Edit tour

Windows Analysis Report
http://treasurydept.org

Overview

General Information

Sample URL:	http://treasurydept.org
Analysis ID:	1296194
Infos:

Detection

Score:	2
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

HTML body contains password input but no form action

HTTP GET or POST without a user agent

Found iframes

HTML title does not match URL

Suspicious form URL found

Classification

Process Tree

System is w10x64

chrome.exe (PID: 2084 cmdline: C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank MD5: 8D1C4713ACB7CC2AAAEE4477C58A80BA)

chrome.exe (PID: 2856 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1904 --field-trial-handle=1820,i,2308566206030014462,8116895579599014816,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 8D1C4713ACB7CC2AAAEE4477C58A80BA)

chrome.exe (PID: 5380 cmdline: C:\Program Files\Google\Chrome\Application\chrome.exe" "http://treasurydept.org MD5: 8D1C4713ACB7CC2AAAEE4477C58A80BA)

cleanup

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://www.instagram.com/

HTTP Parser: <input type="password" .../> found but no <form action="...

Source: https://treasurydept.org/pagecontact/	HTTP Parser: Iframe src: https://newassets.hcaptcha.com/captcha/v1/490cab9/static/hcaptcha.html#frame=checkbox&id=0do0b16f4kwv&host=treasurydept.org&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&theme=light&origin=https%3A%2F%2Ftreasurydept.org
Source: https://treasurydept.org/pagecontact/	HTTP Parser: Iframe src: https://newassets.hcaptcha.com/captcha/v1/490cab9/static/hcaptcha.html#frame=challenge&id=0do0b16f4kwv&host=treasurydept.org&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&theme=light&origin=https%3A%2F%2Ftreasurydept.org

Source: https://treasurydept.org/pagecontact/

HTTP Parser: Title: Send Message To Us - TreasuryDept.org does not match URL

Source: https://treasurydept.org/pagecontact/

HTTP Parser: Form action: /jypunod.php

Source: https://www.facebook.com/p/Unclaimed-Money-100030956421077/	HTTP Parser: <input type="password" .../> found
Source: https://www.instagram.com/	HTTP Parser: <input type="password" .../> found

Source: https://treasurydept.org/pagecontact/	HTTP Parser: No <meta name="author".. found
Source: https://www.facebook.com/p/Unclaimed-Money-100030956421077/	HTTP Parser: No <meta name="author".. found
Source: https://www.facebook.com/p/Unclaimed-Money-100030956421077/	HTTP Parser: No <meta name="author".. found
Source: https://www.instagram.com/	HTTP Parser: No <meta name="author".. found
Source: https://www.instagram.com/	HTTP Parser: No <meta name="author".. found
Source: https://www.hcaptcha.com/post/ai-text-detectors-fail-to-spot-llm-output?utm_medium=checkbox&utm_campaign=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9	HTTP Parser: No <meta name="author".. found

Source: https://newassets.hcaptcha.com/captcha/v1/490cab9/static/hcaptcha.html#frame=checkbox&id=04qwo1r4ss4n&host=treasurydept.org&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&theme=light&origin=https%3A%2F%2Ftreasurydept.org	HTTP Parser: No favicon
Source: https://newassets.hcaptcha.com/captcha/v1/490cab9/static/hcaptcha.html#frame=checkbox&id=04qwo1r4ss4n&host=treasurydept.org&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&theme=light&origin=https%3A%2F%2Ftreasurydept.org	HTTP Parser: No favicon
Source: https://newassets.hcaptcha.com/captcha/v1/490cab9/static/hcaptcha.html#frame=challenge&id=04qwo1r4ss4n&host=treasurydept.org&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&theme=light&origin=https%3A%2F%2Ftreasurydept.org	HTTP Parser: No favicon

Source: https://treasurydept.org/pagecontact/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.facebook.com/p/Unclaimed-Money-100030956421077/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.facebook.com/p/Unclaimed-Money-100030956421077/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.instagram.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.instagram.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.hcaptcha.com/post/ai-text-detectors-fail-to-spot-llm-output?utm_medium=checkbox&utm_campaign=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\chrome_BITS_2084_708861117	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping2084_997763858	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping2084_997763858\keys.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping2084_997763858\manifest.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping2084_997763858\LICENSE	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping2084_997763858\_metadata\	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping2084_997763858\_metadata\verified_contents.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping2084_997763858\manifest.fingerprint	Jump to behavior

Source: chrome.exe

Memory has grown: Private usage: 1MB later: 52MB

Source: global traffic

HTTP traffic detected: GET_APPROVAL_BUTTON_SHORT_TEXT=G;g.SKIP_PARENTAL_CONSENT_BUTTON_TEXT=H;g.PARENTAL_CONSENT_SEND_BUTTON_TEXT=I;g.CONSENTS_FINISHED_TEXT=J;g.EMAIL_SENT_CONSENTS_FINISHED_TEXT=K;g.INVALID_EMAIL_TEXT=L;g.PLEASE_ENTER_VALID_EMAIL_TEXT=M;g.CONSENT_FINISHED_SCREEN_BUTTON_TEXT=N;g.DOWNLOAD_YOUR_DATA_REQUEST_PAGE_TITLE=O;g.DOWNLOAD_YOUR_DATA_REQUEST_HEADER_V2=P;g.DOWNLOAD_YOUR_DATA_REQUEST_BODY_V2=Q;g.DOWNLOAD_YOUR_DATA_REQUEST_DISCLAIMER=R;g.DOWNLOAD_YOUR_DATA_INFORMATION_FORMAT=S;g.DOWNLOAD_YOUR_DATA_REQUEST_DOWNLOAD_BUTTON=T;g.downloadYourDataRequestPasswordEntry=U;g.FORGET_PASSWORD=V;g.PASSWORD_GET_HELP=W;g.DOWNLOAD_YOUR_DATA_REQUEST_NEXT_BUTTON=X;g.DOWNLOAD_YOUR_DATA_LOG_IN_AGAIN_BUTTON=Y;g.GO_TO_FEED=Z;g.DOWNLOAD_YOUR_DATA_EMAIL_SENT_HEADER=aa;g.DOWNLOAD_YOUR_DATA_SUCCESS_FORM_DISCLAIMER=ba;g.downloadYourDataRequestSentTextAlt=ca;g.downloadYourDataRequestSentTextAlt14Days=da;g.DOWNLOAD_YOUR_DATA_COMPLETE_HEADER=ea;g.DOWNLOAD_YOUR_DATA_COMPLETE_HEADER_ALT=fa;g.downloadYourDataCompleteFirstBody=ga;g.downloadYourDataCompleteFirstBodyAlt=ha;g.DOWNLOAD_YOUR_DATA_COMPLETE_SECOND_BODY=ia;g.DOWNLOAD_YOUR_DATA_COMPLETE_SECOND_BODY_ALT=ja;g.DOWNLOAD_YOUR_DATA_COMPLETE_SECOND_BODY_ALT_TEMP_WEEK_EXPIRY=ka;g.DOWNLOAD_YOUR_DATA_COMPLETE_SECOND_BODY_ALT_TEMP_TWO_WEEK_EXPIRY=la;g.DOWNLOAD_YOUR_DATA_COMPLETE_THIRD_BODY_ALT=ma;g.DOWNLOAD_YOUR_DATA_COMPLETE_BUTTON_ALT=na;g.downloadYourDataMultiplePartsAlt=oa;g.DOWNLOAD_YOUR_DATA_LINK_EXPIRED_HEADER=pa;g.downloadYourDataLinkExpiredBody=qa;g.download

Source: unknown

DNS traffic detected: queries for: clients2.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 50039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 49967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 50015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 50061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50049 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 50038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50050 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49993
Source: unknown	Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50072 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50059 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50071 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50000
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50002
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50005
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50070 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50047 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50054
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50053
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50055
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50058
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50059
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50061
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50063
Source: unknown	Network traffic detected: HTTP traffic on port 50068 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50065
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50064
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50067
Source: unknown	Network traffic detected: HTTP traffic on port 50056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50066
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50068
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50070
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50071
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50074
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50073
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50076
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50075
Source: unknown	Network traffic detected: HTTP traffic on port 50057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50077
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50015
Source: unknown	Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50026
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50030
Source: unknown	Network traffic detected: HTTP traffic on port 50067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50039
Source: unknown	Network traffic detected: HTTP traffic on port 49995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50031
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50038
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50066 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50047
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50049
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50048
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50050
Source: unknown	Network traffic detected: HTTP traffic on port 49962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50051
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50076 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49994 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443

Source: global traffic	HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=115.0.5790.171&lang=en-US&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmiedaX-Goog-Update-Updater: chromecrx-115.0.5790.171Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1/api.js HTTP/1.1Host: js.hcaptcha.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/bootstrap.min.css HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/qegaxo.css HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/tetul.css HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/bootstrap.min.js HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/fekupi7.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/dirabiw88.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/jenefu.lyriza.js HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/zyr51.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/voribuxin.js HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/js/hcaptcha.js HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/reh.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/hyka.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/bgon.png HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/stylecss/tetul.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/rydym.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/zazuwyko.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/jilavaman.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/xozoka.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/hirypojyc.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/laweju.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /captcha/v1/490cab9/static/hcaptcha.html HTTP/1.1Host: newassets.hcaptcha.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/lyloreryvas9.svg HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /captcha/v1/490cab9/hcaptcha.js HTTP/1.1Host: newassets.hcaptcha.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://newassets.hcaptcha.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://newassets.hcaptcha.com/captcha/v1/490cab9/static/hcaptcha.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c/a91272a/hsw.js HTTP/1.1Host: newassets.hcaptcha.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://newassets.hcaptcha.com/captcha/v1/490cab9/static/hcaptcha.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/zyso1.png HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /checksiteconfig?v=490cab9&host=treasurydept.org&sitekey=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&sc=1&swa=1&spst=1 HTTP/1.1Host: hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/fekupi7.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/dirabiw88.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/zyr51.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/reh.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/bgon.png HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/hyka.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/rydym.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/zazuwyko.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/jilavaman.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/xozoka.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/hirypojyc.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/laweju.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/lyloreryvas9.svg HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylecss/zyso1.png HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /blog26/ HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1/api.js HTTP/1.1Host: js.hcaptcha.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: W/"d2eb1be4c690b7d82824c152b9950b70"If-Modified-Since: Fri, 18 Aug 2023 08:43:14 GMT
Source: global traffic	HTTP traffic detected: GET /pics/how-to-request-financial-assistance.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/blog26/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/js/hcaptcha.js HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://treasurydept.org/blog26/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pics/171594.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/blog26/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pics/712e49858119d9519f62aa607fbab3a2.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/blog26/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pics/444208.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/blog26/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pics/e36c2144dc52b62f8f7061617286903f.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/blog26/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pics/unclaimed-money-government-website.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/blog26/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pics/82d58c8011efc4312d60294e9bf3b880.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/blog26/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pics/financial-assistance-grants.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/blog26/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pics/b3e7b02de9350e96293674a7d117e452.png HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/blog26/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pics/how-to-request-financial-assistance.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pics/171594.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pics/444208.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pics/271503.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://treasurydept.org/blog26/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pics/82d58c8011efc4312d60294e9bf3b880.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pics/unclaimed-money-government-website.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pics/712e49858119d9519f62aa607fbab3a2.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pics/b3e7b02de9350e96293674a7d117e452.png HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pics/financial-assistance-grants.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pics/271503.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pics/e36c2144dc52b62f8f7061617286903f.jpg HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagecontact/ HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/js/hcaptcha.js HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://treasurydept.org/pagecontact/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1/api.js HTTP/1.1Host: js.hcaptcha.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://treasurydept.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: W/"b326d8a7c8f10d563fc4aa703464dfe5"If-Modified-Since: Wed, 23 Aug 2023 19:57:45 GMT
Source: global traffic	HTTP traffic detected: GET /checksiteconfig?v=490cab9&host=treasurydept.org&sitekey=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&sc=1&swa=1&spst=1 HTTP/1.1Host: hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagefaq/ HTTP/1.1Host: treasurydept.orgConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /p/Unclaimed-Money-100030956421077/ HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yz/l/0,cross/pi9D2swlrDC.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yH/r/kVtdVnoj6aA.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iORP4/yS/l/en_US/30AJir2YSgqNAxHbfNQxetErKWmeVCTG4C7Y7HA7Zcx8BMhhmalKXgHkJbCuPLB8q_Nr_jwL5StupmKfBM4RnUu2U7tzjxmgReVkdW7anx9UF5Dl2Du3XdRv9rgJ5XsAIlYUBI52AE0QdZyUjccgvdtXYj7T2mFmkmZx1YTSd3wBXH9D_R9PIWAtR0Kp55HfXW__mMUjf-SKozNZpndteZqob9cJ.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3i2g_4/yd/l/en_US/uY5AvdfjFQq.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iBPF4/yx/l/en_US/w5ghD10poRe.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3idBq4/y8/l/en_US/_GVHv2vLzKk.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3imb44/ya/l/en_US/fblfqimV6ET.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3i1dD4/yl/l/en_US/bzBSdEWXUCA7bk2ZZ4h8H3fd3JTDfdYDtdTjRO0q-nxILim3uETseCB.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yP/r/6l11pt94gF0.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iWd-4/yc/l/en_US/h6SWudLMSae.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iDyC4/yl/l/en_US/Boh1GbPFuPr_wPDhhJ9eqzbhgpdYCqsBPB98SSLbDD16PqWxRSFA8FjzTUR-xAOqeAKhdD_gXwZJmjNrV001ZjI1wgaCBYrBe9ZsshqozjUpapAb2s4mYxCLg.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iQdS4/yx/l/en_US/PSjcvBjkn7J.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3im8s4/y5/l/en_US/xIhajXekJf_.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iJHK4/yA/l/en_US/cna0NXPuFiy.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3ieMq4/yD/l/en_US/uk0esBS3dmhf6vT9DG2HCLUmVscQRRGUPO1pW3I_U9IU52x_7gUsO8fvwFzGgiF9JBGq-FcvwrCFVZIjQZQmC4AFKW2gAu8FrRwfeFsteXWn3IEVBKv-sNi866imNNgSJIyT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yO/r/4L3zh0y6JHi.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iPSw4/yQ/l/en_US/KPePIIK4sC5.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/yD/r/d4ZIVX-5C-b.ico HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /data/manifest/ HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36viewport-width: 1280sec-ch-ua-platform-version: "6.0.0"dpr: 1sec-ch-ua-full-version-list: "Not/A)Brand";v="99.0.0.0", "Google Chrome";v="115.0.5790.171", "Chromium";v="115.0.5790.171"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://www.facebook.com/p/Unclaimed-Money-100030956421077/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/ya/r/hsAgIHTE80C.png HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v/t1.18169-9/30264343_367820777069948_3270019845189220227_n.jpg?_nc_cat=106&ccb=1-7&_nc_sid=574b62&_nc_ohc=Bn74VGYBQ4sAX_eQi5e&_nc_ht=scontent-fra5-2.xx&oh=00_AfDF5HPcPXB-ozMhUTYCIVIpu6F1R6s_OYgoywYwjD7wMQ&oe=650DFB3A HTTP/1.1Host: scontent-fra5-2.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v/t1.6435-9/33993955_390153341503358_4575664552917598208_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=574b62&_nc_ohc=0i6aQ7a3LV4AX8QkZL_&_nc_ht=scontent-fra5-1.xx&oh=00_AfA-9B-6dScl3K2PVq2wUn-moXEpKSU-t-_OW3onqNsnNg&oe=650DEF2A HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v/t31.18172-8/30419958_367819427070083_2545827400819518589_o.png?stp=dst-png_p160x160&_nc_cat=100&ccb=1-7&_nc_sid=574b62&_nc_ohc=atoKInNrA9UAX_Ltftr&_nc_ht=scontent-fra5-1.xx&oh=00_AfBj72j7GyZjiPTWNyle3bhaQZj7HPFpfDUgZC_Xvd3H-A&oe=650DCB1D HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v/t39.30808-1/272099685_594815998226942_2421644237729754094_n.jpg?stp=cp0_dst-jpg_p40x40&_nc_cat=100&ccb=1-7&_nc_sid=c6021c&_nc_ohc=x1MmyGHwM7UAX_3mpaf&_nc_ht=scontent-fra5-1.xx&oh=00_AfARZfnwcZAuaORBMfAkSocdiA5qC0XqXFpNmJ7NdVI8Jg&oe=64EC0A12 HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/ye/r/4PEEs7qlhJk.png HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v/t39.30808-1/272099685_594815998226942_2421644237729754094_n.jpg?_nc_cat=100&ccb=1-7&_nc_sid=c6021c&_nc_ohc=x1MmyGHwM7UAX_3mpaf&_nc_ht=scontent-fra5-1.xx&oh=00_AfA9ClvBT2Hyf1rW2UxejdAUbSEEb1jb8Kx5UGnjMb-rTw&oe=64EC0A12 HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v/t1.18169-9/30226572_367821060403253_1824976345440189768_n.jpg?stp=c59.0.160.160a_dst-jpg_p160x160&_nc_cat=104&ccb=1-7&_nc_sid=574b62&_nc_ohc=kuSrUqci5eoAX9-qcmi&_nc_ht=scontent-fra3-2.xx&oh=00_AfCBVOXW-4odoffnmfDYUQtWtOkuVtkGezm9CLTKvDlPBw&oe=650DDCA2 HTTP/1.1Host: scontent-fra3-2.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/y3/r/BQdeC67wT9z.png HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/y7/r/4Lea07Woawi.png HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/cookies/cookie_info_card_image_1.png HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36viewport-width: 1280sec-ch-ua-platform-version: "6.0.0"dpr: 1sec-ch-ua-full-version-list: "Not/A)Brand";v="99.0.0.0", "Google Chrome";v="115.0.5790.171", "Chromium";v="115.0.5790.171"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.facebook.com/p/Unclaimed-Money-100030956421077/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/cookies/cookie_info_card_image_2.png HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36viewport-width: 1280sec-ch-ua-platform-version: "6.0.0"dpr: 1sec-ch-ua-full-version-list: "Not/A)Brand";v="99.0.0.0", "Google Chrome";v="115.0.5790.171", "Chromium";v="115.0.5790.171"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.facebook.com/p/Unclaimed-Money-100030956421077/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/cookies/cookie_info_card_image_3.png HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36viewport-width: 1280sec-ch-ua-platform-version: "6.0.0"dpr: 1sec-ch-ua-full-version-list: "Not/A)Brand";v="99.0.0.0", "Google Chrome";v="115.0.5790.171", "Chromium";v="115.0.5790.171"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.facebook.com/p/Unclaimed-Money-100030956421077/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/cookies/cookie_info_card_image_4.png HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36viewport-width: 1280sec-ch-ua-platform-version: "6.0.0"dpr: 1sec-ch-ua-full-version-list: "Not/A)Brand";v="99.0.0.0", "Google Chrome";v="115.0.5790.171", "Chromium";v="115.0.5790.171"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.facebook.com/p/Unclaimed-Money-100030956421077/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yH/r/1TjjzwR0ZDg.png HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yE/r/P898mwSkJqe.png HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hads-ak-prn2/1487645_6012475414660_1439393861_n.png HTTP/1.1Host: scontent.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iD6c4/yw/l/en_US/vU5IUwyUOZTImMX0reLC_1ERz6pNGhHp8lnVuONvNCddGHcuFCQAkBaptPor1-z3JC3dY3JZm4Y3F.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yY/r/YT7n1sgH1lv.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/yD/r/d4ZIVX-5C-b.ico HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/cookies/cookie_info_card_image_1.png HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/ya/r/hsAgIHTE80C.png HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v/t1.6435-9/33993955_390153341503358_4575664552917598208_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=574b62&_nc_ohc=0i6aQ7a3LV4AX8QkZL_&_nc_ht=scontent-fra5-1.xx&oh=00_AfA-9B-6dScl3K2PVq2wUn-moXEpKSU-t-_OW3onqNsnNg&oe=650DEF2A HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/ye/r/4PEEs7qlhJk.png HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3ieKI4/yb/l/en_US/CCjuei0lx6p.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/y3/r/BQdeC67wT9z.png HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yX/r/9a55LS3FrS3.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v/t31.18172-8/30419958_367819427070083_2545827400819518589_o.png?stp=dst-png_p160x160&_nc_cat=100&ccb=1-7&_nc_sid=574b62&_nc_ohc=atoKInNrA9UAX_Ltftr&_nc_ht=scontent-fra5-1.xx&oh=00_AfBj72j7GyZjiPTWNyle3bhaQZj7HPFpfDUgZC_Xvd3H-A&oe=650DCB1D HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /m1/v/t6/An_KOWvmE8xXhWbKcEDamiAQ14ZKS7T_w5aOTf-M8Krv4ls-f63eecRjpMEIRfwoMQw0XjeM4Q2PKoqtUSQc0_q66s2ahAGa0OTb.kf?ccb=10-5&oh=00_AfDEVypA-VF8GNNxvmNxCsTKFf0kMfGfk1HDQ0CeIqGh8w&oe=650DF380&_nc_sid=7da55a HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.facebook.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/y7/r/4Lea07Woawi.png HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hads-ak-prn2/1487645_6012475414660_1439393861_n.png HTTP/1.1Host: scontent.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3ib-74/yW/l/en_US/YSa0cKzF-1O.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v/t1.18169-9/30264343_367820777069948_3270019845189220227_n.jpg?_nc_cat=106&ccb=1-7&_nc_sid=574b62&_nc_ohc=Bn74VGYBQ4sAX_eQi5e&_nc_ht=scontent-fra5-2.xx&oh=00_AfDF5HPcPXB-ozMhUTYCIVIpu6F1R6s_OYgoywYwjD7wMQ&oe=650DFB3A HTTP/1.1Host: scontent-fra5-2.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /m1/v/t6/An-V1eo7VQ3O9lqK2f9nfo3p019W0b_BTfQk8m_WliRJfm8Ss0I6dO39oKJmajreEZ2Oy5vSrTbDg0GpAgj0NSk-Eu5PWtSAd1gv.kf?ccb=10-5&oh=00_AfBQNv0EZZXitXNUoQPL6IK_0o8FBIhqenSw0IBMJaherw&oe=650DEFF1&_nc_sid=7da55a HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.facebook.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /m1/v/t6/An8UpDtYTxwRfyFUAQkYpPLVzCcFZAyT58b4mM9QRn-9IZWdHfcWsX1lOuHAsupZu8HCFEX8uobe6VdR6H9B8v2Z_FzSMfB8MYN36w.kf?ccb=10-5&oh=00_AfDJZwdZbzScWxFcETQWvlGglpJzclDll-2kXNjDOE0lbA&oe=650DD5F0&_nc_sid=7da55a HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.facebook.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3i4sp4/yx/l/en_US/1p99lS3aVQT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v/t39.30808-1/272099685_594815998226942_2421644237729754094_n.jpg?stp=cp0_dst-jpg_p40x40&_nc_cat=100&ccb=1-7&_nc_sid=c6021c&_nc_ohc=x1MmyGHwM7UAX_3mpaf&_nc_ht=scontent-fra5-1.xx&oh=00_AfARZfnwcZAuaORBMfAkSocdiA5qC0XqXFpNmJ7NdVI8Jg&oe=64EC0A12 HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /m1/v/t6/An8KSKhioMIUVSZ4NYh8JnAchGmGQVDA71Hulkn5JQZsO-ejSYcV2dWPMQo-ZhSa71MfFqgrDHlCASWFxgbtV3pYQqVdSus0zicQO6_n.kf?ccb=10-5&oh=00_AfCyikXHzDR4ZL0pLLC-bgqVM2XcJfTECLRQo0HIIgj2CQ&oe=650DF366&_nc_sid=7da55a HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.facebook.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yH/r/1TjjzwR0ZDg.png HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /m1/v/t6/An8CYKC8XqtM-fkmXlVHrp9oVgPgDVVlGZu_Cy7Q_5xW9yYY3lOzMNVDCq9D1ThbbsbnpjfFmGnfIPhKX6oePvUMOYOvShQauKw.kf?ccb=10-5&oh=00_AfB6H3k-ZxCVkeIPc-5faK_5vOFz7kZVePyikFd4neYx0A&oe=650DF7CB&_nc_sid=7da55a HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.facebook.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /m1/v/t6/An_iJw3Cc3y5RtzEpR0M4CCznWN_ywjtFHZENvSbcomn6tH9EuRIjlfe7xaIpEOIEZAGHfQMVNlOPpkGNsG7fM8CslunKANTZ6ED.kf?ccb=10-5&oh=00_AfBqnLssghXC7hDIfoqXUZRTdMhPUShaUCDuAU_ffIOhQA&oe=650DCBD8&_nc_sid=7da55a HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.facebook.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/cookies/cookie_info_card_image_2.png HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v/t39.30808-1/272099685_594815998226942_2421644237729754094_n.jpg?_nc_cat=100&ccb=1-7&_nc_sid=c6021c&_nc_ohc=x1MmyGHwM7UAX_3mpaf&_nc_ht=scontent-fra5-1.xx&oh=00_AfA9ClvBT2Hyf1rW2UxejdAUbSEEb1jb8Kx5UGnjMb-rTw&oe=64EC0A12 HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/cookies/cookie_info_card_image_4.png HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3ivGh4/yL/l/en_US/PBDECfpAE1R.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v/t1.18169-9/30226572_367821060403253_1824976345440189768_n.jpg?stp=c59.0.160.160a_dst-jpg_p160x160&_nc_cat=104&ccb=1-7&_nc_sid=574b62&_nc_ohc=kuSrUqci5eoAX9-qcmi&_nc_ht=scontent-fra3-2.xx&oh=00_AfCBVOXW-4odoffnmfDYUQtWtOkuVtkGezm9CLTKvDlPBw&oe=650DDCA2 HTTP/1.1Host: scontent-fra3-2.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bootloader-endpoint/?modules=KeyframesRenderer%2CFBKeyframesLoggedSession%2CKeyframesAssetDecoder&__user=0&__a=1&__req=6&__hs=19592.HYP%3Acomet_loggedout_pkg.2.1..0.0&dpr=1&__ccg=EXCELLENT&__rev=1008220018&__s=%3A%3Aw65qvo&__hsi=7270622678530409993&__dyn=7xeUmxa13xu1syaxG4VuC2-m1FwAxu13wsongS3q5UObwNwnof8boG0x8bo6u3y4o0B-q1ew65xO2OU7m0yE465o-cwfG12wOx61vw9m1YwBgao6C0Mo2sx-3m1mzXw8W58jwGzE8E7C222SUbElxm3y1lUtw-waCm7-8wfS2i2S3qazo3iwPwbS16xi4UdUcobUak1xwmo566E6C16w&__csr=hAa9OTWbcDdkAxYDdkBiFjv4HcmFHCAXBl4ZOzC_vZlVb_CVbWRyi4n-cTCDl7KFlBpeHKtAAG8KEDyGDy8C8AAAxaESGAh9Uhy_zu4qxmEnCBh8nyoR5BWgOHwGx3y4UzyagiXCypWy8yicht4G59EGWUpG4Forxq4Uswci0cbcFQaAo0O-0j64Q0ii04mecw3Zt03qo2Ng1Ro0gw40n80acU05De4U04xoMO2l0Ex20M40h-u2S0ji2Gq2u0nl0qoanmvwXwg86yt2FE1Bolxydw8y1vxa583rExQewRweV0lQ09Ww7ox64o3Gxe4EiU661jp84qgAw5e099wuei6CivO6g1GF-8xl3A2y482jg8q81iwjpQ0wo560pF38Kl0dG5EeofSmtpsi4o7K4k5dwfS3C0ga6U881j8Wt4ggwBwm8vwI85o6x1q1dg5251cE3Lwaq1oxe2S5Eiw1EObwc-1tAoco0LC0cpDxXwWwXA804385Guu6E148kwc-0ES2e2-1Mo5m0GE4e0q6bg1CE2Lw9e0Q80yDDwst045w4Lw6pwix0C2y1A2wCkycFME6U4a0L6dw_w8Cu&__comet_req=15&__spin_r=1008220018&__spin_b=trunk&__spin_t=1692823757 HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36viewport-width: 1280sec-ch-ua-platform-version: "6.0.0"dpr: 1sec-ch-ua-full-version-list: "Not/A)Brand";v="99.0.0.0", "Google Chrome";v="115.0.5790.171", "Chromium";v="115.0.5790.171"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.facebook.com/p/Unclaimed-Money-100030956421077/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/cookies/cookie_info_card_image_3.png HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yE/r/P898mwSkJqe.png HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3i0Wo4/y8/l/en_US/0eDR6PyK7x0.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/yg/r/DUjm2v1u572.kf HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.facebook.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /m1/v/t6/An-epsBkaSJ4n9oYH6L6fSPKlfyvVNR_J7OfeV9-jqOZVx9-Fg73T8WyLTa1e_4iyoSboul40f-XChEvL3RtR-jyPuVfx7Umn4RlQyMS.kf?ccb=10-5&oh=00_AfBgeKU9sAxMTaAjr2qhQZb4TEa3VANX0mu6SsKDcx_96w&oe=650DED47&_nc_sid=7da55a HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.facebook.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yr/r/YnG0xu9HzbQ.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /m1/v/t6/An-4eutqFWFfYhZPQR8tM2oP5E05jWW-J7tvfsD5wE23SUHSA2nXlg1n6fI_KpO3JoITC05bkD6cfuSRG3Fji57z_i1jO4Bw_K_ZEg.kf?ccb=10-5&oh=00_AfBwbARDzAit0wCKdbw0oaE6eTHW-bsnQ_lEHUebH3HjHQ&oe=650DF3B0&_nc_sid=7da55a HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.facebook.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yi/r/LQD3fYZWwZ_.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/y9/r/Q7NJWdbO86C.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3ilXC4/l/en_US/eqwVBYovQK9VGqGmDWYuGgjIsYGgM0YTpAvWhzI9p1H5Sjc9_kum1utKBulfMJHQ0x4BeezRLUSEfrHMRTLDM89qHX5G0m0j9CWMVByUHwPgjk7PnnqMcDAMiyYEjXE2pKz_PSOkLR57XGloUnH1PhP17j-KW1RpShAXwyasfUf8asK1qLiHeYUpLUEqNL7_a5h1rJj8eQ-tYPi3CDT2zWLJ0oyd.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/y4/r/usGeK1Wl4sH.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.facebook.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /m1/v/t6/An-ltDiBj6BlExJAIyJiOGWs0CtdQwF9K9SyRSRhTIMgJd0MMzaw7ju3gnTsliPfba99uYjQem5sn3JzgpEnBVKOKfyfbcp-sMBJ.kf?ccb=10-5&oh=00_AfC_UtUcx3Au08-VXdLV9v6EENW1SFecohtIPMPnqk1FdQ&oe=650DD857&_nc_sid=7da55a HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.facebook.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.facebook.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=15&__hs=19592.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7270622678530409993&__req=1&__rev=1008220018&__s=%3A%3Aw65qvo&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823757&__user=0&dpr=1&jazoest=2938&lsd=AVpHdI3gYfU&ph=C3e HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=15&__hs=19592.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7270622678530409993&__req=5&__rev=1008220018&__s=%3A%3Aw65qvo&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823757&__user=0&dpr=1&jazoest=2938&lsd=AVpHdI3gYfU&ph=C3e HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bootloader-endpoint/?modules=KeyframesRenderer%2CFBKeyframesLoggedSession%2CKeyframesAssetDecoder&__user=0&__a=1&__req=6&__hs=19592.HYP%3Acomet_loggedout_pkg.2.1..0.0&dpr=1&__ccg=EXCELLENT&__rev=1008220018&__s=%3A%3Aw65qvo&__hsi=7270622678530409993&__dyn=7xeUmxa13xu1syaxG4VuC2-m1FwAxu13wsongS3q5UObwNwnof8boG0x8bo6u3y4o0B-q1ew65xO2OU7m0yE465o-cwfG12wOx61vw9m1YwBgao6C0Mo2sx-3m1mzXw8W58jwGzE8E7C222SUbElxm3y1lUtw-waCm7-8wfS2i2S3qazo3iwPwbS16xi4UdUcobUak1xwmo566E6C16w&__csr=hAa9OTWbcDdkAxYDdkBiFjv4HcmFHCAXBl4ZOzC_vZlVb_CVbWRyi4n-cTCDl7KFlBpeHKtAAG8KEDyGDy8C8AAAxaESGAh9Uhy_zu4qxmEnCBh8nyoR5BWgOHwGx3y4UzyagiXCypWy8yicht4G59EGWUpG4Forxq4Uswci0cbcFQaAo0O-0j64Q0ii04mecw3Zt03qo2Ng1Ro0gw40n80acU05De4U04xoMO2l0Ex20M40h-u2S0ji2Gq2u0nl0qoanmvwXwg86yt2FE1Bolxydw8y1vxa583rExQewRweV0lQ09Ww7ox64o3Gxe4EiU661jp84qgAw5e099wuei6CivO6g1GF-8xl3A2y482jg8q81iwjpQ0wo560pF38Kl0dG5EeofSmtpsi4o7K4k5dwfS3C0ga6U881j8Wt4ggwBwm8vwI85o6x1q1dg5251cE3Lwaq1oxe2S5Eiw1EObwc-1tAoco0LC0cpDxXwWwXA804385Guu6E148kwc-0ES2e2-1Mo5m0GE4e0q6bg1CE2Lw9e0Q80yDDwst045w4Lw6pwix0C2y1A2wCkycFME6U4a0L6dw_w8Cu&__comet_req=15&__spin_r=1008220018&__spin_b=trunk&__spin_t=1692823757 HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=15&__hs=19592.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7270622678530409993&__req=7&__rev=1008220018&__s=%3A%3Aw65qvo&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823757&__user=0&dpr=1&jazoest=2938&lsd=AVpHdI3gYfU&ph=C3e HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bulk-route-definitions/ HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/yg/r/DUjm2v1u572.kf HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /m1/v/t6/An8KSKhioMIUVSZ4NYh8JnAchGmGQVDA71Hulkn5JQZsO-ejSYcV2dWPMQo-ZhSa71MfFqgrDHlCASWFxgbtV3pYQqVdSus0zicQO6_n.kf?ccb=10-5&oh=00_AfCyikXHzDR4ZL0pLLC-bgqVM2XcJfTECLRQo0HIIgj2CQ&oe=650DF366&_nc_sid=7da55a HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /m1/v/t6/An-V1eo7VQ3O9lqK2f9nfo3p019W0b_BTfQk8m_WliRJfm8Ss0I6dO39oKJmajreEZ2Oy5vSrTbDg0GpAgj0NSk-Eu5PWtSAd1gv.kf?ccb=10-5&oh=00_AfBQNv0EZZXitXNUoQPL6IK_0o8FBIhqenSw0IBMJaherw&oe=650DEFF1&_nc_sid=7da55a HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /m1/v/t6/An_KOWvmE8xXhWbKcEDamiAQ14ZKS7T_w5aOTf-M8Krv4ls-f63eecRjpMEIRfwoMQw0XjeM4Q2PKoqtUSQc0_q66s2ahAGa0OTb.kf?ccb=10-5&oh=00_AfDEVypA-VF8GNNxvmNxCsTKFf0kMfGfk1HDQ0CeIqGh8w&oe=650DF380&_nc_sid=7da55a HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /m1/v/t6/An_iJw3Cc3y5RtzEpR0M4CCznWN_ywjtFHZENvSbcomn6tH9EuRIjlfe7xaIpEOIEZAGHfQMVNlOPpkGNsG7fM8CslunKANTZ6ED.kf?ccb=10-5&oh=00_AfBqnLssghXC7hDIfoqXUZRTdMhPUShaUCDuAU_ffIOhQA&oe=650DCBD8&_nc_sid=7da55a HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /m1/v/t6/An8CYKC8XqtM-fkmXlVHrp9oVgPgDVVlGZu_Cy7Q_5xW9yYY3lOzMNVDCq9D1ThbbsbnpjfFmGnfIPhKX6oePvUMOYOvShQauKw.kf?ccb=10-5&oh=00_AfB6H3k-ZxCVkeIPc-5faK_5vOFz7kZVePyikFd4neYx0A&oe=650DF7CB&_nc_sid=7da55a HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=15&__hs=19592.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7270622678530409993&__req=8&__rev=1008220018&__s=%3A%3Aw65qvo&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823757&__user=0&dpr=1&jazoest=2938&lsd=AVpHdI3gYfU&ph=C3e HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.instagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /m1/v/t6/An8UpDtYTxwRfyFUAQkYpPLVzCcFZAyT58b4mM9QRn-9IZWdHfcWsX1lOuHAsupZu8HCFEX8uobe6VdR6H9B8v2Z_FzSMfB8MYN36w.kf?ccb=10-5&oh=00_AfDJZwdZbzScWxFcETQWvlGglpJzclDll-2kXNjDOE0lbA&oe=650DD5F0&_nc_sid=7da55a HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /m1/v/t6/An-epsBkaSJ4n9oYH6L6fSPKlfyvVNR_J7OfeV9-jqOZVx9-Fg73T8WyLTa1e_4iyoSboul40f-XChEvL3RtR-jyPuVfx7Umn4RlQyMS.kf?ccb=10-5&oh=00_AfBgeKU9sAxMTaAjr2qhQZb4TEa3VANX0mu6SsKDcx_96w&oe=650DED47&_nc_sid=7da55a HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /m1/v/t6/An-4eutqFWFfYhZPQR8tM2oP5E05jWW-J7tvfsD5wE23SUHSA2nXlg1n6fI_KpO3JoITC05bkD6cfuSRG3Fji57z_i1jO4Bw_K_ZEg.kf?ccb=10-5&oh=00_AfBwbARDzAit0wCKdbw0oaE6eTHW-bsnQ_lEHUebH3HjHQ&oe=650DF3B0&_nc_sid=7da55a HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bulk-route-definitions/ HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /m1/v/t6/An-ltDiBj6BlExJAIyJiOGWs0CtdQwF9K9SyRSRhTIMgJd0MMzaw7ju3gnTsliPfba99uYjQem5sn3JzgpEnBVKOKfyfbcp-sMBJ.kf?ccb=10-5&oh=00_AfC_UtUcx3Au08-VXdLV9v6EENW1SFecohtIPMPnqk1FdQ&oe=650DD857&_nc_sid=7da55a HTTP/1.1Host: scontent-fra5-1.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/ys/l/0,cross/i2ho0CroZII.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.instagram.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yH/r/kVtdVnoj6aA.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.instagram.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3imna4/yv/l/en_US/pLpEFQCIXbXr2p7esd700UXOfWZfPTXR1imhmnAZRFiJOS0CMbib3iGwyb8Ob8iWaMPYA3PnLk9jXnXxubVAIVwYHaypzNAtiDx9GT4CJyb00U7D9GNGRNhOvbQvNc-jWcPDC0mYqlmiJUSzQ-9h36-TbwYQCtSCBPjbhnXTLhQ4jB9LIohmRQ2b689mJo9NMMo3Fw7iYdvfcpnyBf4kK5D4DpNYvsWqehdEtWwDQVEH-g-FDC.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.instagram.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iwWC4/yT/l/en_US/pTwia46Cc0G.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.instagram.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iddb4/yn/l/en_US/H5xmZtXyuVK.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.instagram.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bulk-route-definitions/ HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yw/r/OipIo4kEFHG.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.instagram.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/y1/r/E6eCs0zFrcp.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.instagram.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET_APPROVAL_BUTTON_SHORT_TEXT=G;g.SKIP_PARENTAL_CONSENT_BUTTON_TEXT=H;g.PARENTAL_CONSENT_SEND_BUTTON_TEXT=I;g.CONSENTS_FINISHED_TEXT=J;g.EMAIL_SENT_CONSENTS_FINISHED_TEXT=K;g.INVALID_EMAIL_TEXT=L;g.PLEASE_ENTER_VALID_EMAIL_TEXT=M;g.CONSENT_FINISHED_SCREEN_BUTTON_TEXT=N;g.DOWNLOAD_YOUR_DATA_REQUEST_PAGE_TITLE=O;g.DOWNLOAD_YOUR_DATA_REQUEST_HEADER_V2=P;g.DOWNLOAD_YOUR_DATA_REQUEST_BODY_V2=Q;g.DOWNLOAD_YOUR_DATA_REQUEST_DISCLAIMER=R;g.DOWNLOAD_YOUR_DATA_INFORMATION_FORMAT=S;g.DOWNLOAD_YOUR_DATA_REQUEST_DOWNLOAD_BUTTON=T;g.downloadYourDataRequestPasswordEntry=U;g.FORGET_PASSWORD=V;g.PASSWORD_GET_HELP=W;g.DOWNLOAD_YOUR_DATA_REQUEST_NEXT_BUTTON=X;g.DOWNLOAD_YOUR_DATA_LOG_IN_AGAIN_BUTTON=Y;g.GO_TO_FEED=Z;g.DOWNLOAD_YOUR_DATA_EMAIL_SENT_HEADER=aa;g.DOWNLOAD_YOUR_DATA_SUCCESS_FORM_DISCLAIMER=ba;g.downloadYourDataRequestSentTextAlt=ca;g.downloadYourDataRequestSentTextAlt14Days=da;g.DOWNLOAD_YOUR_DATA_COMPLETE_HEADER=ea;g.DOWNLOAD_YOUR_DATA_COMPLETE_HEADER_ALT=fa;g.downloadYourDataCompleteFirstBody=ga;g.downloadYourDataCompleteFirstBodyAlt=ha;g.DOWNLOAD_YOUR_DATA_COMPLETE_SECOND_BODY=ia;g.DOWNLOAD_YOUR_DATA_COMPLETE_SECOND_BODY_ALT=ja;g.DOWNLOAD_YOUR_DATA_COMPLETE_SECOND_BODY_ALT_TEMP_WEEK_EXPIRY=ka;g.DOWNLOAD_YOUR_DATA_COMPLETE_SECOND_BODY_ALT_TEMP_TWO_WEEK_EXPIRY=la;g.DOWNLOAD_YOUR_DATA_COMPLETE_THIRD_BODY_ALT=ma;g.DOWNLOAD_YOUR_DATA_COMPLETE_BUTTON_ALT=na;g.downloadYourDataMultiplePartsAlt=oa;g.DOWNLOAD_YOUR_DATA_LINK_EXPIRED_HEADER=pa;g.downloadYourDataLinkExpiredBody=qa;g.download
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3ieCg4/yH/l/en_US/Oa_68FbxEku.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.instagram.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yQ/r/70emZhxGFvH.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.instagram.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yk/r/5PC91097DzW.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.instagram.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iLUJ4/yp/l/en_US/DldtNK03LKWTr5jRS2bOeG8kqQREb27F8_85AXfJFmeolwVcjdD6sXj.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.instagram.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yf/r/y5ZNr8PxVws.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.instagram.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iqES4/yM/l/en_US/3sEE3xUl94z.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.instagram.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/v1/public/landing_info/ HTTP/1.1Host: www.instagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"X-Mid: 1rladl917kj0h4zm7tx0f3mmxc18eajsxfo5i5j1hlhq8iqjor1cX-IG-WWW-Claim: 0sec-ch-ua-platform-version: "6.0.0"X-Requested-With: XMLHttpRequestX-Web-Device-Id: CFE9D4A9-A190-421B-933C-92D6D59BBD9Edpr: 1sec-ch-ua-full-version-list: "Not/A)Brand";v="99.0.0.0", "Google Chrome";v="115.0.5790.171", "Chromium";v="115.0.5790.171"X-CSRFToken: GKiQsWSIfPLmnvAoNaiii3JNKfMOqnNmsec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"X-IG-App-ID: 936619743392459sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36viewport-width: 1280Accept: /X-ASBD-ID: 129477Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yG/r/lkhxxK-dCwS.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.instagram.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3i7M54/yM/l/en_US/P3C31JedB_9.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.instagram.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /btmanifest/1008220018/instagram/main HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.instagram.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/instagram/xig/homepage/phones/home-phones.png?__makehaste_cache_breaker=HOgRclNOosk HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://static.cdninstagram.com/rsrc.php/v3/ys/l/0,cross/i2ho0CroZII.css?_nc_x=Ij3Wp8lg5KzAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yS/r/ajlEU-wEDyo.png HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/instagram/xig/homepage/screenshots/screenshot1.png?__d=www HTTP/1.1Host: www.instagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36viewport-width: 1280sec-ch-ua-platform-version: "6.0.0"dpr: 1sec-ch-ua-full-version-list: "Not/A)Brand";v="99.0.0.0", "Google Chrome";v="115.0.5790.171", "Chromium";v="115.0.5790.171"sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/instagram/xig/homepage/screenshots/screenshot2.png?__d=www HTTP/1.1Host: www.instagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36viewport-width: 1280sec-ch-ua-platform-version: "6.0.0"dpr: 1sec-ch-ua-full-version-list: "Not/A)Brand";v="99.0.0.0", "Google Chrome";v="115.0.5790.171", "Chromium";v="115.0.5790.171"sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/instagram/xig/homepage/screenshots/screenshot3.png?__d=www HTTP/1.1Host: www.instagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36viewport-width: 1280sec-ch-ua-platform-version: "6.0.0"dpr: 1sec-ch-ua-full-version-list: "Not/A)Brand";v="99.0.0.0", "Google Chrome";v="115.0.5790.171", "Chromium";v="115.0.5790.171"sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/instagram/xig/homepage/screenshots/screenshot4.png?__d=www HTTP/1.1Host: www.instagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36viewport-width: 1280sec-ch-ua-platform-version: "6.0.0"dpr: 1sec-ch-ua-full-version-list: "Not/A)Brand";v="99.0.0.0", "Google Chrome";v="115.0.5790.171", "Chromium";v="115.0.5790.171"sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /data/manifest.json HTTP/1.1Host: www.instagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36viewport-width: 1280sec-ch-ua-platform-version: "6.0.0"dpr: 1sec-ch-ua-full-version-list: "Not/A)Brand";v="99.0.0.0", "Google Chrome";v="115.0.5790.171", "Chromium";v="115.0.5790.171"sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/y4/r/QaBlI0OZiks.ico HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bulk-route-definitions/ HTTP/1.1Host: www.instagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/v1/public/landing_info/ HTTP/1.1Host: www.instagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /x/oauth/status?client_id=124024574287414&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.instagram.com%2F&sdk=joey&wants_cookie_data=true HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.instagram.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /data/manifest.json/ HTTP/1.1Host: www.instagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36viewport-width: 1280sec-ch-ua-platform-version: "6.0.0"dpr: 1sec-ch-ua-full-version-list: "Not/A)Brand";v="99.0.0.0", "Google Chrome";v="115.0.5790.171", "Chromium";v="115.0.5790.171"sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yf/r/1I7bCQOLaDP.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.instagram.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yz/r/c5Rp7Ym-Klz.png HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yu/r/EHY6QnZYdNX.png HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/y5/r/TJztmXpWTmS.png HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://static.cdninstagram.com/rsrc.php/v3/ys/l/0,cross/i2ho0CroZII.css?_nc_x=Ij3Wp8lg5KzAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /x/oauth/status?client_id=124024574287414&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.instagram.com%2F&sdk=joey&wants_cookie_data=true HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yV/r/ftfgD2tsNT7.png HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yS/r/ajlEU-wEDyo.png HTTP/1.1Host: static.cdninstagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/instagram/xig/homepage/phones/home-phones.png?__makehaste_cache_breaker=HOgRclNOosk HTTP/1.1Host: static.cdninstagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=7&__d=www&__hs=19592.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7270622713792815358&__req=4&__rev=1008220018&__s=%3A%3Afhz6nm&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823765&__user=0&dpr=1&jazoest=21012&lsd=AVpzWdsaEVI&ph=C3 HTTP/1.1Host: www.instagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/v1/web/qp/batch_fetch_web/ HTTP/1.1Host: www.instagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yZ/r/mgRcAxJAixP.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1Host: static.cdninstagram.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.instagram.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.instagram.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /btmanifest/1008220018/instagram/main HTTP/1.1Host: static.cdninstagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/y4/r/QaBlI0OZiks.ico HTTP/1.1Host: static.cdninstagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/instagram/xig/homepage/screenshots/screenshot2.png?__d=www HTTP/1.1Host: www.instagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bulk-route-definitions/ HTTP/1.1Host: www.instagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yz/r/c5Rp7Ym-Klz.png HTTP/1.1Host: static.cdninstagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yu/r/EHY6QnZYdNX.png HTTP/1.1Host: static.cdninstagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/instagram/xig/homepage/screenshots/screenshot1.png?__d=www HTTP/1.1Host: www.instagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/instagram/xig/homepage/screenshots/screenshot3.png?__d=www HTTP/1.1Host: www.instagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/instagram/xig/homepage/screenshots/screenshot4.png?__d=www HTTP/1.1Host: www.instagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=7&__d=www&__hs=19592.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7270622713792815358&__req=6&__rev=1008220018&__s=%3A%3Afhz6nm&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823765&__user=0&dpr=1&jazoest=21012&lsd=AVpzWdsaEVI&ph=C3 HTTP/1.1Host: www.instagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=15&__hs=19592.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7270622678530409993&__req=b&__rev=1008220018&__s=%3A%3Aw65qvo&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823757&__user=0&dpr=1&jazoest=2938&lsd=AVpHdI3gYfU&ph=C3e HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/y5/r/TJztmXpWTmS.png HTTP/1.1Host: static.cdninstagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yV/r/ftfgD2tsNT7.png HTTP/1.1Host: static.cdninstagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bulk-route-definitions/ HTTP/1.1Host: www.instagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=7&__d=www&__hs=19592.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7270622713792815358&__req=8&__rev=1008220018&__s=%3A%3Afhz6nm&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823765&__user=0&dpr=1&jazoest=21012&lsd=AVpzWdsaEVI&ph=C3 HTTP/1.1Host: www.instagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=7&__d=www&__hs=19592.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7270622713792815358&__req=a&__rev=1008220018&__s=%3A%3Afhz6nm&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823765&__user=0&dpr=1&jazoest=21012&lsd=AVpzWdsaEVI&ph=C3 HTTP/1.1Host: www.instagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /what-is-hcaptcha-about?ref=treasurydept.org&utm_campaign=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&utm_medium=checkbox HTTP/1.1Host: www.hcaptcha.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/p.js HTTP/1.1Host: newassets.hcaptcha.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.hcaptcha.com/what-is-hcaptcha-about?ref=treasurydept.org&utm_campaign=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&utm_medium=checkboxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da6544f17c9cbb3e/css/hcaptcha-v6-dev.webflow.2bcbbe72d.min.css HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.hcaptcha.com/what-is-hcaptcha-about?ref=treasurydept.org&utm_campaign=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&utm_medium=checkboxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1Host: www.hcaptcha.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.hcaptcha.com/what-is-hcaptcha-about?ref=treasurydept.org&utm_campaign=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&utm_medium=checkboxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=629d9c19da6544f17c9cbb3e HTTP/1.1Host: d3e54v103j8qbb.cloudfront.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.hcaptcha.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.hcaptcha.com/what-is-hcaptcha-about?ref=treasurydept.org&utm_campaign=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&utm_medium=checkboxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da6544f17c9cbb3e/js/webflow.d1d911895.js HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.hcaptcha.com/what-is-hcaptcha-about?ref=treasurydept.org&utm_campaign=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&utm_medium=checkboxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /beacon.min.js HTTP/1.1Host: static.cloudflareinsights.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.hcaptcha.com/what-is-hcaptcha-about?ref=treasurydept.org&utm_campaign=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&utm_medium=checkboxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da6544f17c9cbb3e/629d9c19da65440e5a9cbd33_are-u-human.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.hcaptcha.com/what-is-hcaptcha-about?ref=treasurydept.org&utm_campaign=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&utm_medium=checkboxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da6544f17c9cbb3e/629d9c19da65444f5c9cbc95_noun_Close_1217839_ffffff.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.hcaptcha.com/what-is-hcaptcha-about?ref=treasurydept.org&utm_campaign=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&utm_medium=checkboxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da6544f17c9cbb3e/629d9c19da654484039cbb6c_Asset%208.svg HTTP/1.1Host: uploads-ssl.webflow.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://assets-global.website-files.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da6544f17c9cbb3e/629d9c19da65444f5c9cbc95_noun_Close_1217839_ffffff.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da6544f17c9cbb3e/629d9c19da65440e5a9cbd33_are-u-human.svg HTTP/1.1Host: assets-global.website-files.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da6544f17c9cbb3e/629d9c19da654484039cbb6c_Asset%208.svg HTTP/1.1Host: uploads-ssl.webflow.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da6544f17c9cbb3e/629d9c19da654408cb9cbc1c_favicon%403x.png HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.hcaptcha.com/what-is-hcaptcha-about?ref=treasurydept.org&utm_campaign=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&utm_medium=checkboxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da6544f17c9cbb3e/629d9c19da654408cb9cbc1c_favicon%403x.png HTTP/1.1Host: assets-global.website-files.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=15&__hs=19592.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7270622678530409993&__req=c&__rev=1008220018&__s=%3A%3Aw65qvo&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823757&__user=0&dpr=1&jazoest=2938&lsd=AVpHdI3gYfU&ph=C3e HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /post/ai-text-detectors-fail-to-spot-llm-output?utm_medium=checkbox&utm_campaign=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9 HTTP/1.1Host: www.hcaptcha.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://www.hcaptcha.com/what-is-hcaptcha-about?ref=treasurydept.org&utm_campaign=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&utm_medium=checkboxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da654445779cbb65/647fe8a5ae90552e4c90d5a6_llm_detection.jpg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.hcaptcha.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=629d9c19da6544f17c9cbb3e HTTP/1.1Host: d3e54v103j8qbb.cloudfront.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"Origin: https://www.hcaptcha.comIf-None-Match: "dc5e7f18c8d36ac1d3d4753a87c98d0a"If-Modified-Since: Mon, 20 Jul 2020 17:53:02 GMTsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.hcaptcha.com/post/ai-text-detectors-fail-to-spot-llm-output?utm_medium=checkbox&utm_campaign=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da654445779cbb65/64593d7694a94bb1e2057d69_generative-ai.jpg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.hcaptcha.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da654445779cbb65/643d9cf8696c534a438c2bc8_detecting-llms-new.png HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.hcaptcha.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da654445779cbb65/63915afa2f89f27ecd9cec51_hc-vs-turn.jpg HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.hcaptcha.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da654445779cbb65/647fe8a5ae90552e4c90d5a6_llm_detection.jpg HTTP/1.1Host: assets-global.website-files.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da654445779cbb65/647dfd7ac8d50c3fa472b2d7_tested_sites1.png HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.hcaptcha.com/post/ai-text-detectors-fail-to-spot-llm-output?utm_medium=checkbox&utm_campaign=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da654445779cbb65/647dfd926e8dca4779db1817_table_1.png HTTP/1.1Host: assets-global.website-files.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.hcaptcha.com/post/ai-text-detectors-fail-to-spot-llm-output?utm_medium=checkbox&utm_campaign=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da654445779cbb65/64593d7694a94bb1e2057d69_generative-ai.jpg HTTP/1.1Host: assets-global.website-files.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da654445779cbb65/63915afa2f89f27ecd9cec51_hc-vs-turn.jpg HTTP/1.1Host: assets-global.website-files.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da654445779cbb65/647dfd7ac8d50c3fa472b2d7_tested_sites1.png HTTP/1.1Host: assets-global.website-files.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da654445779cbb65/647dfd926e8dca4779db1817_table_1.png HTTP/1.1Host: assets-global.website-files.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /629d9c19da654445779cbb65/643d9cf8696c534a438c2bc8_detecting-llms-new.png HTTP/1.1Host: assets-global.website-files.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=7&__d=www&__hs=19592.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7270622713792815358&__req=c&__rev=1008220018&__s=%3A%3Afhz6nm&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823765&__user=0&dpr=1&jazoest=21012&lsd=AVpzWdsaEVI&ph=C3 HTTP/1.1Host: www.instagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=15&__hs=19592.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7270622678530409993&__req=d&__rev=1008220018&__s=%3A%3Aw65qvo&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823757&__user=0&dpr=1&jazoest=2938&lsd=AVpHdI3gYfU&ph=C3e HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=7&__d=www&__hs=19592.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7270622713792815358&__req=d&__rev=1008220018&__s=%3A%3Afhz6nm&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823765&__user=0&dpr=1&jazoest=21012&lsd=AVpzWdsaEVI&ph=C3 HTTP/1.1Host: www.instagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=15&__hs=19592.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7270622678530409993&__req=e&__rev=1008220018&__s=%3A%3Aw65qvo&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823757&__user=0&dpr=1&jazoest=2938&lsd=AVpHdI3gYfU&ph=C3e HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: treasurydept.orgConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: chromecache_452.1.dr, chromecache_500.1.dr, chromecache_398.1.dr, chromecache_396.1.dr	String found in binary or memory: <div class="d-inline-flex fygepe"> <a href="https://www.facebook.com/p/Unclaimed-Money-100030956421077/" class="nimis japike" aria-label="facebook"> <svg viewBox="0 0 24 24" fill="currentColor" width="16" height="16"> equals www.facebook.com (Facebook)
Source: chromecache_348.1.dr, chromecache_414.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/2v2plzJQoTQ/ equals www.facebook.com (Facebook)
Source: chromecache_475.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/5RZXhVZje9T/ equals www.facebook.com (Facebook)
Source: chromecache_475.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/6Lnton1H2AA/ equals www.facebook.com (Facebook)
Source: chromecache_475.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/9cisb7Fe7ih/ equals www.facebook.com (Facebook)
Source: chromecache_518.1.dr, chromecache_514.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/A4tfXiHOGrs/ equals www.facebook.com (Facebook)
Source: chromecache_510.1.dr, chromecache_475.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/CCT5pM3qiNk/ equals www.facebook.com (Facebook)
Source: chromecache_518.1.dr, chromecache_514.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/Ga6vBwdwgUx/ equals www.facebook.com (Facebook)
Source: chromecache_469.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/HAC-_9WTKIm/ equals www.facebook.com (Facebook)
Source: chromecache_510.1.dr, chromecache_408.1.dr, chromecache_475.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/MDzNl_j9yvg/ equals www.facebook.com (Facebook)
Source: chromecache_510.1.dr, chromecache_475.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/OKBVmODmb-W/ equals www.facebook.com (Facebook)
Source: chromecache_475.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/V8_l6oUwABQ/ equals www.facebook.com (Facebook)
Source: chromecache_510.1.dr, chromecache_475.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/V9vdYColc4k/ equals www.facebook.com (Facebook)
Source: chromecache_414.1.dr, chromecache_510.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/WRsJ32R7YJG/ equals www.facebook.com (Facebook)
Source: chromecache_510.1.dr, chromecache_475.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/aJoeSHn7XcN/ equals www.facebook.com (Facebook)
Source: chromecache_475.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/cr2jmG-CdKo/ equals www.facebook.com (Facebook)
Source: chromecache_463.1.dr, chromecache_510.1.dr, chromecache_408.1.dr, chromecache_475.1.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/t3hOLs8wlXy/ equals www.facebook.com (Facebook)
Source: chromecache_535.1.dr	String found in binary or memory: </a></div></div><div id="social-fb" class="social-icon margin-left"><a rel="noopener" href="https://www.facebook.com/hcaptcha" target="_blank" class="invisible-link w-inline-block"></a><div bind="d109ca64-ce48-07d7-4b5d-71f01999d535" class="icon-facebook w-embed"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 400 400"> equals www.facebook.com (Facebook)
Source: chromecache_441.1.dr	String found in binary or memory: __d("Chromedome",["fbt"],(function(a,b,c,d,e,f,g,h){function a(a){if(top!==window\|\|document.domain==null\|\|!/(^\|\.)facebook\.(com\|sg)$/.test(document.domain))return;a=h._("Stop!");var b=h._("This is a browser feature intended for developers. If someone told you to copy-paste something here to enable a Facebook feature or \"hack\" someone's account, it is a scam and will give them access to your Facebook account."),c=h._("See {url} for more information.",[h._param("url","https://www.facebook.com/selfxss")]);if(window.chrome\|\|window.safari){var d="font-family:helvetica; font-size:20px; ";[[a,d+"font-size:50px; font-weight:bold; color:red; -webkit-text-stroke:1px black;"],[b,d],[c,d],["",""]].map(function(a){window.setTimeout(console.log.bind(console,"\n%c"+a[0].toString(),a[1]))})}else{a=[""," .d8888b. 888 888","d88P Y88b 888 888","Y88b. 888 888",' "Y888b. 888888 .d88b. 88888b. 888',' "Y88b. 888 d88""88b 888 "88b 888',' "888 888 888 888 888 888 Y8P',"Y88b d88P Y88b. Y88..88P 888 d88P",' "Y8888P" "Y888 "Y88P" 88888P" 888'," 888"," 888"," 888"];d=(""+b.toString()).match(/.{35}.+?\s+\|.+$/g);if(d!=null){b=Math.floor(Math.max(0,(a.length-d.length)/2));for(var e=0;e<a.length\|\|e<d.length;e++){var f=a[e];a[e]=f+new Array(45-f.length).join(" ")+(d[e-b]\|\|"")}}console.log("\n\n\n"+a.join("\n")+"\n\n"+c.toString()+"\n");return}}g.start=a}),98); equals www.facebook.com (Facebook)
Source: chromecache_445.1.dr	String found in binary or memory: __d("CometCookieConsent2023Q1OtherCompanies.react",["CometCookieConsentModalStringsUpdated","CometCookieConsentSectionAccordion.react","CometCookieConsentUtils.react","CometListCellText.react","TetraText.react","react"],(function(a,b,c,d,e,f,g){"use strict";var h=d("react");function a(){return h.jsxs("div",{className:"xua58t2 xx6bls6",children:[h.jsx("div",{className:"x9orja2",children:h.jsx(c("TetraText.react"),{type:"headlineEmphasized2",children:d("CometCookieConsentModalStringsUpdated").COOKIES_FROM_OTHER_COMPANIES_SECTION_HEADER})}),h.jsx("div",{className:"x1cnzs8",children:h.jsx(c("TetraText.react"),{type:"body3",children:d("CometCookieConsentModalStringsUpdated").getCookiesFromOtherCompaniesSubHeader(o)})}),h.jsx("div",{className:"x1cnzs8",children:h.jsx(c("CometCookieConsentSectionAccordion.react"),{content:j,sectionTitle:i})}),h.jsx("div",{children:h.jsx(c("CometCookieConsentSectionAccordion.react"),{content:l,sectionTitle:k})}),h.jsx("div",{children:h.jsx(c("CometCookieConsentSectionAccordion.react"),{content:n,sectionTitle:m})})]})}a.displayName=a.name+" [from "+f.id+"]";var i=h.jsx(c("CometListCellText.react"),{headline:h.jsx(c("TetraText.react"),{type:"headlineEmphasized3",children:d("CometCookieConsentModalStringsUpdated").HOW_WE_USE_THESE_COOKIES})}),j=h.jsxs("div",{style:{marginLeft:10},children:[h.jsx("div",{style:{paddingBottom:10,paddingTop:10},children:h.jsx(c("TetraText.react"),{type:"body3",children:d("CometCookieConsentModalStringsUpdated").HOW_WE_USE_THESE_COOKIES_INTRO})}),h.jsx(d("CometCookieConsentUtils.react").CometConsentListBullets,{list:[d("CometCookieConsentModalStringsUpdated").HOW_WE_USE_THESE_COOKIES_ITEM_1,d("CometCookieConsentModalStringsUpdated").HOW_WE_USE_THESE_COOKIES_ITEM_2,d("CometCookieConsentModalStringsUpdated").HOW_WE_USE_THESE_COOKIES_ITEM_3]})]}),k=h.jsx(c("CometListCellText.react"),{headline:h.jsx(c("TetraText.react"),{type:"headlineEmphasized3",children:d("CometCookieConsentModalStringsUpdated").IF_ALLOW_THESE_COOKIES})}),l=h.jsx("div",{style:{marginLeft:10},children:h.jsx(d("CometCookieConsentUtils.react").CometConsentListBullets,{list:[d("CometCookieConsentModalStringsUpdated").IF_ALLOW_THESE_COOKIES_ITEM_1,d("CometCookieConsentModalStringsUpdated").IF_ALLOW_THESE_COOKIES_ITEM_2,d("CometCookieConsentModalStringsUpdated").IF_ALLOW_THESE_COOKIES_ITEM_3]})}),m=h.jsx(c("CometListCellText.react"),{headline:h.jsx(c("TetraText.react"),{type:"headlineEmphasized3",children:d("CometCookieConsentModalStringsUpdated").IF_DONT_ALLOW_THESE_COOKIES})}),n=h.jsx("div",{style:{marginLeft:10},children:h.jsx(d("CometCookieConsentUtils.react").CometConsentListBullets,{list:[d("CometCookieConsentModalStringsUpdated").IF_DONT_ALLOW_THESE_COOKIES_ITEM_1,d("CometCookieConsentModalStringsUpdated").IF_DONT_ALLOW_THESE_COOKIES_ITEM_2]})}),o="https://www.facebook.com/privacy/policies/cookies/?annotations[0]=explanation%2F3_companies_list";g.CometCookieConsent2023Q1OtherCompanies=a}),98); equals www.facebook.com (Facebook)
Source: chromecache_510.1.dr	String found in binary or memory: __d("CometLegalFooter.react",["fbt","ix","CometErrorBoundary.react","CometLazyPopoverTrigger.react","CometLink.react","CometMiddot.react","CometPressable.react","JSResourceForInteraction","ServerTime","TetraIcon.react","TetraText.react","XPrivacyPolicyCometControllerRouteBuilder","fbicon","gkx","react","useCurrentRoute"],(function(a,b,c,d,e,f,g,h,i){"use strict";var j=d("react"),k=c("JSResourceForInteraction")("CometLegalFooterMoreMenu.react").__setRef("CometLegalFooter.react");function l(){try{var a;return(a=new Date(d("ServerTime").getMillis()))==null?void 0:a.getFullYear()}catch(a){return null}}function a(a){var b=a.isHelpCenter;b=b===void 0?!1:b;var e=a.isPage;e=e===void 0?!1:e;var f=a.onClick,g=c("useCurrentRoute")();a=l();var m=c("XPrivacyPolicyCometControllerRouteBuilder").buildUri({entry_point:"comet_dropdown"});e=[{href:"https://www.facebook.com/legal/terms/information_about_page_insights_data",label:h._("Information about Page Insights Data"),render:e&&c("gkx")("1470093")},{href:m.toString(),label:h._("Privacy"),testid:"CometDropdownPrivacy"},{href:"/terms?ref=pf",label:"Impressum/Terms/NetzDG/UrhDaG",render:c("gkx")("1539946")&&!c("gkx")("4359")},{href:"/terms?ref=pf",label:h._("Imprint\/Terms"),render:c("gkx")("4359")},{href:"/legal/netzdg/",label:h._("NetzDG\/UrhDaG\/Ranking of Content"),render:c("gkx")("4359")},{href:"/policies?ref=pf",label:h._("Terms"),render:!c("gkx")("1539946")&&!c("gkx")("4359"),testid:"CometDropdownTerms"},{href:"/business/",label:h._("Advertising")},{href:"/help/568137493302217",label:j.jsxs(j.Fragment,{children:[h._("Ad Choices")," ",j.jsx(c("CometErrorBoundary.react"),{children:j.jsx("span",{className:"x1n2onr6 x1qiirwl",children:j.jsx(c("TetraIcon.react"),{color:"secondary",icon:d("fbicon")._(i("871692"),12)})})})]})},{href:"/policies/cookies/",label:h._("Cookies"),testid:"CometDropdownCookies"}].filter(function(a){return a.render==null\|\|a.render===!0});var n=[];if((g==null?void 0:(m=g.rootView.props)==null?void 0:m.seoCrawlingPool)&&(g==null?void 0:(m=g.rootView.props)==null?void 0:m.seoCrawlingPool.url)){Array.from(Array((g==null?void 0:(m=g.rootView.props)==null?void 0:m.seoCrawlingPool.multiple_links)\|\|0)).forEach(function(a,b){n.push(j.jsxs("li",{className:"xt0psk2",children:[j.jsx(c("CometLink.react"),{color:"secondary",href:g==null?void 0:(a=g.rootView.props)==null?void 0:a.seoCrawlingPool.url,onClick:f,weight:"normal",children:g==null?void 0:(a=g.rootView.props)==null?void 0:a.seoCrawlingPool.link_string}),j.jsx(c("CometMiddot.react"),{})]},b))})}if((g==null?void 0:(m=g.rootView.props)==null?void 0:m.seoGrowthAutomationCrawlingPool)&&(g==null?void 0:(m=g.rootView.props)==null?void 0:m.seoGrowthAutomationCrawlingPool.url)){var o;m=(m=g==null?void 0:(m=g.rootView.props)==null?void 0:m.seoCrawlingPool.multiple_links)!=null?m:0;n.push(j.jsxs("li",{className:"xt0psk2",children:[j.jsx(c("CometLink.react"),{color:"secondary",href:g==null?void 0:(o=g.rootView.props)==null?void 0:o.seoGrowthAutomationCrawli
Source: chromecache_445.1.dr	String found in binary or memory: __d("FacebookCookieConsentCustomization",["fbt","ix","JSResourceForInteraction","XCookiesPolicyControllerRouteBuilder","isBaseline4EnabledForLoggedOut","isCNILEnabledForLoggedOut","lazyLoadComponent"],(function(a,b,c,d,e,f,g,h,i){"use strict";var j=c("lazyLoadComponent")(c("JSResourceForInteraction")("FacebookCometCookieConsentDialogDataSettings.react").__setRef("FacebookCookieConsentCustomization"));a=function(){var a,b,d,e=null;c("isBaseline4EnabledForLoggedOut")()\|\|c("isCNILEnabledForLoggedOut")()?(b=i("1954651"),d=i("1954649"),e=h._("More options")):(b=i("856481"),d=i("856481"),e=h._("Manage Data Settings"));a=(a=(a=c("XCookiesPolicyControllerRouteBuilder").buildUri({}).getQualifiedUri())==null?void 0:(a=a.setDomain("www.facebook.com"))==null?void 0:a.toString())!=null?a:"";return{essentialCookiesOnly:!1,faviconDark:d,faviconLight:b,policyUrl:a,productName:"FACEBOOK",secondaryAction:{label:e,viewReference:j}}};b=a;g["default"]=b}),98); equals www.facebook.com (Facebook)
Source: chromecache_414.1.dr	String found in binary or memory: __d("PolarisFBConnectActions",["fbt","invariant","IGDSThemeConstantsHelpers","PolarisAPIConnectAccountToFB","PolarisAPIFetchFBInfo","PolarisEventLoop","PolarisFBConnectHelpers","PolarisGenericStrings","PolarisLogger","PolarisLoginLogger","PolarisMonitorErrors","Promise","browserHistory","isStringNullOrEmpty","nullthrows","polarisFBReady","polarisIsEligibleForFacebookLogin","polarisUnexpected"],(function(a,b,c,d,e,f,g,h,i){"use strict";var j=3e5,k=5e3;function l(){return{type:"FB_CONNECT_TIMED_OUT"}}function m(a,b){return{authResponse:b,status:a,type:"FB_CONNECT_STATUS_RECEIVED"}}function n(a,b,c,d){return{fullName:d,igProfile:a,igProfiles:b,igSSODisabled:c,type:"FB_LINK_INFO_RECEIVED"}}function o(a){return{ssoFbName:a,type:"SHOW_SSO_DISABLED_MODAL"}}function a(){return{type:"SSO_DISABLED_MODAL_DISMISSED"}}function e(a,e){return function(f,g){g().fb.initialized&&i(0,51367);var h=c("polarisIsEligibleForFacebookLogin")();f({eligible:h,type:"FB_CONNECT_INITIALIZED"});if(!h)return b("Promise").resolve();var p=c("PolarisEventLoop").setTimeout(function(){p=null,f(l())},k);return c("polarisFBReady").sdkReady(function(){c("PolarisEventLoop").setInterval(function(){c("polarisFBReady").getLoginStatus(!0).then(function(a){f(m(a.status,a.authResponse))})},j);return c("polarisFBReady").getLoginStatus(e===!0).then(function(h){var i;c("PolarisEventLoop").clearTimeout(p);i=h==null?void 0:(i=h.authResponse)==null?void 0:i.accessToken;var j=b("Promise").resolve();h.status==="connected"&&i!=null&&i!==""&&(a&&(j=d("PolarisAPIFetchFBInfo").fetchFBInfo({accessToken:i}).then(function(a){var b,c=a.igSSODisabled;b=(b=a.meResponse)==null?void 0:b.name;c===!0?(f(n(null,null,!0)),e===!0&&f(o(b))):f(n(a.igAccount,a.igAccounts,c,b))})["catch"](function(){c("polarisUnexpected")("unable to fetch fb link info"),f(n(null,null))})));f(m(h.status,h.authResponse));i=g().navigation.pageIdentifier;["rootLandingPage","signupPage","loginPage","fbSignupPage","unifiedHome"].includes(i)&&d("PolarisLoginLogger").logLoginEvent({event_name:"fb_status_received",fbconnect_status:h.status});return j})["catch"](function(a){return b("Promise").reject(a)})})}}function p(a,b,e){b=b&&b.name;var f,g,i;a&&!c("isStringNullOrEmpty")(b)?f=h._("Linked to Facebook as {name}",[h._param("name",b)]):a&&(b==null\|\|b==="")?f=h._("Linked to Facebook"):(f=h._("Couldn't link to Facebook"),typeof e==="string"&&(g=d("PolarisGenericStrings").RETRY_TEXT,i=function(){return d("PolarisFBConnectHelpers").redirectToFBOAuth(c("nullthrows")(e),"toast")}));return{actionHandler:i,actionText:g,persistOnNavigate:!0,text:f}}function f(a,e){var f="https://www.instagram.com";return function(g,h){var i=c("isStringNullOrEmpty")(e)?"/":e;d("PolarisLogger").logAction("connectToFacebookAttempt");g({type:"FB_CONNECT_LINK_ACCOUNT_REQUESTED"});if(i.match(/^(http\|\/\/)/)\|\|i.match(/[^a-zA-Z0-9._/?=]/)){d("PolarisLogger").logAction("connectToFacebookFailure");d("browserHistory").browserHistory.push("/");c("polarisUnexpected")("[FBConnect] Redir
Source: chromecache_414.1.dr	String found in binary or memory: __d("PolarisFBConnectHelpers",["FbSdkConsts","PolarisConfig","PolarisConfigConstants","PolarisIGWebStorage","PolarisLoggedOutCtaLogger","PolarisLogger","PolarisOneTapLoginStorage","PolarisQueryParamsHelper","PolarisRandom","PolarisRoutes","PolarisUA","PolarisWebStorage","Promise","asyncToGeneratorRuntime","browserHistory","isStringNullOrEmpty","nullthrows","polarisFBReady","qex"],(function(a,b,c,d,e,f,g){"use strict";var h=[0,0,0,0,0,0,0,0],i="https://m.facebook.com/dialog/oauth",j="https://www.facebook.com/dialog/oauth",k="NewUserInterstitial.profile_picture_url",l="fbAccessToken",m="fbLoginKey",n="fbLoginReturnURL",o="fbPlainToken";function p(a,b){var e;b===void 0&&(b=[]);var f=c("PolarisWebStorage").getSessionStorage(),g=h.reduce(function(a){return a+d("PolarisRandom").randomUint32().toString(36)},"");f!=null&&f.setItem(m,g);f="https://www.instagram.com"+d("PolarisRoutes").SIGNUP_PATH;g=(e={},e[m]=g,e[n]=a,e);a=d("PolarisUA").isMobile()?i:j;e=d("PolarisQueryParamsHelper").appendQueryParams(a,{client_id:d("PolarisConfigConstants").instagramFBAppId,locale:d("PolarisConfig").getLocale(),redirect_uri:f,response_type:"code,granted_scopes",scope:b.concat(d("FbSdkConsts").PERMISSIONS.EMAIL).join(","),state:JSON.stringify(g)});d("browserHistory").redirect(e)}function q(){var a=c("PolarisWebStorage").getSessionStorage(),b=null;a!=null&&(b=a.getItem(m),a.removeItem(m));return c("isStringNullOrEmpty")(b)?null:b}function a(a){var b=q();return b==null\|\|b===""?!1:a===b}function e(){var a=c("qex")._("89");switch(a){case-1:return!0;case 5:case 0:default:return!1}}function f(){var a;return(a=d("PolarisIGWebStorage").getStorageForUser(d("PolarisConfig").getViewerId()))==null?void 0:a.getItem(l)}function r(a){return s.apply(this,arguments)}function s(){s=b("asyncToGeneratorRuntime").asyncToGenerator(function*(a){var e=(yield new(b("Promise"))(function(a,b){c("polarisFBReady").sdkReady(function(){c("polarisFBReady").getLoginStatus(!0).then(function(c){c.status===d("FbSdkConsts").STATUS.CONNECTED?a(c):b()})["catch"](function(a){b(a)})})}));if(a){a=(a=e.authResponse)==null?void 0:a.accessToken;u(a)}return e});return s.apply(this,arguments)}function t(){return new(b("Promise"))(function(a,b){c("polarisFBReady").sdkReady(function(){c("polarisFBReady").login().then(function(c){c.status===d("FbSdkConsts").STATUS.CONNECTED?a(c):b()})["catch"](function(a){b(a)})})})}function u(a){if(!c("isStringNullOrEmpty")(a)){var b;(b=d("PolarisIGWebStorage").getStorageForUser(d("PolarisConfig").getViewerId()))==null?void 0:b.setItem(l,a)}}function v(a,c,e,f,g){e===void 0&&(e="fb_connect");f===void 0&&(f="");d("PolarisLogger").logAction("connectToFacebookClick",{source:c});d("PolarisLoggedOutCtaLogger").logLoggedOutCtaEvent({ctaType:e,ctaVersion:f,eventName:"fb_connect_click"});return new(b("Promise"))(function(b,c){p(a,g)})}function w(a){var b=c("PolarisWebStorage").getSessionStorage();if(!c("PolarisWebStorage").isSessionStorageSupported()\|\|b==null)return;!a.data.is_silhouette&&a.dat
Source: chromecache_414.1.dr	String found in binary or memory: __d("PolarisLinkshimURI",["PolarisInstapi","URI","promiseDone"],(function(a,b,c,d,e,f,g){"use strict";var h=["l.facebook.com","l.instagram.com"],i=["help.instagram.com","www.facebook.com"];function j(a){var b;try{b=new(c("URI"))(a)}catch(a){return!1}a=b.getDomain();var d=b.getProtocol().toLowerCase();return d!=null&&!d.startsWith("http")?!0:h.includes(a)&&!!b.getQueryData().u\|\|i.includes(a)}function a(a,b,e){e===void 0&&(e=""),j(a)&&b(a),c("promiseDone")(d("PolarisInstapi").apiPost("/api/v1/web/linkshim/link/",{body:{cs:e,u:a}}).then(function(a){b(a.data.uri)}))}g.shouldSkipLinkShim=j;g.asyncGet=a}),98); equals www.facebook.com (Facebook)
Source: chromecache_419.1.dr	String found in binary or memory: __d("SellerHealthDashboardConstants",["$InternalEnum"],(function(a,b,c,d,e,f){"use strict";a=b("$InternalEnum").Mirrored(["AVERAGE_PRODUCT_RATING","CHARGEBACK","CLAIM_ESCALATION","LATE_DELIVERY","LATE_HANDLING","NEGATIVE_CUSTOMER_REVIEWS","SELLER_INITIATED_CANCELLATION"]);c=b("$InternalEnum").Mirrored(["MAILING_LIST","OFFERS","PRODUCT_LAUNCHES","SHOP_TAB","SYML"]);d=12;e=6;b=[a.LATE_DELIVERY,a.LATE_HANDLING,a.NEGATIVE_CUSTOMER_REVIEWS,a.AVERAGE_PRODUCT_RATING,a.SELLER_INITIATED_CANCELLATION,a.CLAIM_ESCALATION,a.CHARGEBACK];var g=84,h=49,i=28,j=21,k="&return_status=in_progress",l="SellerHealthMetricRecommendationCard",m="SellerHealthMetricCard",n="SellerHealthMetricAppealCard",o="SellerHealthAppealsModal",p="SellerHealthAppealsConfirmationModal",q="SellerHealthDetailPage",r="SellerHealthMetricDetailsTable",s="SellerHealthEvaluationCard",t="SellerHealthDashboardPolicyComplianceCard",u="SellerHealthTableLayout",v="SellerHealthMetricsReportCard",w="https://www.facebook.com/business/help/2347002662267537",x="https://www.facebook.com/business/help/1268984156585391",y="https://www.facebook.com/business/help/386185880223138",z="https://transparency.fb.com/policies/community-standards/?source=https%3A%2F%2Fwww.facebook.com%2Fcommunitystandards%2F",A="https://www.facebook.com/policies_center/community_feedback/";f.HealthMetrics=a;f.AccountHealthFeature=c;f.PAGE_COLUMNS_SPAN=d;f.METRIC_COLUMNS_SPAN=e;f.METRICS=b;f.DAYS_SINCE_START_OF_EVALUATION_WINDOW=g;f.DAYS_SINCE_START_OF_EVALUATION_WINDOW_28D=h;f.DAYS_SINCE_END_OF_EVALUATION_WINDOW=i;f.DAYS_SINCE_END_OF_EVALUATION_WINDOW_28D=j;f.shopifyReturnPageFilter=k;f.recommendationCardComponent=l;f.metricCardComponent=m;f.appealCardComponent=n;f.appealModalComponent=o;f.appealConfirmationComponent=p;f.viewDetailsPageComponent=q;f.viewDetailsTable=r;f.evaluationCardComponent=s;f.policyComplianceCardComponent=t;f.tableLayoutComponent=u;f.metricsReportCardComponent=v;f.COMMERCE_ELIBILITY_REQUIREMENTS_LINK=w;f.ACCOUNT_HEALTH_HELP_CENTER_ARTICLE_LINK=x;f.SELLER_PERFORMANCE_STANDARDS_LINK=y;f.COMMUNITY_STANDARDS_LINK=z;f.COMMUNITY_FEEDBACK_POLICY_LINK=A}),66); equals www.facebook.com (Facebook)
Source: chromecache_555.1.dr	String found in binary or memory: __d("isPolarisAdLink",["URI"],(function(a,b,c,d,e,f,g){"use strict";var h="www.facebook.com",i=/www\.[\w\-]+\.(od\|(sandcastle\|twshared)(\w+\.)+\w+)?\.?facebook\.com/,j="/ads/ig_redirect/";function a(a){a=new(c("URI"))(a);var b=a.getDomain();if(a.getPath()!==j)return!1;return b===h?!0:a.getDomain().match(i)!=null}g["default"]=a}),98); equals www.facebook.com (Facebook)

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 23 Aug 2023 20:48:38 GMTServer: ApacheContent-Length: 196Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 23 Aug 2023 20:48:59 GMTServer: ApacheContent-Length: 196Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 23 Aug 2023 20:49:08 GMTServer: ApacheContent-Length: 196Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundVary: Accept-Encodingreport-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;document-policy: force-load-at-toppermissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()cross-origin-resource-policy: same-origincross-origin-opener-policy: same-origin-allow-popupsPragma: no-cacheCache-Control: private, no-cache, no-store, must-revalidateExpires: Sat, 01 Jan 2000 00:00:00 GMTX-Content-Type-Options: nosniffX-XSS-Protection: 0X-Frame-Options: DENYorigin-agent-cluster: ?0Strict-Transport-Security: max-age=15552000; preloadContent-Type: text/html; charset="utf-8"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundVary: Accept-Encodingreport-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;document-policy: force-load-at-toppermissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()cross-origin-resource-policy: same-origincross-origin-opener-policy: same-origin-allow-popupsPragma: no-cacheCache-Control: private, no-cache, no-store, must-revalidateExpires: Sat, 01 Jan 2000 00:00:00 GMTX-Content-Type-Options: nosniffX-XSS-Protection: 0X-Frame-Options: DENYorigin-agent-cluster: ?0Strict-Transport-Security: max-age=15552000; preloadContent-Type: text/html; charset="utf-8"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundVary: Accept-Encodingreport-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;document-policy: force-load-at-toppermissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()cross-origin-resource-policy: same-origincross-origin-opener-policy: same-origin-allow-popupsPragma: no-cacheCache-Control: private, no-cache, no-store, must-revalidateExpires: Sat, 01 Jan 2000 00:00:00 GMTX-Content-Type-Options: nosniffX-XSS-Protection: 0X-Frame-Options: DENYorigin-agent-cluster: ?0Strict-Transport-Security: max-age=15552000; preloadContent-Type: text/html; charset="utf-8"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundVary: Accept-Encodingaccept-ch-lifetime: 4838400accept-ch: viewport-width,dpr,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-VersionPragma: no-cacheCache-Control: private, no-cache, no-store, must-revalidateExpires: Sat, 01 Jan 2000 00:00:00 GMTcontent-security-policy-report-only: default-src .facebook.com .fbcdn.net .instagram.com data: blob:;script-src .facebook.com .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' .instagram.com static.cdninstagram.com;style-src data: blob: 'unsafe-inline' .fbcdn.net .facebook.com .instagram.com static.cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* blob: .instagram.com .cdninstagram.com wss://.instagram.com: 'self' wss://edge-chat.instagram.com connect.facebook.net;font-src .facebook.com data: .fbcdn.net .instagram.com static.cdninstagram.com .intern.facebook.com;img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com .fbsbx.com android-webview-video-poster:;media-src .facebook.com .fbcdn.net .instagram.com .cdninstagram.com cdn.fbsbx.com data: blob:;frame-src .instagram.com .facebook.com .fbsbx.com fbsbx.com data:;worker-src *.instagram.com static.cdninstagram.com;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundVary: Accept-Encodingaccept-ch-lifetime: 4838400accept-ch: viewport-width,dpr,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-VersionPragma: no-cacheCache-Control: private, no-cache, no-store, must-revalidateExpires: Sat, 01 Jan 2000 00:00:00 GMTcontent-security-policy-report-only: default-src .facebook.com .fbcdn.net .instagram.com data: blob:;script-src .facebook.com .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' .instagram.com static.cdninstagram.com;style-src data: blob: 'unsafe-inline' .fbcdn.net .facebook.com .instagram.com static.cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* blob: .instagram.com .cdninstagram.com wss://.instagram.com: 'self' wss://edge-chat.instagram.com connect.facebook.net;font-src .facebook.com data: .fbcdn.net .instagram.com static.cdninstagram.com .intern.facebook.com;img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com .fbsbx.com android-webview-video-poster:;media-src .facebook.com .fbcdn.net .instagram.com .cdninstagram.com cdn.fbsbx.com data: blob:;frame-src .instagram.com .facebook.com .fbsbx.com fbsbx.com data:;worker-src *.instagram.com static.cdninstagram.com;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundVary: Accept-Encodingaccept-ch-lifetime: 4838400accept-ch: viewport-width,dpr,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-VersionPragma: no-cacheCache-Control: private, no-cache, no-store, must-revalidateExpires: Sat, 01 Jan 2000 00:00:00 GMTcontent-security-policy-report-only: default-src .facebook.com .fbcdn.net .instagram.com data: blob:;script-src .facebook.com .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' .instagram.com static.cdninstagram.com;style-src data: blob: 'unsafe-inline' .fbcdn.net .facebook.com .instagram.com static.cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* blob: .instagram.com .cdninstagram.com wss://.instagram.com: 'self' wss://edge-chat.instagram.com connect.facebook.net;font-src .facebook.com data: .fbcdn.net .instagram.com static.cdninstagram.com .intern.facebook.com;img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com .fbsbx.com android-webview-video-poster:;media-src .facebook.com .fbcdn.net .instagram.com .cdninstagram.com cdn.fbsbx.com data: blob:;frame-src .instagram.com .facebook.com .fbsbx.com fbsbx.com data:;worker-src *.instagram.com static.cdninstagram.com;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;

Source: chromecache_475.1.dr	String found in binary or memory: http://fb.me/use-check-prop-types
Source: chromecache_414.1.dr	String found in binary or memory: http://www.windowsphone.com/s?appid=3222a126-7f20-4273-ab4a-161120b21aea
Source: chromecache_500.1.dr	String found in binary or memory: https://TreasuryDept.org/pics/171594.jpg
Source: chromecache_500.1.dr	String found in binary or memory: https://TreasuryDept.org/pics/271503.jpg
Source: chromecache_500.1.dr	String found in binary or memory: https://TreasuryDept.org/pics/444208.jpg
Source: chromecache_500.1.dr	String found in binary or memory: https://TreasuryDept.org/pics/712e49858119d9519f62aa607fbab3a2.jpg
Source: chromecache_500.1.dr	String found in binary or memory: https://TreasuryDept.org/pics/82d58c8011efc4312d60294e9bf3b880.jpg
Source: chromecache_500.1.dr	String found in binary or memory: https://TreasuryDept.org/pics/b3e7b02de9350e96293674a7d117e452.png
Source: chromecache_500.1.dr	String found in binary or memory: https://TreasuryDept.org/pics/e36c2144dc52b62f8f7061617286903f.jpg
Source: chromecache_500.1.dr	String found in binary or memory: https://TreasuryDept.org/pics/financial-assistance-grants.jpg
Source: chromecache_500.1.dr	String found in binary or memory: https://TreasuryDept.org/pics/how-to-request-financial-assistance.jpg
Source: chromecache_500.1.dr	String found in binary or memory: https://TreasuryDept.org/pics/unclaimed-money-government-website.jpg
Source: chromecache_373.1.dr	String found in binary or memory: https://a.hcaptcha.com
Source: chromecache_535.1.dr	String found in binary or memory: https://accounts.hcaptcha.com/bug-report
Source: chromecache_555.1.dr	String found in binary or memory: https://applink.instagram.com
Source: chromecache_535.1.dr	String found in binary or memory: https://apply.workable.com/imachines/
Source: chromecache_535.1.dr	String found in binary or memory: https://assets-global.website-files.com/629d9c19da6544f17c9cbb3e/629d9c19da654408cb9cbc1c_favicon%40
Source: chromecache_535.1.dr	String found in binary or memory: https://assets-global.website-files.com/629d9c19da6544f17c9cbb3e/629d9c19da65440e5a9cbd33_are-u-huma
Source: chromecache_535.1.dr	String found in binary or memory: https://assets-global.website-files.com/629d9c19da6544f17c9cbb3e/629d9c19da65444f5c9cbc95_noun_Close
Source: chromecache_535.1.dr	String found in binary or memory: https://assets-global.website-files.com/629d9c19da6544f17c9cbb3e/629d9c19da6544c7e19cbc12_hcaptcha-s
Source: chromecache_535.1.dr	String found in binary or memory: https://assets-global.website-files.com/629d9c19da6544f17c9cbb3e/css/hcaptcha-v6-dev.webflow.2bcbbe7
Source: chromecache_535.1.dr	String found in binary or memory: https://assets-global.website-files.com/629d9c19da6544f17c9cbb3e/js/webflow.d1d911895.js
Source: chromecache_535.1.dr	String found in binary or memory: https://assets.hcaptcha.com/website-i18n
Source: chromecache_535.1.dr	String found in binary or memory: https://assets.hcaptcha.com/website-tr-js/vavilon.min.js
Source: chromecache_535.1.dr	String found in binary or memory: https://assets.hcaptcha.com/website-tr/
Source: chromecache_555.1.dr	String found in binary or memory: https://call.instagram.com
Source: chromecache_535.1.dr	String found in binary or memory: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=629d9c19da6544f17c9cbb3
Source: chromecache_535.1.dr	String found in binary or memory: https://dashboard.hcaptcha.com/login
Source: chromecache_535.1.dr	String found in binary or memory: https://docs.hcaptcha.com/
Source: chromecache_414.1.dr	String found in binary or memory: https://e2e.instagram.com
Source: chromecache_414.1.dr, chromecache_510.1.dr	String found in binary or memory: https://fburl.com/comet_preloading
Source: chromecache_414.1.dr, chromecache_445.1.dr	String found in binary or memory: https://fburl.com/dialog-provider).
Source: chromecache_414.1.dr, chromecache_510.1.dr	String found in binary or memory: https://fburl.com/wiki/m19zmtlh
Source: chromecache_490.1.dr, chromecache_475.1.dr	String found in binary or memory: https://fburl.com/wiki/xrzohrqb
Source: chromecache_535.1.dr	String found in binary or memory: https://fonts.googleapis.com
Source: chromecache_535.1.dr	String found in binary or memory: https://fonts.gstatic.com
Source: chromecache_437.1.dr, chromecache_480.1.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_535.1.dr	String found in binary or memory: https://github.com/jensyt/imurmurhash-js/blob/master/imurmurhash.min.js
Source: chromecache_437.1.dr, chromecache_480.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_480.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_414.1.dr	String found in binary or memory: https://graph.instagram.com/logging_client_events
Source: chromecache_414.1.dr	String found in binary or memory: https://graphql.instagram.com/graphql/
Source: chromecache_550.1.dr, chromecache_546.1.dr	String found in binary or memory: https://hcaptcha.com/license
Source: chromecache_475.1.dr	String found in binary or memory: https://help.instagram.com/1009785806132609
Source: chromecache_414.1.dr	String found in binary or memory: https://help.instagram.com/126382350847838
Source: chromecache_555.1.dr	String found in binary or memory: https://help.instagram.com/155833707900388
Source: chromecache_555.1.dr	String found in binary or memory: https://help.instagram.com/155940534568753/
Source: chromecache_414.1.dr	String found in binary or memory: https://help.instagram.com/176296189679904?ref=tos
Source: chromecache_414.1.dr	String found in binary or memory: https://help.instagram.com/222826637847963
Source: chromecache_555.1.dr	String found in binary or memory: https://help.instagram.com/2387676754836493
Source: chromecache_475.1.dr	String found in binary or memory: https://help.instagram.com/3447030285548203
Source: chromecache_475.1.dr	String found in binary or memory: https://help.instagram.com/370452623149242
Source: chromecache_475.1.dr	String found in binary or memory: https://help.instagram.com/414934160431303?ref=bsw
Source: chromecache_414.1.dr	String found in binary or memory: https://help.instagram.com/426700567389543/
Source: chromecache_414.1.dr	String found in binary or memory: https://help.instagram.com/477434105621119
Source: chromecache_475.1.dr	String found in binary or memory: https://help.instagram.com/519522125107875
Source: chromecache_414.1.dr	String found in binary or memory: https://help.instagram.com/535503073130320/
Source: chromecache_475.1.dr	String found in binary or memory: https://help.instagram.com/581066165581870
Source: chromecache_414.1.dr	String found in binary or memory: https://help.instagram.com/581066165581870/
Source: chromecache_475.1.dr	String found in binary or memory: https://help.instagram.com/626057554667531
Source: chromecache_414.1.dr	String found in binary or memory: https://help.instagram.com/629037417957828
Source: chromecache_414.1.dr	String found in binary or memory: https://i.instagram.com
Source: chromecache_414.1.dr	String found in binary or memory: https://itunes.apple.com/app/instagram/id
Source: chromecache_452.1.dr, chromecache_500.1.dr, chromecache_396.1.dr	String found in binary or memory: https://js.hcaptcha.com/1/api.js
Source: chromecache_374.1.dr	String found in binary or memory: https://lexical.dev/docs/error?
Source: chromecache_535.1.dr	String found in binary or memory: https://newassets.hcaptcha.com/js/p.js
Source: chromecache_535.1.dr	String found in binary or memory: https://newassets.hcaptcha.com/website-i18n
Source: chromecache_535.1.dr	String found in binary or memory: https://newassets.hcaptcha.com/website-tr/js/vavilon_mod.min.js
Source: chromecache_445.1.dr	String found in binary or memory: https://optout.aboutads.info/
Source: chromecache_414.1.dr	String found in binary or memory: https://play.google.com/store/apps/details?id=com.instagram.android
Source: chromecache_414.1.dr	String found in binary or memory: https://play.google.com/store/apps/details?id=com.instagram.lite
Source: keys.json.0.dr	String found in binary or memory: https://polyset.xyz
Source: keys.json.0.dr	String found in binary or memory: https://pst-issuer.hcaptcha.com
Source: chromecache_361.1.dr	String found in binary or memory: https://scontent.xx.fbcdn.net/hads-ak-prn2/1487645_6012475414660_1439393861_n.png
Source: chromecache_535.1.dr	String found in binary or memory: https://static.cloudflareinsights.com/beacon.min.js
Source: chromecache_445.1.dr	String found in binary or memory: https://support.google.com/chrome/answer/95647
Source: keys.json.0.dr	String found in binary or memory: https://trusttoken.dev
Source: chromecache_535.1.dr	String found in binary or memory: https://twitter.com/hcaptcha
Source: chromecache_404.1.dr	String found in binary or memory: https://wa.me
Source: chromecache_555.1.dr	String found in binary or memory: https://www.fbsbx.com/captcha/recaptcha/iframe/
Source: chromecache_535.1.dr	String found in binary or memory: https://www.hcaptcha.com/accessibility
Source: chromecache_535.1.dr	String found in binary or memory: https://www.hcaptcha.com/post/ai-text-detectors-fail-to-spot-llm-output
Source: chromecache_535.1.dr	String found in binary or memory: https://www.hcaptcha.com/what-is-hcaptcha-about
Source: chromecache_535.1.dr	String found in binary or memory: https://www.hcaptchastatus.com/
Source: chromecache_475.1.dr	String found in binary or memory: https://www.instagram.com
Source: chromecache_452.1.dr, chromecache_500.1.dr, chromecache_398.1.dr, chromecache_396.1.dr	String found in binary or memory: https://www.instagram.com/
Source: chromecache_475.1.dr	String found in binary or memory: https://www.instagram.com/support/chat/embed/ig/
Source: chromecache_414.1.dr	String found in binary or memory: https://www.internalfb.com
Source: chromecache_518.1.dr, chromecache_514.1.dr	String found in binary or memory: https://www.internalfb.com/intern/invariant/
Source: chromecache_535.1.dr	String found in binary or memory: https://www.w3schools.com/tags/ref_language_codes.asp
Source: chromecache_445.1.dr	String found in binary or memory: https://www.youronlinechoices.com/
Source: chromecache_414.1.dr	String found in binary or memory: https://xweb.instagram.com
Source: chromecache_445.1.dr	String found in binary or memory: https://youradchoices.ca/

Source: unknown

HTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=PENDING+904; SOCS=CAISHAgCEhJnd3NfMjAyMjA4MDgtMF9SQzEaAmVuIAEaBgiAvOuXBg; AEC=Ad49MVGiijyX5dxPFAKxKYso-rIS24Ht-Pxs5fU9hHrAzfASnm-jqdQE1g; NID=511=WyMJovC2uA2AEbHQkGfP-KDdYCeg5Q7Mv6gxYT-qeugtrnXImrhmp1SixwS4ydh_E8Z0hdfCLAXvg2WUqsBSfqpx5SFvCCoeGeevqlEfkoxYi9FTISb8Cu7rr5rf9PyyNbLqf2QbxG7ja7jAB6UJQd5CPvMGcYUasORCRKRL1-arNYzfADAWHJvBLXml-Km_uewDreOyJ-MjxAI-i38Tl6LXI3zB; 1P_JAR=2023-08-10-10

Source: classification engine

Classification label: clean2.win@32/216@76/22

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1904 --field-trial-handle=1820,i,2308566206030014462,8116895579599014816,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" "http://treasurydept.org
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1904 --field-trial-handle=1820,i,2308566206030014462,8116895579599014816,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\chrome_BITS_2084_708861117

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\chrome_BITS_2084_708861117	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping2084_997763858	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping2084_997763858\keys.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping2084_997763858\manifest.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping2084_997763858\LICENSE	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping2084_997763858\_metadata\	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping2084_997763858\_metadata\verified_contents.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping2084_997763858\manifest.fingerprint	Jump to behavior

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
1 Drive-by Compromise	Windows Management Instrumentation	Path Interception	1 Process Injection	2 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	1 Encrypted Channel	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Extra Window Memory Injection	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	4 Non-Application Layer Protocol	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	1 Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	5 Application Layer Protocol	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data
Local Accounts	At (Windows)	Logon Script (Mac)	Logon Script (Mac)	1 Extra Window Memory Injection	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	Scheduled Transfer	3 Ingress Tool Transfer	SIM Card Swap		Carrier Billing Fraud

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
http://treasurydept.org	0%	Avira URL Cloud	safe
http://treasurydept.org	1%	Virustotal		Browse

Source	Detection	Scanner	Label
https://assets-global.website-files.com/629d9c19da6544f17c9cbb3e/629d9c19da654408cb9cbc1c_favicon%403x.png	0%	URL Reputation	safe
https://www.internalfb.com/intern/invariant/	0%	URL Reputation	safe
https://www.internalfb.com/intern/invariant/	0%	URL Reputation	safe
https://a.hcaptcha.com	0%	URL Reputation	safe
https://youradchoices.ca/	0%	URL Reputation	safe
https://assets-global.website-files.com/629d9c19da654445779cbb65/63915afa2f89f27ecd9cec51_hc-vs-turn.jpg	0%	URL Reputation	safe
https://www.hcaptcha.com/what-is-hcaptcha-about	0%	URL Reputation	safe
https://www.hcaptcha.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	0%	URL Reputation	safe
https://lexical.dev/docs/error?	0%	URL Reputation	safe
https://pst-issuer.hcaptcha.com	0%	URL Reputation	safe
https://fburl.com/wiki/xrzohrqb	0%	URL Reputation	safe
https://www.hcaptcha.com/accessibility	0%	URL Reputation	safe
https://assets.hcaptcha.com/website-tr/	0%	URL Reputation	safe
https://docs.hcaptcha.com/	0%	URL Reputation	safe
https://newassets.hcaptcha.com/website-i18n	0%	URL Reputation	safe
https://polyset.xyz	0%	URL Reputation	safe
https://assets-global.website-files.com/629d9c19da6544f17c9cbb3e/629d9c19da65444f5c9cbc95_noun_Close	0%	URL Reputation	safe
https://newassets.hcaptcha.com/website-tr/js/vavilon_mod.min.js	0%	URL Reputation	safe
https://assets-global.website-files.com/629d9c19da6544f17c9cbb3e/css/hcaptcha-v6-dev.webflow.2bcbbe72d.min.css	0%	Avira URL Cloud	safe
https://treasurydept.org/stylecss/xozoka.jpg	0%	Avira URL Cloud	safe
https://treasurydept.org/stylecss/lyloreryvas9.svg	0%	Avira URL Cloud	safe
https://assets-global.website-files.com/629d9c19da6544f17c9cbb3e/css/hcaptcha-v6-dev.webflow.2bcbbe7	0%	Avira URL Cloud	safe
https://newassets.hcaptcha.com/captcha/v1/490cab9/static/hcaptcha.html	0%	Avira URL Cloud	safe
https://TreasuryDept.org/pics/444208.jpg	0%	Avira URL Cloud	safe
https://TreasuryDept.org/pics/171594.jpg	0%	Avira URL Cloud	safe
https://treasurydept.org/stylecss/jilavaman.jpg	0%	Avira URL Cloud	safe
https://TreasuryDept.org/pics/712e49858119d9519f62aa607fbab3a2.jpg	0%	Avira URL Cloud	safe
https://assets-global.website-files.com/629d9c19da654445779cbb65/647fe8a5ae90552e4c90d5a6_llm_detection.jpg	0%	Avira URL Cloud	safe
https://treasurydept.org/pics/unclaimed-money-government-website.jpg	0%	Avira URL Cloud	safe
https://treasurydept.org/pics/b3e7b02de9350e96293674a7d117e452.png	0%	Avira URL Cloud	safe
https://treasurydept.org/pics/financial-assistance-grants.jpg	0%	Avira URL Cloud	safe
https://treasurydept.org/stylecss/dirabiw88.jpg	0%	Avira URL Cloud	safe
https://TreasuryDept.org/pics/82d58c8011efc4312d60294e9bf3b880.jpg	0%	Avira URL Cloud	safe
https://treasurydept.org/pics/e36c2144dc52b62f8f7061617286903f.jpg	0%	Avira URL Cloud	safe
https://newassets.hcaptcha.com/c/a91272a/hsw.js	0%	Avira URL Cloud	safe
https://treasurydept.org/stylecss/bgon.png	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
star-mini.c10r.facebook.com	157.240.251.35	true	false	high
cloudflareinsights.com	104.16.57.101	true	false	unknown
static.cloudflareinsights.com	104.16.57.101	true	false	unknown
accounts.google.com	172.217.168.77	true	false	high
video.xx.fbcdn.net	157.240.17.9	true	false	high
treasurydept.org	47.252.33.131	true	false	unknown
z-p42-instagram.c10r.instagram.com	157.240.17.174	true	false	high
scontent.cdninstagram.com	157.240.17.63	true	false	high
d3e54v103j8qbb.cloudfront.net	18.64.84.71	true	false	high
hcaptcha.com	104.16.168.131	true	false	unknown
scontent.xx.fbcdn.net	157.240.17.15	true	false	high
scontent-fra5-2.xx.fbcdn.net	157.240.253.1	true	false	high
js.hcaptcha.com	104.16.168.131	true	false	unknown
scontent-fra3-2.xx.fbcdn.net	157.240.0.6	true	false	high
d3vmvmej3wjbxn.cloudfront.net	18.64.103.81	true	false	high
www.google.com	172.217.168.68	true	false	high
a.hcaptcha.com	104.16.169.131	true	false	unknown
clients.l.google.com	142.250.203.110	true	false	high
www.hcaptcha.com	104.16.169.131	true	false	unknown
newassets.hcaptcha.com	104.16.168.131	true	false	unknown
scontent-fra5-1.xx.fbcdn.net	157.240.251.9	true	false	high
uploads-ssl.webflow.com	18.64.119.108	true	false	high
www.facebook.com	unknown	unknown	false	high
static.xx.fbcdn.net	unknown	unknown	false	high
static.cdninstagram.com	unknown	unknown	false	high
clients2.google.com	unknown	unknown	false	high
www.instagram.com	unknown	unknown	false	high
assets-global.website-files.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://static.cdninstagram.com/rsrc.php/v3ieCg4/yH/l/en_US/Oa_68FbxEku.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://scontent-fra5-1.xx.fbcdn.net/m1/v/t6/An-ltDiBj6BlExJAIyJiOGWs0CtdQwF9K9SyRSRhTIMgJd0MMzaw7ju3gnTsliPfba99uYjQem5sn3JzgpEnBVKOKfyfbcp-sMBJ.kf?ccb=10-5&oh=00_AfC_UtUcx3Au08-VXdLV9v6EENW1SFecohtIPMPnqk1FdQ&oe=650DD857&_nc_sid=7da55a	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/BQdeC67wT9z.png	false		high
https://uploads-ssl.webflow.com/629d9c19da6544f17c9cbb3e/629d9c19da654484039cbb6c_Asset%208.svg	false		high
https://assets-global.website-files.com/629d9c19da6544f17c9cbb3e/629d9c19da654408cb9cbc1c_favicon%403x.png	false	URL Reputation: safe	unknown
https://scontent-fra5-2.xx.fbcdn.net/v/t1.18169-9/30264343_367820777069948_3270019845189220227_n.jpg?_nc_cat=106&ccb=1-7&_nc_sid=574b62&_nc_ohc=Bn74VGYBQ4sAX_eQi5e&_nc_ht=scontent-fra5-2.xx&oh=00_AfDF5HPcPXB-ozMhUTYCIVIpu6F1R6s_OYgoywYwjD7wMQ&oe=650DFB3A	false		high
https://static.cdninstagram.com/rsrc.php/v3/yQ/r/70emZhxGFvH.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=15&__hs=19592.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7270622678530409993&__req=d&__rev=1008220018&__s=%3A%3Aw65qvo&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823757&__user=0&dpr=1&jazoest=2938&lsd=AVpHdI3gYfU&ph=C3e	false		high
https://www.instagram.com/ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=7&__d=www&__hs=19592.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7270622713792815358&__req=4&__rev=1008220018&__s=%3A%3Afhz6nm&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823765&__user=0&dpr=1&jazoest=21012&lsd=AVpzWdsaEVI&ph=C3	false		high
https://newassets.hcaptcha.com/captcha/v1/490cab9/static/hcaptcha.html	false	Avira URL Cloud: safe	unknown
https://assets-global.website-files.com/629d9c19da6544f17c9cbb3e/css/hcaptcha-v6-dev.webflow.2bcbbe72d.min.css	false	Avira URL Cloud: safe	unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/LQD3fYZWwZ_.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://www.instagram.com/ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=7&__d=www&__hs=19592.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7270622713792815358&__req=a&__rev=1008220018&__s=%3A%3Afhz6nm&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823765&__user=0&dpr=1&jazoest=21012&lsd=AVpzWdsaEVI&ph=C3	false		high
https://treasurydept.org/stylecss/lyloreryvas9.svg	false	Avira URL Cloud: safe	unknown
https://treasurydept.org/stylecss/xozoka.jpg	false	Avira URL Cloud: safe	unknown
https://www.facebook.com/p/Unclaimed-Money-100030956421077/	false		high
https://static.cdninstagram.com/rsrc.php/v3/yS/r/ajlEU-wEDyo.png	false		high
https://treasurydept.org/stylecss/jilavaman.jpg	false	Avira URL Cloud: safe	unknown
https://treasurydept.org/pagefaq/	false		unknown
https://assets-global.website-files.com/629d9c19da654445779cbb65/63915afa2f89f27ecd9cec51_hc-vs-turn.jpg	false	URL Reputation: safe	unknown
https://static.cdninstagram.com/rsrc.php/v3imna4/yv/l/en_US/pLpEFQCIXbXr2p7esd700UXOfWZfPTXR1imhmnAZRFiJOS0CMbib3iGwyb8Ob8iWaMPYA3PnLk9jXnXxubVAIVwYHaypzNAtiDx9GT4CJyb00U7D9GNGRNhOvbQvNc-jWcPDC0mYqlmiJUSzQ-9h36-TbwYQCtSCBPjbhnXTLhQ4jB9LIohmRQ2b689mJo9NMMo3Fw7iYdvfcpnyBf4kK5D4DpNYvsWqehdEtWwDQVEH-g-FDC.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.xx.fbcdn.net/rsrc.php/v3iD6c4/yw/l/en_US/vU5IUwyUOZTImMX0reLC_1ERz6pNGhHp8lnVuONvNCddGHcuFCQAkBaptPor1-z3JC3dY3JZm4Y3F.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://www.instagram.com/api/v1/public/landing_info/	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/Q7NJWdbO86C.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://www.instagram.com/ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=7&__d=www&__hs=19592.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7270622713792815358&__req=9&__rev=1008220018&__s=%3A%3Afhz6nm&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823765&__user=0&dpr=1&jazoest=21012&lsd=AVpzWdsaEVI&ph=C3	false		high
https://static.xx.fbcdn.net/rsrc.php/v3iBPF4/yx/l/en_US/w5ghD10poRe.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://www.instagram.com/	false		high
https://www.instagram.com/data/manifest.json	false		high
https://www.hcaptcha.com/what-is-hcaptcha-about?ref=treasurydept.org&utm_campaign=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&utm_medium=checkbox	false		unknown
https://scontent-fra5-1.xx.fbcdn.net/v/t39.30808-1/272099685_594815998226942_2421644237729754094_n.jpg?_nc_cat=100&ccb=1-7&_nc_sid=c6021c&_nc_ohc=x1MmyGHwM7UAX_3mpaf&_nc_ht=scontent-fra5-1.xx&oh=00_AfA9ClvBT2Hyf1rW2UxejdAUbSEEb1jb8Kx5UGnjMb-rTw&oe=64EC0A12	false		high
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=15&__hs=19592.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7270622678530409993&__req=b&__rev=1008220018&__s=%3A%3Aw65qvo&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823757&__user=0&dpr=1&jazoest=2938&lsd=AVpHdI3gYfU&ph=C3e	false		high
https://assets-global.website-files.com/629d9c19da654445779cbb65/647fe8a5ae90552e4c90d5a6_llm_detection.jpg	false	Avira URL Cloud: safe	unknown
https://treasurydept.org/pics/unclaimed-money-government-website.jpg	false	Avira URL Cloud: safe	unknown
https://www.facebook.com/images/cookies/cookie_info_card_image_3.png	false		high
https://www.facebook.com/x/oauth/status?client_id=124024574287414&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.instagram.com%2F&sdk=joey&wants_cookie_data=true	false		high
https://www.instagram.com/api/v1/web/qp/batch_fetch_web/	false		high
https://www.instagram.com/ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=7&__d=www&__hs=19592.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7270622713792815358&__req=c&__rev=1008220018&__s=%3A%3Afhz6nm&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823765&__user=0&dpr=1&jazoest=21012&lsd=AVpzWdsaEVI&ph=C3	false		high
https://www.facebook.com/data/manifest/	false		high
https://treasurydept.org/	false		unknown
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=15&__hs=19592.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7270622678530409993&__req=7&__rev=1008220018&__s=%3A%3Aw65qvo&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823757&__user=0&dpr=1&jazoest=2938&lsd=AVpHdI3gYfU&ph=C3e	false		high
https://static.xx.fbcdn.net/rsrc.php/v3im8s4/y5/l/en_US/xIhajXekJf_.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://www.hcaptcha.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	false	URL Reputation: safe	unknown
https://treasurydept.org/pics/b3e7b02de9350e96293674a7d117e452.png	false	Avira URL Cloud: safe	unknown
https://newassets.hcaptcha.com/captcha/v1/490cab9/static/hcaptcha.html#frame=checkbox&id=04qwo1r4ss4n&host=treasurydept.org&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&theme=light&origin=https%3A%2F%2Ftreasurydept.org	false		unknown
https://static.xx.fbcdn.net/rsrc.php/v3iQdS4/yx/l/en_US/PSjcvBjkn7J.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://www.instagram.com/ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=7&__d=www&__hs=19592.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7270622713792815358&__req=2&__rev=1008220018&__s=%3A%3Afhz6nm&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823765&__user=0&dpr=1&jazoest=21012&lsd=AVpzWdsaEVI&ph=C3	false		high
https://treasurydept.org/pics/financial-assistance-grants.jpg	false	Avira URL Cloud: safe	unknown
https://treasurydept.org/stylecss/dirabiw88.jpg	false	Avira URL Cloud: safe	unknown
https://treasurydept.org/pagecontact/	false		unknown
https://static.cdninstagram.com/rsrc.php/v3/yf/r/y5ZNr8PxVws.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://static.cdninstagram.com/rsrc.php/v3/y1/r/E6eCs0zFrcp.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://treasurydept.org/pics/e36c2144dc52b62f8f7061617286903f.jpg	false	Avira URL Cloud: safe	unknown
https://www.instagram.com/images/instagram/xig/homepage/screenshots/screenshot3.png?__d=www	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/usGeK1Wl4sH.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://www.instagram.com/ajax/bulk-route-definitions/	false		high
https://treasurydept.org/stylecss/bgon.png	false	Avira URL Cloud: safe	unknown
https://newassets.hcaptcha.com/c/a91272a/hsw.js	false	Avira URL Cloud: safe	unknown
https://static.cdninstagram.com/rsrc.php/v3/yH/r/kVtdVnoj6aA.js?_nc_x=Ij3Wp8lg5Kz	false		high
https://newassets.hcaptcha.com/captcha/v1/490cab9/static/hcaptcha.html#frame=challenge&id=04qwo1r4ss4n&host=treasurydept.org&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&theme=light&origin=https%3A%2F%2Ftreasurydept.org	false		unknown
https://scontent-fra5-1.xx.fbcdn.net/m1/v/t6/An8KSKhioMIUVSZ4NYh8JnAchGmGQVDA71Hulkn5JQZsO-ejSYcV2dWPMQo-ZhSa71MfFqgrDHlCASWFxgbtV3pYQqVdSus0zicQO6_n.kf?ccb=10-5&oh=00_AfCyikXHzDR4ZL0pLLC-bgqVM2XcJfTECLRQo0HIIgj2CQ&oe=650DF366&_nc_sid=7da55a	false		high
https://scontent-fra5-1.xx.fbcdn.net/m1/v/t6/An-V1eo7VQ3O9lqK2f9nfo3p019W0b_BTfQk8m_WliRJfm8Ss0I6dO39oKJmajreEZ2Oy5vSrTbDg0GpAgj0NSk-Eu5PWtSAd1gv.kf?ccb=10-5&oh=00_AfBQNv0EZZXitXNUoQPL6IK_0o8FBIhqenSw0IBMJaherw&oe=650DEFF1&_nc_sid=7da55a	false		high
https://treasurydept.org/pics/444208.jpg	false		unknown
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=15&__hs=19592.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7270622678530409993&__req=9&__rev=1008220018&__s=%3A%3Aw65qvo&__spin_b=trunk&__spin_r=1008220018&__spin_t=1692823757&__user=0&dpr=1&jazoest=2938&lsd=AVpHdI3gYfU&ph=C3e	false		high
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/hsAgIHTE80C.png	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://help.instagram.com/370452623149242	chromecache_475.1.dr	false		high
https://assets-global.website-files.com/629d9c19da6544f17c9cbb3e/css/hcaptcha-v6-dev.webflow.2bcbbe7	chromecache_535.1.dr	false	Avira URL Cloud: safe	unknown
https://xweb.instagram.com	chromecache_414.1.dr	false		high
https://call.instagram.com	chromecache_555.1.dr	false		high
https://help.instagram.com/477434105621119	chromecache_414.1.dr	false		high
https://www.internalfb.com/intern/invariant/	chromecache_518.1.dr, chromecache_514.1.dr	false	URL Reputation: safe URL Reputation: safe	unknown
https://a.hcaptcha.com	chromecache_373.1.dr	false	URL Reputation: safe	unknown
https://www.instagram.com	chromecache_475.1.dr	false		high
https://github.com/twbs/bootstrap/graphs/contributors)	chromecache_480.1.dr	false		high
https://TreasuryDept.org/pics/171594.jpg	chromecache_500.1.dr	false	Avira URL Cloud: safe	unknown
https://help.instagram.com/155833707900388	chromecache_555.1.dr	false		high
https://help.instagram.com/222826637847963	chromecache_414.1.dr	false		high
https://TreasuryDept.org/pics/444208.jpg	chromecache_500.1.dr	false	Avira URL Cloud: safe	unknown
https://youradchoices.ca/	chromecache_445.1.dr	false	URL Reputation: safe	unknown
https://www.instagram.com/support/chat/embed/ig/	chromecache_475.1.dr	false		high
https://help.instagram.com/414934160431303?ref=bsw	chromecache_475.1.dr	false		high
https://TreasuryDept.org/pics/712e49858119d9519f62aa607fbab3a2.jpg	chromecache_500.1.dr	false	Avira URL Cloud: safe	unknown
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=629d9c19da6544f17c9cbb3	chromecache_535.1.dr	false		high
https://help.instagram.com/626057554667531	chromecache_475.1.dr	false		high
https://www.hcaptcha.com/what-is-hcaptcha-about	chromecache_535.1.dr	false	URL Reputation: safe	unknown
https://lexical.dev/docs/error?	chromecache_374.1.dr	false	URL Reputation: safe	unknown
https://pst-issuer.hcaptcha.com	keys.json.0.dr	false	URL Reputation: safe	unknown
https://fburl.com/wiki/xrzohrqb	chromecache_490.1.dr, chromecache_475.1.dr	false	URL Reputation: safe	unknown
https://help.instagram.com/126382350847838	chromecache_414.1.dr	false		high
https://www.hcaptcha.com/accessibility	chromecache_535.1.dr	false	URL Reputation: safe	unknown
https://assets.hcaptcha.com/website-tr/	chromecache_535.1.dr	false	URL Reputation: safe	unknown
https://TreasuryDept.org/pics/82d58c8011efc4312d60294e9bf3b880.jpg	chromecache_500.1.dr	false	Avira URL Cloud: safe	unknown
https://optout.aboutads.info/	chromecache_445.1.dr	false		high
https://docs.hcaptcha.com/	chromecache_535.1.dr	false	URL Reputation: safe	unknown
https://TreasuryDept.org/pics/e36c2144dc52b62f8f7061617286903f.jpg	chromecache_500.1.dr	false		unknown
https://newassets.hcaptcha.com/website-i18n	chromecache_535.1.dr	false	URL Reputation: safe	unknown
https://polyset.xyz	keys.json.0.dr	false	URL Reputation: safe	unknown
https://assets-global.website-files.com/629d9c19da6544f17c9cbb3e/629d9c19da65444f5c9cbc95_noun_Close	chromecache_535.1.dr	false	URL Reputation: safe	unknown
https://newassets.hcaptcha.com/website-tr/js/vavilon_mod.min.js	chromecache_535.1.dr	false	URL Reputation: safe	unknown
https://TreasuryDept.org/pics/financial-assistance-grants.jpg	chromecache_500.1.dr	false		unknown
https://help.instagram.com/155940534568753/	chromecache_555.1.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
18.64.103.81	d3vmvmej3wjbxn.cloudfront.net	United States	3	MIT-GATEWAYSUS	false
142.250.203.110	clients.l.google.com	United States	15169	GOOGLEUS	false
157.240.17.35	unknown	United States	32934	FACEBOOKUS	false
157.240.0.6	scontent-fra3-2.xx.fbcdn.net	United States	32934	FACEBOOKUS	false
172.217.168.68	www.google.com	United States	15169	GOOGLEUS	false
157.240.17.15	scontent.xx.fbcdn.net	United States	32934	FACEBOOKUS	false
18.64.84.71	d3e54v103j8qbb.cloudfront.net	United States	3	MIT-GATEWAYSUS	false
18.64.119.108	uploads-ssl.webflow.com	United States	3	MIT-GATEWAYSUS	false
104.16.57.101	cloudflareinsights.com	United States	13335	CLOUDFLARENETUS	false
157.240.17.174	z-p42-instagram.c10r.instagram.com	United States	32934	FACEBOOKUS	false
157.240.17.63	scontent.cdninstagram.com	United States	32934	FACEBOOKUS	false
47.252.33.131	treasurydept.org	United States	45102	CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdC	false
104.16.168.131	hcaptcha.com	United States	13335	CLOUDFLARENETUS	false
157.240.251.9	scontent-fra5-1.xx.fbcdn.net	United States	32934	FACEBOOKUS	false
104.16.169.131	a.hcaptcha.com	United States	13335	CLOUDFLARENETUS	false
18.64.103.126	unknown	United States	3	MIT-GATEWAYSUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
172.217.168.77	accounts.google.com	United States	15169	GOOGLEUS	false
157.240.253.1	scontent-fra5-2.xx.fbcdn.net	United States	32934	FACEBOOKUS	false
157.240.251.35	star-mini.c10r.facebook.com	United States	32934	FACEBOOKUS	false

Private

IP
192.168.2.1
192.168.2.4

General Information

Joe Sandbox Version:	38.0.0 Beryl
Analysis ID:	1296194
Start date and time:	2023-08-23 22:47:40 +02:00
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 6m 28s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://treasurydept.org
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	17
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled HDC enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean2.win@32/216@76/22
EGA Information:	Failed
HDC Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Browse: https://treasurydept.org/blog26/ Browse: https://treasurydept.org/pagecontact/ Browse: https://treasurydept.org/pagefaq/ Browse: https://www.facebook.com/p/Unclaimed-Money-100030956421077/ Browse: https://www.instagram.com/ Browse: https://www.hcaptcha.com/what-is-hcaptcha-about?ref=treasurydept.org&utm_campaign=a5d0dc20-f542-4ece-98a3-9ff5db0bfeb9&utm_medium=checkbox

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, BackgroundTransferHost.exe, WMIADAP.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 172.217.168.67, 34.104.35.123, 172.217.168.10, 142.250.203.106, 216.58.215.234, 172.217.168.42, 172.217.168.74, 142.250.203.99
Excluded domains from analysis (whitelisted): www.bing.com, client.wns.windows.com, fonts.googleapis.com, edgedl.me.gvt1.com, content-autofill.googleapis.com, fonts.gstatic.com, update.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com, g.bing.com, arc.msn.com
Not all processes where analyzed, report is missing behavior information
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtSetInformationFile calls found.

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	1558
Entropy (8bit):	5.11458514637545
Encrypted:	false
SSDEEP:	48:OBOCrYJ4rYJVwUCLHDy43HV713XEyMmZ3teTHn:LCrYJ4rYJVwUCHZ3Z13XtdUTH
MD5:	EE002CB9E51BB8DFA89640A406A1090A
SHA1:	49EE3AD535947D8821FFDEB67FFC9BC37D1EBBB2
SHA-256:	3DBD2C90050B652D63656481C3E5871C52261575292DB77D4EA63419F187A55B
SHA-512:	D1FDCC436B8CA8C68D4DC7077F84F803A535BF2CE31D9EB5D0C466B62D6567B2C59974995060403ED757E92245DB07E70C6BDDBF1C3519FED300CC5B9BF9177C
Malicious:	false
Reputation:	low
Preview:	// Copyright 2015 The Chromium Authors. All rights reserved..//.// Redistribution and use in source and binary forms, with or without.// modification, are permitted provided that the following conditions are.// met:.//.// * Redistributions of source code must retain the above copyright.// notice, this list of conditions and the following disclaimer..// * Redistributions in binary form must reproduce the above.// copyright notice, this list of conditions and the following disclaimer.// in the documentation and/or other materials provided with the.// distribution..// * Neither the name of Google Inc. nor the names of its.// contributors may be used to endorse or promote products derived from.// this software without specific prior written permission..//.// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS.// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT.// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR.// A PARTICULAR

Target ID:	0
Start time:	22:48:32
Start date:	23/08/2023
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
Imagebase:	0x7ff67bb30000
File size:	3'219'224 bytes
MD5 hash:	8D1C4713ACB7CC2AAAEE4477C58A80BA
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Target ID:	1
Start time:	22:48:33
Start date:	23/08/2023
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1904 --field-trial-handle=1820,i,2308566206030014462,8116895579599014816,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff67bb30000
File size:	3'219'224 bytes
MD5 hash:	8D1C4713ACB7CC2AAAEE4477C58A80BA
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Target ID:	2
Start time:	22:48:35
Start date:	23/08/2023
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	C:\Program Files\Google\Chrome\Application\chrome.exe" "http://treasurydept.org
Imagebase:	0x7ff67bb30000
File size:	3'219'224 bytes
MD5 hash:	8D1C4713ACB7CC2AAAEE4477C58A80BA
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Description:	Adversaries may gain access to a system through a user visiting a website over the normal course of browsing. With this technique, the user's web browser is typically targeted for exploitation, but adversaries may also use compromised websites for non-exploitation behavior such as acquiring Application Access Token .
Tactics:	Initial Access
Data Sources:	Network device logs, Network intrusion detection system, Packet capture, Process use of network, SSL/TLS inspection, Web proxy
Platforms:	Linux, macOS, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject malicious code into process via Extra Window Memory (EWM) in order to evade process-based defenses as well as possibly elevate privileges. EWM injection is a method of executing arbitrary code in the address space of a separate live process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, Process monitoring
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to make an executable or file difficult to discover or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. This is common behavior that can be used across different platforms and the network to evade defenses.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, Email gateway, Environment variable, File monitoring, Malware reverse engineering, Network intrusion detection system, Network protocol analysis, Process command-line parameters, Process monitoring, Process use of network, SSL/TLS inspection, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Files may be copied from an external adversary controlled system through the command and control channel to bring tools into the victim network or through alternate protocols with another tool such as FTP. Files can also be copied over on Mac and Linux with native tools like scp, rsync, and sftp.
Tactics:	Command and Control
Data Sources:	File monitoring, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process command-line parameters, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://treasurydept.org

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping2084_997763858\LICENSE

C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping2084_997763858\_metadata\verified_contents.json

C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping2084_997763858\keys.json

C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping2084_997763858\manifest.fingerprint

C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping2084_997763858\manifest.json

Chrome Cache Entry: 346

Chrome Cache Entry: 347

Chrome Cache Entry: 348

Chrome Cache Entry: 349

Chrome Cache Entry: 350

Chrome Cache Entry: 351

Chrome Cache Entry: 352

Chrome Cache Entry: 353

Chrome Cache Entry: 354

Chrome Cache Entry: 355

Chrome Cache Entry: 356

Chrome Cache Entry: 357

Chrome Cache Entry: 358

Chrome Cache Entry: 359

Chrome Cache Entry: 360

Chrome Cache Entry: 361

Chrome Cache Entry: 362

Chrome Cache Entry: 363

Chrome Cache Entry: 364

Chrome Cache Entry: 365

Chrome Cache Entry: 366

Chrome Cache Entry: 367

Chrome Cache Entry: 368

Windows Analysis Report
http://treasurydept.org