr	String found in binary or memory: https://www.folders911.com/presentation-folders.php
Source: downloaded.htm.crdownload.2.dr	String found in binary or memory: https://www.folders911.com/services/presentation-folders-printing
Source: chromecache_261.3.dr	String found in binary or memory: https://www.google.com
Source: chromecache_313.3.dr, chromecache_263.3.dr	String found in binary or memory: https://www.google.com/pagead/1p-conversion/16521530460/?gad_source=1&adview_type=5
Source: chromecache_261.3.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_313.3.dr, chromecache_263.3.dr	String found in binary or memory: https://www.googleadservices.com/pagead/aclk
Source: chromecache_379.3.dr	String found in binary or memory: https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwj55uGH44qMAxVxnoMHHYUNEAgYABAAGgJlZg
Source: chromecache_313.3.dr, chromecache_263.3.dr	String found in binary or memory: https://www.googleadservices.com/pagead/conversion/16521530460/?gad_source=1&adview_type=3
Source: chromecache_261.3.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_376.3.dr, chromecache_295.3.dr, chromecache_365.3.dr, chromecache_261.3.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: b5082596-2990-4ab5-a008-0ea28b6b3676.tmp.2.dr, d0d5120a-906d-4940-9e51-068bde6c7f6e.tmp.2.dr, ff78f19c-410b-4114-9a87-076c1a63b944.tmp.2.dr, downloaded.htm.crdownload.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: b5082596-2990-4ab5-a008-0ea28b6b3676.tmp.2.dr, d0d5120a-906d-4940-9e51-068bde6c7f6e.tmp.2.dr, ff78f19c-410b-4114-9a87-076c1a63b944.tmp.2.dr, downloaded.htm.crdownload.2.dr	String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-K3ZVR2P
Source: chromecache_376.3.dr, chromecache_295.3.dr, chromecache_365.3.dr, chromecache_261.3.dr	String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: d0d5120a-906d-4940-9e51-068bde6c7f6e.tmp.2.dr, ff78f19c-410b-4114-9a87-076c1a63b944.tmp.2.dr, downloaded.htm.crdownload.2.dr	String found in binary or memory: https://www.linkedin.com/in/folders911/
Source: chromecache_376.3.dr, chromecache_295.3.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: d0d5120a-906d-4940-9e51-068bde6c7f6e.tmp.2.dr, ff78f19c-410b-4114-9a87-076c1a63b944.tmp.2.dr, downloaded.htm.crdownload.2.dr	String found in binary or memory: https://www.pinterest.com/folders911
Source: d0d5120a-906d-4940-9e51-068bde6c7f6e.tmp.2.dr, ff78f19c-410b-4114-9a87-076c1a63b944.tmp.2.dr, downloaded.htm.crdownload.2.dr	String found in binary or memory: https://www.quora.com/profile/Folders911

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 50177 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 50039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 50165 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50107 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 49681 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 50040 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50130 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50096 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50178 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50153 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 50061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 50017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50155 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50176 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 50084 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 50166 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 50143 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49693 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50050 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49993
Source: unknown	Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50072 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50132 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 50013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49695 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50174 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50059 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50094 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50106
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49699
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50105
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50108
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49697
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50107
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49696
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49695
Source: unknown	Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49693
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50101
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50104
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50103
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50162 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50117
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50118
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49681
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50114
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50127 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50175 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50007
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50006
Source: unknown	Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50127
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50009
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 50093 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50001
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50122
Source: unknown	Network traffic detected: HTTP traffic on port 50150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50000
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50003
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50002
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50123
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50005
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50004
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50082 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50105 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50164 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50106 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50117 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50173 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50163 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50185 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50054
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50175
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50053
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50174
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50177
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50055
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50176
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50058
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50178
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50059
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50061
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50182
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50060
Source: unknown	Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50148 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50185
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50067
Source: unknown	Network traffic detected: HTTP traffic on port 50091 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50066
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50072
Source: unknown	Network traffic detected: HTTP traffic on port 50159 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50074
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50147 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50172 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50076
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50077
Source: unknown	Network traffic detected: HTTP traffic on port 50114 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50079
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50082
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50084
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50088
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50090
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50091
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50094
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50093
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50096
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown	Network traffic detected: HTTP traffic on port 50170 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50138
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50149 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50130
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown	Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50132
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 50090 -> 443

Source: unknown	HTTPS traffic detected: 142.250.181.228:443 -> 192.168.2.6:49693 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.64.151.8:443 -> 192.168.2.6:49695 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.64.151.8:443 -> 192.168.2.6:49696 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.160.117:443 -> 192.168.2.6:49700 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.160.117:443 -> 192.168.2.6:49699 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.222.232.39:443 -> 192.168.2.6:49697 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.161.117:443 -> 192.168.2.6:49705 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 103.224.182.210:443 -> 192.168.2.6:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 103.224.182.210:443 -> 192.168.2.6:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.59.243.228:443 -> 192.168.2.6:49714 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.36:443 -> 192.168.2.6:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.36:443 -> 192.168.2.6:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.59.243.228:443 -> 192.168.2.6:49720 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.206:443 -> 192.168.2.6:49721 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.181.238:443 -> 192.168.2.6:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.225:443 -> 192.168.2.6:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.225:443 -> 192.168.2.6:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.97:443 -> 192.168.2.6:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.97:443 -> 192.168.2.6:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.58.206.68:443 -> 192.168.2.6:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.100:443 -> 192.168.2.6:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.59.243.205:443 -> 192.168.2.6:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 155.138.141.200:443 -> 192.168.2.6:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 155.138.141.200:443 -> 192.168.2.6:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.2.137:443 -> 192.168.2.6:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 155.138.141.200:443 -> 192.168.2.6:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 155.138.141.200:443 -> 192.168.2.6:49768 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.100:443 -> 192.168.2.6:49792 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.100:443 -> 192.168.2.6:49793 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.194.137:443 -> 192.168.2.6:49874 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 155.138.141.200:443 -> 192.168.2.6:49876 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.100:443 -> 192.168.2.6:49883 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.100:443 -> 192.168.2.6:49885 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49895 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49907 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49908 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49909 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49910 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49912 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49922 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49921 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49923 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49926 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49932 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49937 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49954 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49964 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49967 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.76.210.54:443 -> 192.168.2.6:49974 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\scoped_dir472_799352667			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\scoped_dir1864_2044379845			Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File deleted: C:\Windows\SystemTemp\scoped_dir472_799352667

Jump to behavior

Source: classification engine

Classification label: mal64.phis.win@81/282@104/24

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\Downloads\b5082596-2990-4ab5-a008-0ea28b6b3676.tmp

Jump to behavior

Source: C:\Windows\System32\conhost.exe

Mutant created: \BaseNamedObjects\Local\SM0:3336:120:WilError_03

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2092,i,10821691785136042850,10674702246833228324,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2120 /prefetch:3
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://trezorewllet.webflow.io/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "C:\Users\user\Downloads\downloaded (2).htm"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --metrics-shmem-handle=1964,i,1521385490743556988,16212202123071933184,524288 --field-trial-handle=2040,i,194206186397504397,5955453874656790405,262144 --variations-seed-version=20250314-130103.800000 --mojo-platform-channel-handle=2148 /prefetch:3
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2092,i,10821691785136042850,10674702246833228324,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2120 /prefetch:3	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --metrics-shmem-handle=1964,i,1521385490743556988,16212202123071933184,524288 --field-trial-handle=2040,i,194206186397504397,5955453874656790405,262144 --variations-seed-version=20250314-130103.800000 --mojo-platform-channel-handle=2148 /prefetch:3	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 344
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 386
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 298
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 298	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 344	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 386	Jump to dropped file

Source: C:\Windows\System32\conhost.exe

Last function: Thread delayed

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	2 Browser Extensions	1 Process Injection	21 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	3 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	1 File Deletion	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	4 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report
https://trezorewllet.webflow.io/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

HTML

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Persistence and Installation Behavior

Malware Analysis System Evasion

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://trezorewllet.webflow.io/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

HTML

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Persistence and Installation Behavior

Malware Analysis System Evasion

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Windows Analysis Report
https://trezorewllet.webflow.io/