hxxp://links[.]notification[.]intuit[.]com/ls/click?upn=n1D1vNUf2DDfuFJ7P-2Bs2FOjggKQQ40p0FkC-2Bz2D1trTjUxBswHbIwXnSGdD95YX6-2B4N1701lJdBFYH3-2BiUm8cg-3D-3DO483_kPF3YZJB72H-2FaRDalFfzG5Baq4wPUyBHzafPaHBjtkD5DNNxDxjMRCe7gaaAguvDei2UfdQaP8Uq7Lk3NQHJfqBtHMQtHTjS-2FHq2Qg-2FcwdizHoX4Fh-2B9j2oQLghQBw6DPk8Ydp89aEdJZWPFwgJ6ZZWnRXl6j26F7kUWZnppd9cX5X9-2BuVrkKV7flemlPGaj7Cz5sXW5OdeELoly5M-2By6Wy-2FuH9jAWQAxYPHae3V-2Fb-2BLdgRmT-2FQjQBvU-2BJYgoRZBLAx9kB6jxHoODHUBfq4LtlZxIzCIoecX2V5IQc6SsCShYT4QsgK4q9PKcSQLC9xnfMUiW4MBX8VcbbMl7lmYiPAP7-2FDeuQvYv8h-2BscanYrscSUFsAtlnjz47gnn9rhVg7HLxv0PI-2BuShTN-2BIn5-2FFkQCft8ZwAir7XhrDy5BmTAlkaS7kJQ1jVrqFeMszLXk6u99AdESOWfgavWT-2FjnMsXdWVMwlRI7RP3gtMU1m-2Bi01rFJWAhQDE7dYdPMaVZDXi2Ipho3pPx6Xu4ateW0t6sXdOMLzy1ROzYRRFYtayJ6QA11-2Fby87EarJD9CZc104dUstiqPdH8L-2FwgSzFrMxNTMFmIDcsJK74hzdheUPqPwaXZVICF5GVixJ-2F8GJW3lk1FKZYOFCFgMueKuxV-2FcJ-2F9cn1VMZ8zFxEEhvA3iUoeiI-3D

Analysis

max time kernel
299s
max time network
294s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
25/04/2023, 18:48 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://links.notification.intuit.com/ls/click?upn=n1D1vNUf2DDfuFJ7P-2Bs2FOjggKQQ40p0FkC-2Bz2D1trTjUxBswHbIwXnSGdD95YX6-2B4N1701lJdBFYH3-2BiUm8cg-3D-3DO483_kPF3YZJB72H-2FaRDalFfzG5Baq4wPUyBHzafPaHBjtkD5DNNxDxjMRCe7gaaAguvDei2UfdQaP8Uq7Lk3NQHJfqBtHMQtHTjS-2FHq2Qg-2FcwdizHoX4Fh-2B9j2oQLghQBw6DPk8Ydp89aEdJZWPFwgJ6ZZWnRXl6j26F7kUWZnppd9cX5X9-2BuVrkKV7flemlPGaj7Cz5sXW5OdeELoly5M-2By6Wy-2FuH9jAWQAxYPHae3V-2Fb-2BLdgRmT-2FQjQBvU-2BJYgoRZBLAx9kB6jxHoODHUBfq4LtlZxIzCIoecX2V5IQc6SsCShYT4QsgK4q9PKcSQLC9xnfMUiW4MBX8VcbbMl7lmYiPAP7-2FDeuQvYv8h-2BscanYrscSUFsAtlnjz47gnn9rhVg7HLxv0PI-2BuShTN-2BIn5-2FFkQCft8ZwAir7XhrDy5BmTAlkaS7kJQ1jVrqFeMszLXk6u99AdESOWfgavWT-2FjnMsXdWVMwlRI7RP3gtMU1m-2Bi01rFJWAhQDE7dYdPMaVZDXi2Ipho3pPx6Xu4ateW0t6sXdOMLzy1ROzYRRFYtayJ6QA11-2Fby87EarJD9CZc104dUstiqPdH8L-2FwgSzFrMxNTMFmIDcsJK74hzdheUPqPwaXZVICF5GVixJ-2F8GJW3lk1FKZYOFCFgMueKuxV-2FcJ-2F9cn1VMZ8zFxEEhvA3iUoeiI-3D

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133269293336293539"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4996	chrome.exe
4996	chrome.exe
4816	chrome.exe
4816	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4996 wrote to memory of 1700	4996	chrome.exe	83
PID 4996 wrote to memory of 1700	4996	chrome.exe	83
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 216	4996	chrome.exe	84
PID 4996 wrote to memory of 1760	4996	chrome.exe	85
PID 4996 wrote to memory of 1760	4996	chrome.exe	85
PID 4996 wrote to memory of 4904	4996	chrome.exe	86
PID 4996 wrote to memory of 4904	4996	chrome.exe	86
PID 4996 wrote to memory of 4904	4996	chrome.exe	86
PID 4996 wrote to memory of 4904	4996	chrome.exe	86
PID 4996 wrote to memory of 4904	4996	chrome.exe	86
PID 4996 wrote to memory of 4904	4996	chrome.exe	86
PID 4996 wrote to memory of 4904	4996	chrome.exe	86
PID 4996 wrote to memory of 4904	4996	chrome.exe	86
PID 4996 wrote to memory of 4904	4996	chrome.exe	86
PID 4996 wrote to memory of 4904	4996	chrome.exe	86
PID 4996 wrote to memory of 4904	4996	chrome.exe	86
PID 4996 wrote to memory of 4904	4996	chrome.exe	86
PID 4996 wrote to memory of 4904	4996	chrome.exe	86
PID 4996 wrote to memory of 4904	4996	chrome.exe	86
PID 4996 wrote to memory of 4904	4996	chrome.exe	86
PID 4996 wrote to memory of 4904	4996	chrome.exe	86
PID 4996 wrote to memory of 4904	4996	chrome.exe	86
PID 4996 wrote to memory of 4904	4996	chrome.exe	86
PID 4996 wrote to memory of 4904	4996	chrome.exe	86
PID 4996 wrote to memory of 4904	4996	chrome.exe	86
PID 4996 wrote to memory of 4904	4996	chrome.exe	86
PID 4996 wrote to memory of 4904	4996	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://links.notification.intuit.com/ls/click?upn=n1D1vNUf2DDfuFJ7P-2Bs2FOjggKQQ40p0FkC-2Bz2D1trTjUxBswHbIwXnSGdD95YX6-2B4N1701lJdBFYH3-2BiUm8cg-3D-3DO483_kPF3YZJB72H-2FaRDalFfzG5Baq4wPUyBHzafPaHBjtkD5DNNxDxjMRCe7gaaAguvDei2UfdQaP8Uq7Lk3NQHJfqBtHMQtHTjS-2FHq2Qg-2FcwdizHoX4Fh-2B9j2oQLghQBw6DPk8Ydp89aEdJZWPFwgJ6ZZWnRXl6j26F7kUWZnppd9cX5X9-2BuVrkKV7flemlPGaj7Cz5sXW5OdeELoly5M-2By6Wy-2FuH9jAWQAxYPHae3V-2Fb-2BLdgRmT-2FQjQBvU-2BJYgoRZBLAx9kB6jxHoODHUBfq4LtlZxIzCIoecX2V5IQc6SsCShYT4QsgK4q9PKcSQLC9xnfMUiW4MBX8VcbbMl7lmYiPAP7-2FDeuQvYv8h-2BscanYrscSUFsAtlnjz47gnn9rhVg7HLxv0PI-2BuShTN-2BIn5-2FFkQCft8ZwAir7XhrDy5BmTAlkaS7kJQ1jVrqFeMszLXk6u99AdESOWfgavWT-2FjnMsXdWVMwlRI7RP3gtMU1m-2Bi01rFJWAhQDE7dYdPMaVZDXi2Ipho3pPx6Xu4ateW0t6sXdOMLzy1ROzYRRFYtayJ6QA11-2Fby87EarJD9CZc104dUstiqPdH8L-2FwgSzFrMxNTMFmIDcsJK74hzdheUPqPwaXZVICF5GVixJ-2F8GJW3lk1FKZYOFCFgMueKuxV-2FcJ-2F9cn1VMZ8zFxEEhvA3iUoeiI-3D
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbbfbc9758,0x7ffbbfbc9768,0x7ffbbfbc9778
  2⤵
  PID:1700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1824 --field-trial-handle=1796,i,9831519765884499485,17990279113491753008,131072 /prefetch:2
  2⤵
  PID:216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1796,i,9831519765884499485,17990279113491753008,131072 /prefetch:8
  2⤵
  PID:1760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2240 --field-trial-handle=1796,i,9831519765884499485,17990279113491753008,131072 /prefetch:8
  2⤵
  PID:4904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3148 --field-trial-handle=1796,i,9831519765884499485,17990279113491753008,131072 /prefetch:1
  2⤵
  PID:3300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3168 --field-trial-handle=1796,i,9831519765884499485,17990279113491753008,131072 /prefetch:1
  2⤵
  PID:4396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4536 --field-trial-handle=1796,i,9831519765884499485,17990279113491753008,131072 /prefetch:1
  2⤵
  PID:4992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3400 --field-trial-handle=1796,i,9831519765884499485,17990279113491753008,131072 /prefetch:1
  2⤵
  PID:1872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4836 --field-trial-handle=1796,i,9831519765884499485,17990279113491753008,131072 /prefetch:1
  2⤵
  PID:3188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5220 --field-trial-handle=1796,i,9831519765884499485,17990279113491753008,131072 /prefetch:1
  2⤵
  PID:1016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5804 --field-trial-handle=1796,i,9831519765884499485,17990279113491753008,131072 /prefetch:8
  2⤵
  PID:4488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5896 --field-trial-handle=1796,i,9831519765884499485,17990279113491753008,131072 /prefetch:8
  2⤵
  PID:4396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5492 --field-trial-handle=1796,i,9831519765884499485,17990279113491753008,131072 /prefetch:8
  2⤵
  PID:1464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3436 --field-trial-handle=1796,i,9831519765884499485,17990279113491753008,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4816

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1340

Network

DNS

228.249.119.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

228.249.119.40.in-addr.arpa

IN PTR

Response
DNS

links.notification.intuit.com

chrome.exe

Remote address:

8.8.8.8:53

Request

links.notification.intuit.com

IN A

Response

links.notification.intuit.com

IN CNAME

sendgrid.net

sendgrid.net

IN A

167.89.123.124

sendgrid.net

IN A

167.89.115.120

sendgrid.net

IN A

167.89.115.56

sendgrid.net

IN A

167.89.123.54
GET

http://links.notification.intuit.com/ls/click?upn=n1D1vNUf2DDfuFJ7P-2Bs2FOjggKQQ40p0FkC-2Bz2D1trTjUxBswHbIwXnSGdD95YX6-2B4N1701lJdBFYH3-2BiUm8cg-3D-3DO483_kPF3YZJB72H-2FaRDalFfzG5Baq4wPUyBHzafPaHBjtkD5DNNxDxjMRCe7gaaAguvDei2UfdQaP8Uq7Lk3NQHJfqBtHMQtHTjS-2FHq2Qg-2FcwdizHoX4Fh-2B9j2oQLghQBw6DPk8Ydp89aEdJZWPFwgJ6ZZWnRXl6j26F7kUWZnppd9cX5X9-2BuVrkKV7flemlPGaj7Cz5sXW5OdeELoly5M-2By6Wy-2FuH9jAWQAxYPHae3V-2Fb-2BLdgRmT-2FQjQBvU-2BJYgoRZBLAx9kB6jxHoODHUBfq4LtlZxIzCIoecX2V5IQc6SsCShYT4QsgK4q9PKcSQLC9xnfMUiW4MBX8VcbbMl7lmYiPAP7-2FDeuQvYv8h-2BscanYrscSUFsAtlnjz47gnn9rhVg7HLxv0PI-2BuShTN-2BIn5-2FFkQCft8ZwAir7XhrDy5BmTAlkaS7kJQ1jVrqFeMszLXk6u99AdESOWfgavWT-2FjnMsXdWVMwlRI7RP3gtMU1m-2Bi01rFJWAhQDE7dYdPMaVZDXi2Ipho3pPx6Xu4ateW0t6sXdOMLzy1ROzYRRFYtayJ6QA11-2Fby87EarJD9CZc104dUstiqPdH8L-2FwgSzFrMxNTMFmIDcsJK74hzdheUPqPwaXZVICF5GVixJ-2F8GJW3lk1FKZYOFCFgMueKuxV-2FcJ-2F9cn1VMZ8zFxEEhvA3iUoeiI-3D

chrome.exe

Remote address:

167.89.123.124:80

Request

GET /ls/click?upn=n1D1vNUf2DDfuFJ7P-2Bs2FOjggKQQ40p0FkC-2Bz2D1trTjUxBswHbIwXnSGdD95YX6-2B4N1701lJdBFYH3-2BiUm8cg-3D-3DO483_kPF3YZJB72H-2FaRDalFfzG5Baq4wPUyBHzafPaHBjtkD5DNNxDxjMRCe7gaaAguvDei2UfdQaP8Uq7Lk3NQHJfqBtHMQtHTjS-2FHq2Qg-2FcwdizHoX4Fh-2B9j2oQLghQBw6DPk8Ydp89aEdJZWPFwgJ6ZZWnRXl6j26F7kUWZnppd9cX5X9-2BuVrkKV7flemlPGaj7Cz5sXW5OdeELoly5M-2By6Wy-2FuH9jAWQAxYPHae3V-2Fb-2BLdgRmT-2FQjQBvU-2BJYgoRZBLAx9kB6jxHoODHUBfq4LtlZxIzCIoecX2V5IQc6SsCShYT4QsgK4q9PKcSQLC9xnfMUiW4MBX8VcbbMl7lmYiPAP7-2FDeuQvYv8h-2BscanYrscSUFsAtlnjz47gnn9rhVg7HLxv0PI-2BuShTN-2BIn5-2FFkQCft8ZwAir7XhrDy5BmTAlkaS7kJQ1jVrqFeMszLXk6u99AdESOWfgavWT-2FjnMsXdWVMwlRI7RP3gtMU1m-2Bi01rFJWAhQDE7dYdPMaVZDXi2Ipho3pPx6Xu4ateW0t6sXdOMLzy1ROzYRRFYtayJ6QA11-2Fby87EarJD9CZc104dUstiqPdH8L-2FwgSzFrMxNTMFmIDcsJK74hzdheUPqPwaXZVICF5GVixJ-2F8GJW3lk1FKZYOFCFgMueKuxV-2FcJ-2F9cn1VMZ8zFxEEhvA3iUoeiI-3D HTTP/1.1
Host: links.notification.intuit.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Server: nginx
Date: Tue, 25 Apr 2023 18:48:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 75
Connection: keep-alive
Location: http://www.adobe.com/products/acrobat/readstep2.html
X-Robots-Tag: noindex, nofollow
DNS

www.adobe.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.adobe.com

IN A

Response

www.adobe.com

IN CNAME

stls.adobe.com-cn.edgesuite.net

stls.adobe.com-cn.edgesuite.net

IN CNAME

stls.adobe.com-cn.edgesuite.net.globalredir.akadns.net

stls.adobe.com-cn.edgesuite.net.globalredir.akadns.net

IN CNAME

a1815.dscr.akamai.net

a1815.dscr.akamai.net

IN A

23.72.252.168

a1815.dscr.akamai.net

IN A

23.72.252.130
GET

http://www.adobe.com/products/acrobat/readstep2.html

chrome.exe

Remote address:

23.72.252.168:80

Request

GET /products/acrobat/readstep2.html HTTP/1.1
Host: www.adobe.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Server: AkamaiGHost
Content-Length: 0
Location: https://www.adobe.com/products/acrobat/readstep2.html
Date: Tue, 25 Apr 2023 18:48:47 GMT
Connection: keep-alive
Server-Timing: cdn-cache; desc=HIT
Server-Timing: edge; dur=1
Server-Timing: ak_p; desc="467346_390659236_274522368_9_4481_0_-";dur=1
GET

https://www.adobe.com/products/acrobat/readstep2.html

chrome.exe

Remote address:

23.72.252.168:443

Request

GET /products/acrobat/readstep2.html HTTP/2.0
host: www.adobe.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

content-type: text/html; charset=iso-8859-1
content-length: 237
server: Apache
location: https://get.adobe.com/reader/
cache-control: max-age=496
expires: Tue, 25 Apr 2023 18:57:03 GMT
date: Tue, 25 Apr 2023 18:48:47 GMT
set-cookie: AKA_A2=A; expires=Tue, 25-Apr-2023 19:48:47 GMT; path=/; domain=adobe.com; secure; HttpOnly
server-timing: cdn-cache; desc=HIT
server-timing: edge; dur=1
strict-transport-security: max-age=86400
set-cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=; Domain=.adobe.com; Path=/; Expires=Tue, 25 Apr 2023 20:48:47 GMT; Max-Age=7200; HttpOnly
server-timing: ak_p; desc="467346_390659236_274522717_14_5014_22_0";dur=1
GET

https://www.adobe.com/etc.clientlibs/globalnav/clientlibs/base/privacy-standalone.js

chrome.exe

Remote address:

23.72.252.168:443

Request

GET /etc.clientlibs/globalnav/clientlibs/base/privacy-standalone.js HTTP/2.0
host: www.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

content-type: application/javascript
server: Apache
x-adobe-content: AEM-CC
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-adobe-loc: ew1
x-adobe-source: 128.78
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=21600
expires: Wed, 26 Apr 2023 00:48:48 GMT
date: Tue, 25 Apr 2023 18:48:48 GMT
content-length: 10411
server-timing: cdn-cache; desc=HIT
server-timing: edge; dur=1
strict-transport-security: max-age=86400
server-timing: ak_p; desc="467346_390659236_274524411_12_3705_25_0";dur=1
GET

https://www.adobe.com/marketingtech/main.min.js

chrome.exe

Remote address:

23.72.252.168:443

Request

GET /marketingtech/main.min.js HTTP/2.0
host: www.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Wed, 05 Aug 2020 17:36:40 GMT
content-type: application/javascript
server: Apache
content-security-policy: frame-ancestors *.adobe.com http://adobe.lookbookhq.com https://adobe.lookbookhq.com http://adobeenterprise.lookbookhq.com https://adobeenterprise.lookbookhq.com
accept-ranges: bytes
x-adobe-loc: ew1
x-adobe-source: 128.5
x-content-type-options: nosniff
content-encoding: gzip
content-length: 5764
cache-control: max-age=21600
expires: Wed, 26 Apr 2023 00:48:48 GMT
date: Tue, 25 Apr 2023 18:48:48 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT
server-timing: edge; dur=1
strict-transport-security: max-age=86400
server-timing: ak_p; desc="467346_390659236_274524596_14_3387_26_0";dur=1
DNS

250.255.255.239.in-addr.arpa

Remote address:

8.8.8.8:53

Request

250.255.255.239.in-addr.arpa

IN PTR

Response
DNS

10.36.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

10.36.251.142.in-addr.arpa

IN PTR

Response

10.36.251.142.in-addr.arpa

IN PTR

ams15s44-in-f101e100net
DNS

124.123.89.167.in-addr.arpa

Remote address:

8.8.8.8:53

Request

124.123.89.167.in-addr.arpa

IN PTR

Response

124.123.89.167.in-addr.arpa

IN PTR

o16789123x124 outbound-mailsendgridnet
DNS

195.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

195.179.250.142.in-addr.arpa

IN PTR

Response

195.179.250.142.in-addr.arpa

IN PTR

ams15s42-in-f31e100net
DNS

168.252.72.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

168.252.72.23.in-addr.arpa

IN PTR

Response

168.252.72.23.in-addr.arpa

IN PTR

a23-72-252-168deploystaticakamaitechnologiescom
DNS

get.adobe.com

chrome.exe

Remote address:

8.8.8.8:53

Request

get.adobe.com

IN A

Response

get.adobe.com

IN CNAME

rdc.acrobat.adobe.com

rdc.acrobat.adobe.com

IN CNAME

get.adobe.com.i.edgekey.net

get.adobe.com.i.edgekey.net

IN CNAME

e29329.dsca.akamaiedge.net

e29329.dsca.akamaiedge.net

IN A

95.101.74.158

e29329.dsca.akamaiedge.net

IN A

95.101.74.152
GET

https://get.adobe.com/reader/

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/ HTTP/2.0
host: get.adobe.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:50 GMT
etag: "df1f5cdb9d914a08f07071b08dd7ca4e"
x-amz-server-side-encryption: AES256
cache-control: max-age=60, must-revalidate
accept-ranges: bytes
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 25 Apr 2023 18:48:47 GMT
content-length: 1039
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/02d21ee/9669.js

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/02d21ee/9669.js HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:47 GMT
etag: "10aede689a6795de186c911e27d46688"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 5842
date: Tue, 25 Apr 2023 18:48:48 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/02d21ee/5666.js

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/02d21ee/5666.js HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:47 GMT
etag: "94f6994d14b020bca8386dfa1332d8a7"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 2449
date: Tue, 25 Apr 2023 18:48:48 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/02d21ee/1713.js

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/02d21ee/1713.js HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:47 GMT
etag: "825950bd84dec9a73a761d0e0d97557b"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 104232
date: Tue, 25 Apr 2023 18:48:48 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/02d21ee/990.js

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/02d21ee/990.js HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:47 GMT
etag: "588e8f6340af9dbec3e7d5e44837c49c"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 5060
date: Tue, 25 Apr 2023 18:48:48 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/02d21ee/3556.js

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/02d21ee/3556.js HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:47 GMT
etag: "c39cd1c226c9743240ae89eefd16bc3d"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 6631
date: Tue, 25 Apr 2023 18:48:48 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/02d21ee/4800.js

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/02d21ee/4800.js HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:47 GMT
etag: "582c342aebb7bacee10bf1b6e876c3b1"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 25957
date: Tue, 25 Apr 2023 18:48:48 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/02d21ee/7678.js

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/02d21ee/7678.js HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:47 GMT
etag: "d6d70e1a9b174432b291f7eb6cb2d504"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 16056
date: Tue, 25 Apr 2023 18:48:48 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/02d21ee/2822.js

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/02d21ee/2822.js HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:47 GMT
etag: "fc6229340d159aedaca5f3adb43be8bd"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 3609
date: Tue, 25 Apr 2023 18:48:48 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/02d21ee/1335.js

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/02d21ee/1335.js HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:47 GMT
etag: "562d645bebad128c49d7156866677e9d"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 29457
date: Tue, 25 Apr 2023 18:48:48 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/02d21ee/index.js

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/02d21ee/index.js HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:47 GMT
etag: "1185c524931e57c6edd2e7b8f6d4419e"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 2383
date: Tue, 25 Apr 2023 18:48:48 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/02d21ee/bootstrap.js

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/02d21ee/bootstrap.js HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:48 GMT
etag: "a9cd06baa1776704e14d1fdae75403b1"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 15716
date: Tue, 25 Apr 2023 18:48:48 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/02d21ee/t4.js

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/02d21ee/t4.js HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:49 GMT
etag: "ea8678b2880807c0b1aa7bf800c384c2"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 7037
date: Tue, 25 Apr 2023 18:48:48 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/02d21ee/2594.js

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/02d21ee/2594.js HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:47 GMT
etag: "e7f24cec06dd5babe079f0b3eccaea23"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 25 Apr 2023 18:48:48 GMT
content-length: 1564
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/02d21ee/images/adobe_logo_header.svg

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/02d21ee/images/adobe_logo_header.svg HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:47 GMT
etag: "c746e9e3921bc91db0e1b1ea8cc68b91"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: image/svg+xml
vary: Accept-Encoding
content-encoding: gzip
content-length: 1697
date: Tue, 25 Apr 2023 18:48:48 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/02d21ee/images/globe.svg

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/02d21ee/images/globe.svg HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:48 GMT
etag: "c21969df6cbeb931cb7af700468242c0"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: image/svg+xml
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 25 Apr 2023 18:48:48 GMT
content-length: 609
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/02d21ee/images/adobe_logo.png

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/02d21ee/images/adobe_logo.png HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: sat_domain=A
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:47 GMT
etag: "5b5c8c19b1ce7d62a63a9d008fa25ef7"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: image/png
content-length: 7794
date: Tue, 25 Apr 2023 18:48:48 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/02d21ee/images/marquee_banner.svg

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/02d21ee/images/marquee_banner.svg HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: sat_domain=A
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:48 GMT
etag: "50767364044dbcbd2194fdc4b6ff4100"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: image/svg+xml
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 25 Apr 2023 18:48:48 GMT
content-length: 2583
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/02d21ee/images/view_store.svg

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/02d21ee/images/view_store.svg HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: sat_domain=A
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:48 GMT
etag: "103e2411ce9f6ca27b5640d4cbc51ce2"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: image/svg+xml
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 25 Apr 2023 18:48:49 GMT
content-length: 1450
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/02d21ee/images/fill_and_sign.svg

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/02d21ee/images/fill_and_sign.svg HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: sat_domain=A
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:48 GMT
etag: "7601cb119e44e4eaf1a1b6d6793ef8fa"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: image/svg+xml
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 25 Apr 2023 18:48:49 GMT
content-length: 737
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/02d21ee/images/give_and_get_feedbacks.svg

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/02d21ee/images/give_and_get_feedbacks.svg HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: sat_domain=A
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:48 GMT
etag: "526006fde32d185495b4ddacfc085509"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: image/svg+xml
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 25 Apr 2023 18:48:49 GMT
content-length: 699
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/02d21ee/images/work_from_anywhere.svg

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/02d21ee/images/work_from_anywhere.svg HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: sat_domain=A
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:48 GMT
etag: "1bd9bc0567ccc3cd6527fbf884f55e74"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: image/svg+xml
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 25 Apr 2023 18:48:49 GMT
content-length: 562
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://get.adobe.com/reader/favicon.ico

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /reader/favicon.ico HTTP/2.0
host: get.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://get.adobe.com/reader/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=
cookie: s_nr=1682455727921-New

Response

HTTP/2.0 200

last-modified: Tue, 18 Apr 2023 11:58:50 GMT
etag: "e0cb5ace796001f171591c1400666aa3"
x-amz-server-side-encryption: AES256
cache-control: max-age=60, must-revalidate
accept-ranges: bytes
content-type: image/vnd.microsoft.icon
vary: Accept-Encoding
content-encoding: gzip
content-length: 309
date: Tue, 25 Apr 2023 18:48:50 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
GET

https://documentcloud.adobe.com/view-sdk/main.js

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /view-sdk/main.js HTTP/2.0
host: documentcloud.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=
cookie: s_nr=1682455727921-New
cookie: AMCVS_9E1005A551ED61CA0A490D45%40AdobeOrg=1
cookie: s_ecid=MCMID%7C77506226066547817042189618079266615231
cookie: OptanonChoice=1
cookie: s_dmdbase=1
cookie: kndctr_9E1005A551ED61CA0A490D45_AdobeOrg_cluster=irl1
cookie: kndctr_9E1005A551ED61CA0A490D45_AdobeOrg_identity=CiY3NzUwNjIyNjA2NjU0NzgxNzA0MjE4OTYxODA3OTI2NjYxNTIzMVIPCKz9_M37MBgBKgRJUkwx8AGs_fzN-zA=
cookie: _gcl_au=1.1.149374275.1682455730
cookie: gpv=get.adobe.com:reader
cookie: _uetsid=94e7a350e3aa11ed8b5843d3df605afd
cookie: _uetvid=94e89570e3aa11ed9e3df12b51f3a536
cookie: adcloud={%22_les_v%22:%22y%2Cadobe.com%2C1682457530%22}
cookie: _cs_mk_aa=0.5537986880971153_1682455730228
cookie: s_vs=1
cookie: s_cpc=1
cookie: s_cc=true
cookie: _scid=73c6227a-1e9c-464c-987e-c07ab7ee4e2e
cookie: _scid_r=73c6227a-1e9c-464c-987e-c07ab7ee4e2e
cookie: _fbp=fb.1.1682455730759.2049998691
cookie: _tt_enable_cookie=1
cookie: _ttp=JNZzUPmh2D_qJwnT-hBxlE34UND
cookie: AMCV_9E1005A551ED61CA0A490D45%40AdobeOrg=-2121179033%7CMCMID%7C77506226066547817042189618079266615231%7CMCAAMLH-1683060531%7C6%7CMCAAMB-1683060531%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1682462931s%7CNONE%7CMCAID%7CNONE%7CMCCIDH%7C-1394288321%7CvVersion%7C5.3.0
cookie: _sctr=1%7C1682380800000
cookie: at_check=true
cookie: mbox=session#c72ac9fd7eba4fe191ffce8b20751966#1682457593|PC#c72ac9fd7eba4fe191ffce8b20751966.37_0#1745700533

Response

HTTP/2.0 200

last-modified: Thu, 20 Apr 2023 10:43:00 GMT
etag: "4a3ed2194907369c5484e0aea3ab6e5b"
x-amz-server-side-encryption: AES256
cache-control: max-age=60, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 504
date: Tue, 25 Apr 2023 18:48:58 GMT
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
akamai-grn: 0.9e477b5c.1682448538.4315d846
server-timing: ak_p; desc="467346_1551583134_1125505094_317_1191_24_0";dur=1
GET

https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.7-55c7e49a/ViewSDKInterface.js

chrome.exe

Remote address:

95.101.74.158:443

Request

GET /view-sdk/2.35.2_3.1.7-55c7e49a/ViewSDKInterface.js HTTP/2.0
host: documentcloud.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=
cookie: s_nr=1682455727921-New
cookie: AMCVS_9E1005A551ED61CA0A490D45%40AdobeOrg=1
cookie: s_ecid=MCMID%7C77506226066547817042189618079266615231
cookie: OptanonChoice=1
cookie: s_dmdbase=1
cookie: kndctr_9E1005A551ED61CA0A490D45_AdobeOrg_cluster=irl1
cookie: kndctr_9E1005A551ED61CA0A490D45_AdobeOrg_identity=CiY3NzUwNjIyNjA2NjU0NzgxNzA0MjE4OTYxODA3OTI2NjYxNTIzMVIPCKz9_M37MBgBKgRJUkwx8AGs_fzN-zA=
cookie: _gcl_au=1.1.149374275.1682455730
cookie: gpv=get.adobe.com:reader
cookie: _uetsid=94e7a350e3aa11ed8b5843d3df605afd
cookie: _uetvid=94e89570e3aa11ed9e3df12b51f3a536
cookie: adcloud={%22_les_v%22:%22y%2Cadobe.com%2C1682457530%22}
cookie: _cs_mk_aa=0.5537986880971153_1682455730228
cookie: s_vs=1
cookie: s_cpc=1
cookie: s_cc=true
cookie: _scid=73c6227a-1e9c-464c-987e-c07ab7ee4e2e
cookie: _scid_r=73c6227a-1e9c-464c-987e-c07ab7ee4e2e
cookie: _fbp=fb.1.1682455730759.2049998691
cookie: _tt_enable_cookie=1
cookie: _ttp=JNZzUPmh2D_qJwnT-hBxlE34UND
cookie: AMCV_9E1005A551ED61CA0A490D45%40AdobeOrg=-2121179033%7CMCMID%7C77506226066547817042189618079266615231%7CMCAAMLH-1683060531%7C6%7CMCAAMB-1683060531%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1682462931s%7CNONE%7CMCAID%7CNONE%7CMCCIDH%7C-1394288321%7CvVersion%7C5.3.0
cookie: _sctr=1%7C1682380800000
cookie: at_check=true
cookie: mbox=session#c72ac9fd7eba4fe191ffce8b20751966#1682457593|PC#c72ac9fd7eba4fe191ffce8b20751966.37_0#1745700533

Response

HTTP/2.0 200

last-modified: Wed, 19 Apr 2023 12:03:03 GMT
etag: "5f9e76b2aa87165b1bc58f0fb98838b8"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000, must-revalidate
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
date: Tue, 25 Apr 2023 18:48:58 GMT
content-length: 35967
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
akamai-grn: 0.9e477b5c.1682448538.4315d8bb
server-timing: ak_p; desc="467346_1551583134_1125505211_14_1063_23_0";dur=1
DNS

use.typekit.net

chrome.exe

Remote address:

8.8.8.8:53

Request

use.typekit.net

IN A

Response

use.typekit.net

IN CNAME

use-stls.adobe.com.edgesuite.net

use-stls.adobe.com.edgesuite.net

IN CNAME

a1988.dscg1.akamai.net

a1988.dscg1.akamai.net

IN A

23.32.239.67

a1988.dscg1.akamai.net

IN A

23.32.239.56
GET

https://use.typekit.net/bxf0ivf.js

chrome.exe

Remote address:

23.32.239.67:443

Request

GET /bxf0ivf.js HTTP/2.0
host: use.typekit.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 6811
date: Tue, 25 Apr 2023 18:48:48 GMT
DNS

geo-dc.adobe.com

chrome.exe

Remote address:

8.8.8.8:53

Request

geo-dc.adobe.com

IN A

Response

geo-dc.adobe.com

IN CNAME

ssl-delivery.adobe.com.edgekey.net

ssl-delivery.adobe.com.edgekey.net

IN CNAME

e4578.dscg.akamaiedge.net

e4578.dscg.akamaiedge.net

IN A

23.57.81.34
GET

https://use.typekit.net/af/cb695f/000000000000000000017701/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n4&v=3

chrome.exe

Remote address:

23.32.239.67:443

Request

GET /af/cb695f/000000000000000000017701/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n4&v=3 HTTP/2.0
host: use.typekit.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://get.adobe.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
content-type: application/font-woff2
content-length: 38708
etag: "dd165ea14e70e875c866c52590b09697264a4997"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 25 Apr 2023 18:48:48 GMT
GET

https://use.typekit.net/af/4b3e87/000000000000000000017706/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n9&v=3

chrome.exe

Remote address:

23.32.239.67:443

Request

GET /af/4b3e87/000000000000000000017706/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n9&v=3 HTTP/2.0
host: use.typekit.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://get.adobe.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
content-type: application/font-woff2
content-length: 38004
etag: "ffabdd35c33ff95d9e079b6182134208d7454ba5"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 25 Apr 2023 18:48:48 GMT
GET

https://use.typekit.net/af/a2527e/000000000000000000017704/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n8&v=3

chrome.exe

Remote address:

23.32.239.67:443

Request

GET /af/a2527e/000000000000000000017704/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n8&v=3 HTTP/2.0
host: use.typekit.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://get.adobe.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
content-type: application/font-woff2
content-length: 38976
etag: "5ebcf29234d7a3daf97e3d8d5fe8864631b7e3e7"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 25 Apr 2023 18:48:48 GMT
GET

https://use.typekit.net/af/40207f/0000000000000000000176ff/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n3&v=3

chrome.exe

Remote address:

23.32.239.67:443

Request

GET /af/40207f/0000000000000000000176ff/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n3&v=3 HTTP/2.0
host: use.typekit.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://get.adobe.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
content-type: application/font-woff2
content-length: 36388
etag: "41965d6d62842bb2d99d68ccf8ee9edb4761b717"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 25 Apr 2023 18:48:48 GMT
GET

https://use.typekit.net/af/eaf09c/000000000000000000017703/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n7&v=3

chrome.exe

Remote address:

23.32.239.67:443

Request

GET /af/eaf09c/000000000000000000017703/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n7&v=3 HTTP/2.0
host: use.typekit.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://get.adobe.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
content-type: application/font-woff2
content-length: 39260
etag: "8c36bd97ea24a61ae9be2b67e129a8c251197d40"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 25 Apr 2023 18:48:48 GMT
GET

https://use.typekit.net/af/74ffb1/000000000000000000017702/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=i4&v=3

chrome.exe

Remote address:

23.32.239.67:443

Request

GET /af/74ffb1/000000000000000000017702/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=i4&v=3 HTTP/2.0
host: use.typekit.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://get.adobe.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
content-type: application/font-woff2
content-length: 38948
etag: "d3174cc9c8510f80b83b9cfd410deee482da5b22"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 25 Apr 2023 18:48:48 GMT
DNS

geo2.adobe.com

chrome.exe

Remote address:

8.8.8.8:53

Request

geo2.adobe.com

IN A

Response

geo2.adobe.com

IN CNAME

ssl-delivery.adobe.com.edgekey.net

ssl-delivery.adobe.com.edgekey.net

IN CNAME

e4578.dscg.akamaiedge.net

e4578.dscg.akamaiedge.net

IN A

23.57.81.34
DNS

cdn.cookielaw.org

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn.cookielaw.org

IN A

Response

cdn.cookielaw.org

IN A

104.19.187.97

cdn.cookielaw.org

IN A

104.19.188.97
GET

https://cdn.cookielaw.org/consent/7a5eb705-95ed-4cc4-a11d-0cc5760e93db-test/7a5eb705-95ed-4cc4-a11d-0cc5760e93db-test.json

chrome.exe

Remote address:

104.19.187.97:443

Request

GET /consent/7a5eb705-95ed-4cc4-a11d-0cc5760e93db-test/7a5eb705-95ed-4cc4-a11d-0cc5760e93db-test.json HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://get.adobe.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 25 Apr 2023 18:48:48 GMT
content-type: application/x-javascript
content-length: 1831
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: m3WiQRHtDFc94MA/+hiP0w==
last-modified: Mon, 17 Apr 2023 14:48:46 GMT
etag: 0x8DB3F52D915E74A
x-ms-request-id: 6fd3af16-201e-00eb-19a6-77261a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bd8c328d977b713-AMS
GET

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

chrome.exe

Remote address:

104.19.187.97:443

Request

GET /scripttemplates/otSDKStub.js HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://get.adobe.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 25 Apr 2023 18:48:48 GMT
content-type: application/javascript
content-length: 6757
content-encoding: gzip
content-md5: rpnZu/dYNZPLIh9pLOSMrg==
last-modified: Tue, 25 Apr 2023 02:26:18 GMT
etag: 0x8DB453473C3A048
x-ms-request-id: f716eb31-501e-00ef-5332-77d398000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 46450
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bd8c32a0a54b713-AMS
GET

https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

chrome.exe

Remote address:

104.19.187.97:443

Request

GET /scripttemplates/202210.1.0/otBannerSdk.js HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://get.adobe.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 25 Apr 2023 18:48:50 GMT
content-type: application/javascript
content-length: 93164
content-encoding: gzip
content-md5: DjzI+HdyHvhC2OCs+qd+pw==
last-modified: Fri, 16 Dec 2022 04:11:44 GMT
etag: 0x8DADF1BA4D9E9D9
x-ms-request-id: 1e02c54a-e01e-0031-80e1-5a8331000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 45995
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bd8c333c8bab713-AMS
GET

https://cdn.cookielaw.org/consent/7a5eb705-95ed-4cc4-a11d-0cc5760e93db-test/27774061-ade1-4b76-8c5d-6bb00cee2b1c/en.json

chrome.exe

Remote address:

104.19.187.97:443

Request

GET /consent/7a5eb705-95ed-4cc4-a11d-0cc5760e93db-test/27774061-ade1-4b76-8c5d-6bb00cee2b1c/en.json HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://get.adobe.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 25 Apr 2023 18:48:50 GMT
content-type: application/x-javascript
content-length: 97792
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: 32nnWvBITVTvikuCVTJeBA==
last-modified: Mon, 17 Apr 2023 15:02:17 GMT
etag: 0x8DB3F54BC5CB914
x-ms-request-id: 1a4fcfd6-701e-00bc-34a6-77cf97000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bd8c3345902b713-AMS
GET

https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otFlat.json

chrome.exe

Remote address:

104.19.187.97:443

Request

GET /scripttemplates/202210.1.0/assets/otFlat.json HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://get.adobe.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 25 Apr 2023 18:48:50 GMT
content-type: application/json
content-length: 3007
content-encoding: gzip
content-md5: JuDKxv1jf1Hw0JXasvCaSg==
last-modified: Fri, 16 Dec 2022 04:11:35 GMT
etag: 0x8DADF1B9F221620
x-ms-request-id: 6651ae28-201e-0005-61e1-5a2c99000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 46451
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bd8c335197fb713-AMS
GET

https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otPcCenter.json

chrome.exe

Remote address:

104.19.187.97:443

Request

GET /scripttemplates/202210.1.0/assets/otPcCenter.json HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://get.adobe.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 25 Apr 2023 18:48:50 GMT
content-type: application/json
content-length: 14749
content-encoding: gzip
content-md5: /7imwDAj2tnNrmXTQyqG0A==
last-modified: Fri, 16 Dec 2022 04:11:35 GMT
etag: 0x8DADF1B9F855CD4
x-ms-request-id: 6ebf9e16-701e-00da-30e1-5a7dcd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 44621
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bd8c3351981b713-AMS
GET

https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otCommonStyles.css

chrome.exe

Remote address:

104.19.187.97:443

Request

GET /scripttemplates/202210.1.0/assets/otCommonStyles.css HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://get.adobe.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 25 Apr 2023 18:48:50 GMT
content-type: text/css
content-md5: oQsmwuIlJWH4cKDxpI1ltA==
last-modified: Fri, 16 Dec 2022 04:11:48 GMT
x-ms-request-id: 63b2d374-a01e-00fa-2ae1-5a1101000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 46451
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bd8c3351982b713-AMS
content-encoding: gzip
DNS

68.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

68.32.126.40.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

158.74.101.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

158.74.101.95.in-addr.arpa

IN PTR

Response

158.74.101.95.in-addr.arpa

IN PTR

a95-101-74-158deploystaticakamaitechnologiescom
DNS

67.239.32.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

67.239.32.23.in-addr.arpa

IN PTR

Response

67.239.32.23.in-addr.arpa

IN PTR

a23-32-239-67deploystaticakamaitechnologiescom
DNS

149.220.183.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

149.220.183.52.in-addr.arpa

IN PTR

Response
DNS

34.81.57.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

34.81.57.23.in-addr.arpa

IN PTR

Response

34.81.57.23.in-addr.arpa

IN PTR

a23-57-81-34deploystaticakamaitechnologiescom
DNS

wwwimages2.adobe.com

chrome.exe

Remote address:

8.8.8.8:53

Request

wwwimages2.adobe.com

IN A

Response

wwwimages2.adobe.com

IN CNAME

stls-wwwimages2.adobe.com-cn.edgesuite.net

stls-wwwimages2.adobe.com-cn.edgesuite.net

IN CNAME

stls-wwwimages2.adobe.com-cn.edgesuite.net.globalredir.akadns.net

stls-wwwimages2.adobe.com-cn.edgesuite.net.globalredir.akadns.net

IN CNAME

a361.dscg.akamai.net

a361.dscg.akamai.net

IN A

23.72.252.139

a361.dscg.akamai.net

IN A

23.72.252.123
DNS

wwwimages2.adobe.com

chrome.exe

Remote address:

8.8.8.8:53

Request

wwwimages2.adobe.com

IN A

Response

wwwimages2.adobe.com

IN CNAME

stls-wwwimages2.adobe.com-cn.edgesuite.net

stls-wwwimages2.adobe.com-cn.edgesuite.net

IN CNAME

stls-wwwimages2.adobe.com-cn.edgesuite.net.globalredir.akadns.net

stls-wwwimages2.adobe.com-cn.edgesuite.net.globalredir.akadns.net

IN CNAME

a361.dscg.akamai.net

a361.dscg.akamai.net

IN A

23.72.252.139

a361.dscg.akamai.net

IN A

23.72.252.123
DNS

assets.adobedtm.com

chrome.exe

Remote address:

8.8.8.8:53

Request

assets.adobedtm.com

IN A

Response

assets.adobedtm.com

IN CNAME

cn-assets.adobedtm.com.edgekey.net

cn-assets.adobedtm.com.edgekey.net

IN CNAME

e7808.dscg.akamaiedge.net

e7808.dscg.akamaiedge.net

IN A

23.57.80.54
GET

https://assets.adobedtm.com/launch-EN919758db9a654a17bac7d184b99c4820.min.js

chrome.exe

Remote address:

23.57.80.54:443

Request

GET /launch-EN919758db9a654a17bac7d184b99c4820.min.js HTTP/2.0
host: assets.adobedtm.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: application/x-javascript
etag: "3bd1f8abd8c44499a3c824a0f4d65d1e:1681790441.333139"
last-modified: Tue, 18 Apr 2023 04:00:41 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 176070
cache-control: max-age=3600
expires: Tue, 25 Apr 2023 19:48:48 GMT
date: Tue, 25 Apr 2023 18:48:48 GMT
access-control-allow-origin: https://get.adobe.com
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
GET

https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC89c6d3bd15f043db95a5a0a4b5cc9da0-file.min.js

chrome.exe

Remote address:

23.57.80.54:443

Request

GET /d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC89c6d3bd15f043db95a5a0a4b5cc9da0-file.min.js HTTP/2.0
host: assets.adobedtm.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: application/x-javascript
etag: "f85d080baa7014c32896aabf6481c2c4:1681790442.185218"
last-modified: Tue, 18 Apr 2023 04:00:42 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 500
cache-control: max-age=3600
expires: Tue, 25 Apr 2023 19:48:49 GMT
date: Tue, 25 Apr 2023 18:48:49 GMT
access-control-allow-origin: https://get.adobe.com
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
GET

https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC8b2fc74a3d60422a950baec834ba8202-file.min.js

chrome.exe

Remote address:

23.57.80.54:443

Request

GET /d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC8b2fc74a3d60422a950baec834ba8202-file.min.js HTTP/2.0
host: assets.adobedtm.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: application/x-javascript
etag: "f85d080baa7014c32896aabf6481c2c4:1681790442.185218"
last-modified: Tue, 18 Apr 2023 04:00:42 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 464
cache-control: max-age=3600
expires: Tue, 25 Apr 2023 19:48:50 GMT
date: Tue, 25 Apr 2023 18:48:50 GMT
access-control-allow-origin: https://get.adobe.com
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
GET

https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RCd685f8c6c09c43808ebe3d73ec90e0e1-file.min.js

chrome.exe

Remote address:

23.57.80.54:443

Request

GET /d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RCd685f8c6c09c43808ebe3d73ec90e0e1-file.min.js HTTP/2.0
host: assets.adobedtm.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: application/x-javascript
etag: "f85d080baa7014c32896aabf6481c2c4:1681790442.185218"
last-modified: Tue, 18 Apr 2023 04:00:42 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 573
cache-control: max-age=3600
expires: Tue, 25 Apr 2023 19:48:50 GMT
date: Tue, 25 Apr 2023 18:48:50 GMT
access-control-allow-origin: https://get.adobe.com
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
GET

https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC6f46e43fa6d44dbeb45cc5801ffded0e-file.min.js

chrome.exe

Remote address:

23.57.80.54:443

Request

GET /d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC6f46e43fa6d44dbeb45cc5801ffded0e-file.min.js HTTP/2.0
host: assets.adobedtm.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: application/x-javascript
etag: "f85d080baa7014c32896aabf6481c2c4:1681790442.185218"
last-modified: Tue, 18 Apr 2023 04:00:42 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 979
cache-control: max-age=3600
expires: Tue, 25 Apr 2023 19:48:50 GMT
date: Tue, 25 Apr 2023 18:48:50 GMT
access-control-allow-origin: https://get.adobe.com
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
GET

https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC036830be72f242959c7b9ca66cef0c85-file.min.js

chrome.exe

Remote address:

23.57.80.54:443

Request

GET /d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC036830be72f242959c7b9ca66cef0c85-file.min.js HTTP/2.0
host: assets.adobedtm.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: application/x-javascript
etag: "f85d080baa7014c32896aabf6481c2c4:1681790442.185218"
last-modified: Tue, 18 Apr 2023 04:00:42 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 264
cache-control: max-age=3600
expires: Tue, 25 Apr 2023 19:48:50 GMT
date: Tue, 25 Apr 2023 18:48:50 GMT
access-control-allow-origin: https://get.adobe.com
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
GET

https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC574c1470e8974562b88afc59e553c2ea-file.min.js

chrome.exe

Remote address:

23.57.80.54:443

Request

GET /d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC574c1470e8974562b88afc59e553c2ea-file.min.js HTTP/2.0
host: assets.adobedtm.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: application/x-javascript
etag: "f85d080baa7014c32896aabf6481c2c4:1681790442.185218"
last-modified: Tue, 18 Apr 2023 04:00:42 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 900
cache-control: max-age=3600
expires: Tue, 25 Apr 2023 19:48:50 GMT
date: Tue, 25 Apr 2023 18:48:50 GMT
access-control-allow-origin: https://get.adobe.com
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
GET

https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC1e99963244e0483ea9c5b2dfbd2f5aec-file.min.js

chrome.exe

Remote address:

23.57.80.54:443

Request

GET /d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC1e99963244e0483ea9c5b2dfbd2f5aec-file.min.js HTTP/2.0
host: assets.adobedtm.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: application/x-javascript
etag: "f85d080baa7014c32896aabf6481c2c4:1681790442.185218"
last-modified: Tue, 18 Apr 2023 04:00:42 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1502
cache-control: max-age=3600
expires: Tue, 25 Apr 2023 19:48:50 GMT
date: Tue, 25 Apr 2023 18:48:50 GMT
access-control-allow-origin: https://get.adobe.com
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
GET

https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RCd7cccdfd0d4548f8873da6591551519c-file.min.js

chrome.exe

Remote address:

23.57.80.54:443

Request

GET /d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RCd7cccdfd0d4548f8873da6591551519c-file.min.js HTTP/2.0
host: assets.adobedtm.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: application/x-javascript
etag: "f85d080baa7014c32896aabf6481c2c4:1681790442.185218"
last-modified: Tue, 18 Apr 2023 04:00:42 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 331
cache-control: max-age=3600
expires: Tue, 25 Apr 2023 19:48:50 GMT
date: Tue, 25 Apr 2023 18:48:50 GMT
access-control-allow-origin: https://get.adobe.com
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
GET

https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RCd7a47a806f284c08ab0b45edd063ec1a-file.min.js

chrome.exe

Remote address:

23.57.80.54:443

Request

GET /d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RCd7a47a806f284c08ab0b45edd063ec1a-file.min.js HTTP/2.0
host: assets.adobedtm.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: application/x-javascript
etag: "f85d080baa7014c32896aabf6481c2c4:1681790442.185218"
last-modified: Tue, 18 Apr 2023 04:00:42 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1962
cache-control: max-age=3600
expires: Tue, 25 Apr 2023 19:48:50 GMT
date: Tue, 25 Apr 2023 18:48:50 GMT
access-control-allow-origin: https://get.adobe.com
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
GET

https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RCe010b0bf1b2c48c0a4af01710fbbd56c-file.min.js

chrome.exe

Remote address:

23.57.80.54:443

Request

GET /d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RCe010b0bf1b2c48c0a4af01710fbbd56c-file.min.js HTTP/2.0
host: assets.adobedtm.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: application/x-javascript
etag: "f85d080baa7014c32896aabf6481c2c4:1681790442.185218"
last-modified: Tue, 18 Apr 2023 04:00:42 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 7698
cache-control: max-age=3600
expires: Tue, 25 Apr 2023 19:48:50 GMT
date: Tue, 25 Apr 2023 18:48:50 GMT
access-control-allow-origin: https://get.adobe.com
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
GET

https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC39708cd022a14380ab0afbf947473bf7-file.min.js

chrome.exe

Remote address:

23.57.80.54:443

Request

GET /d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC39708cd022a14380ab0afbf947473bf7-file.min.js HTTP/2.0
host: assets.adobedtm.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: application/x-javascript
etag: "f85d080baa7014c32896aabf6481c2c4:1681790442.185218"
last-modified: Tue, 18 Apr 2023 04:00:42 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 514
cache-control: max-age=3600
expires: Tue, 25 Apr 2023 19:48:51 GMT
date: Tue, 25 Apr 2023 18:48:51 GMT
access-control-allow-origin: https://get.adobe.com
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
GET

https://wwwimages2.adobe.com/downloadcenter/singlepage/live/images/adchoices_icon.png

chrome.exe

Remote address:

23.72.252.139:443

Request

GET /downloadcenter/singlepage/live/images/adchoices_icon.png HTTP/2.0
host: wwwimages2.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=

Response

HTTP/2.0 200

content-type: image/png
content-length: 613
server: Apache
last-modified: Mon, 31 Aug 2020 06:26:08 GMT
accept-ranges: bytes
x-adobe-loc: ew1
x-content-type-options: nosniff
cache-control: max-age=420, s-maxage=300
date: Tue, 25 Apr 2023 18:48:48 GMT
DNS

p.typekit.net

chrome.exe

Remote address:

8.8.8.8:53

Request

p.typekit.net

IN A

Response

p.typekit.net

IN CNAME

p.typekit.net-stls-v3.edgesuite.net

p.typekit.net-stls-v3.edgesuite.net

IN CNAME

a1874.dscg1.akamai.net

a1874.dscg1.akamai.net

IN A

23.32.239.83

a1874.dscg1.akamai.net

IN A

23.32.239.58
GET

https://p.typekit.net/p.gif?s=1&k=bxf0ivf&ht=tk&h=get.adobe.com&f=7180.7181.7182.7184.7185.22474&a=19707152&js=1.21.0&app=typekit&e=js&_=1682455727534

chrome.exe

Remote address:

23.32.239.83:443

Request

GET /p.gif?s=1&k=bxf0ivf&ht=tk&h=get.adobe.com&f=7180.7181.7182.7184.7185.22474&a=19707152&js=1.21.0&app=typekit&e=js&_=1682455727534 HTTP/2.0
host: p.typekit.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "6160f9fb-23"
last-modified: Sat, 09 Oct 2021 02:10:03 GMT
server: nginx
content-length: 35
unused62: 8096267
date: Tue, 25 Apr 2023 18:48:49 GMT
DNS

dpm.demdex.net

chrome.exe

Remote address:

8.8.8.8:53

Request

dpm.demdex.net

IN A

Response

dpm.demdex.net

IN CNAME

gslb-2.demdex.net

gslb-2.demdex.net

IN CNAME

edge-irl1.demdex.net

edge-irl1.demdex.net

IN CNAME

dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com

dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com

IN A

34.241.45.41

dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com

IN A

52.16.141.94

dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com

IN A

34.250.10.83

dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com

IN A

34.243.208.221

dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com

IN A

52.211.104.127

dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com

IN A

52.19.200.27

dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com

IN A

52.210.27.198

dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com

IN A

52.16.22.14
DNS

mssplus.mcafee.com

chrome.exe

Remote address:

8.8.8.8:53

Request

mssplus.mcafee.com

IN A

Response

mssplus.mcafee.com

IN CNAME

redirect.mcafee.com

redirect.mcafee.com

IN CNAME

nlb-awsredirsvr-c8465ea02a8ee06f.elb.us-west-2.amazonaws.com

nlb-awsredirsvr-c8465ea02a8ee06f.elb.us-west-2.amazonaws.com

IN A

44.227.222.81

nlb-awsredirsvr-c8465ea02a8ee06f.elb.us-west-2.amazonaws.com

IN A

54.70.221.132

nlb-awsredirsvr-c8465ea02a8ee06f.elb.us-west-2.amazonaws.com

IN A

35.85.150.98
DNS

97.187.19.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.187.19.104.in-addr.arpa

IN PTR

Response
DNS

139.252.72.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

139.252.72.23.in-addr.arpa

IN PTR

Response

139.252.72.23.in-addr.arpa

IN PTR

a23-72-252-139deploystaticakamaitechnologiescom
DNS

54.80.57.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

54.80.57.23.in-addr.arpa

IN PTR

Response

54.80.57.23.in-addr.arpa

IN PTR

a23-57-80-54deploystaticakamaitechnologiescom
DNS

83.239.32.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

83.239.32.23.in-addr.arpa

IN PTR

Response

83.239.32.23.in-addr.arpa

IN PTR

a23-32-239-83deploystaticakamaitechnologiescom
DNS

41.45.241.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

41.45.241.34.in-addr.arpa

IN PTR

Response

41.45.241.34.in-addr.arpa

IN PTR

ec2-34-241-45-41 eu-west-1compute amazonawscom
DNS

www.mcafee.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.mcafee.com

IN A

Response

www.mcafee.com

IN CNAME

www-mcafeee-r53.awsconsumer.mcafee.com

www-mcafeee-r53.awsconsumer.mcafee.com

IN CNAME

www.mcafee.com.edgekey.net

www.mcafee.com.edgekey.net

IN CNAME

e19211.a.akamaiedge.net

e19211.a.akamaiedge.net

IN A

23.222.54.47
HEAD

https://www.mcafee.com/?1682455727930

chrome.exe

Remote address:

23.222.54.47:443

Request

HEAD /?1682455727930 HTTP/2.0
host: www.mcafee.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: null
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html;charset=utf-8
server: Apache
x-frame-options: DENY
content-security-policy: frame-ancestors https://pam.mcafee.com
x-content-type-options: nosniff
last-modified: Tue, 25 Apr 2023 11:39:57 GMT
etag: "644ef-5fa279530dcf3-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 69702
expires: Tue, 25 Apr 2023 18:48:50 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Tue, 25 Apr 2023 18:48:50 GMT
x-akam-sw-version: 0.5.0
strict-transport-security: max-age=31536000
set-cookie: _abck=4732685467FF2EFB82EE4B1712C74A47~-1~YAAQDMMTAhXGwK+HAQAAhDu/uQnZUBSAA5Th0I+KKgstKsoQsvW8r84ViO0NiVq3x7Eaak3zLwzSOTtRbSTix4feYH9aS/rrPamwomaMaFBio8FPmFeojyCifQxeGAMh2d3rv/kFuoMSAmNpWxXxeZlIvtIN3trQ6xBdXZNuTextsuGccoCdNwJN5s0Ox5dkNAYtWgce2t47OPatALCL245t/69MMmzJIdfr2gW5n8IemoeJoELpYvGbHR53nZn59EMDrXyiO1VSSjrBjQZWQ/UgxF4lVlDRLWVLgldyFJOpekk0S+onDsjzTql3I16dgKpJftMlY/Idr57ZGTsxNBrW7hWuR3WnlvehmofRB+YKtqqHLCRpOi6WR3w=~-1~-1~-1; Domain=.mcafee.com; Path=/; Expires=Wed, 24 Apr 2024 18:48:50 GMT; Max-Age=31536000; Secure
set-cookie: bm_sz=187F5BE0351957CE0A9EA6605C33AA73~YAAQDMMTAhbGwK+HAQAAhDu/uRO9u8sOGPjrJg60LzmG34p/L2jTAcwHRXTwiwSzX+1fZS15qUVQMdUQBGorgM1+bcGjJURg6R+YfQtnQTOv/bi09m8pJi0cobvLO30Qu95ECw50V/TfOs2+vGPLm9WbeOwJYDfDAEI2yg0ve+hI/XP0PwJN/rS7fE82kix9rQmZOkixrt6jQ8prGNZdQARG7nLlitRjkvLK+6+/SVw3hftw3dE1347GgL9G5Ndhtn5aA97RcwmXKKGO4ncGzMs0uVKiLD8x3wIZOZIlxMbFweE=~3162436~4534323; Domain=.mcafee.com; Path=/; Expires=Tue, 25 Apr 2023 22:48:50 GMT; Max-Age=14400
server-timing: ak_p; desc="467346_34849548_93753952_35_7664_24_0";dur=1
DNS

rdc.adobe.io

chrome.exe

Remote address:

8.8.8.8:53

Request

rdc.adobe.io

IN A

Response

rdc.adobe.io

IN A

52.202.204.11

rdc.adobe.io

IN A

54.227.187.23

rdc.adobe.io

IN A

52.5.13.197

rdc.adobe.io

IN A

23.22.254.206
DNS

geolocation.onetrust.com

chrome.exe

Remote address:

8.8.8.8:53

Request

geolocation.onetrust.com

IN A

Response

geolocation.onetrust.com

IN A

104.18.43.158

geolocation.onetrust.com

IN A

172.64.144.98
GET

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

chrome.exe

Remote address:

104.18.43.158:443

Request

GET /cookieconsentpub/v1/geo/location HTTP/2.0
host: geolocation.onetrust.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
accept: application/json
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
origin: https://get.adobe.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 25 Apr 2023 18:48:50 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7bd8c3334b7f1c92-AMS
content-encoding: gzip
OPTIONS

https://rdc.adobe.io/reader/products?lang=en&platformArch=64&site=landing&os=Windows%2010&preInstalled=mss%2Cmsc&country=NL&nativeOs=Windows%2010&api_key=dc-get-adobereader-cdn

chrome.exe

Remote address:

52.202.204.11:443

Request

OPTIONS /reader/products?lang=en&platformArch=64&site=landing&os=Windows%2010&preInstalled=mss%2Cmsc&country=NL&nativeOs=Windows%2010&api_key=dc-get-adobereader-cdn HTTP/1.1
Host: rdc.adobe.io
Connection: keep-alive
Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-api-key
Origin: https://get.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Sec-Fetch-Dest: empty
Referer: https://get.adobe.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: openresty
Date: Tue, 25 Apr 2023 18:48:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-request-id: Eb8nxMXh2qnQtec7TFSFZgiYahYeQ8PP
x-server: adobe.rdc.0.1.6e32b8dc75bc29bbd945a9f34e4c0747a4a02f46
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: x-api-key
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
GET

https://rdc.adobe.io/reader/products?lang=en&platformArch=64&site=landing&os=Windows%2010&preInstalled=mss%2Cmsc&country=NL&nativeOs=Windows%2010&api_key=dc-get-adobereader-cdn

chrome.exe

Remote address:

52.202.204.11:443

Request

GET /reader/products?lang=en&platformArch=64&site=landing&os=Windows%2010&preInstalled=mss%2Cmsc&country=NL&nativeOs=Windows%2010&api_key=dc-get-adobereader-cdn HTTP/1.1
Host: rdc.adobe.io
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
x-api-key: dc-get-adobereader-cdn
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://get.adobe.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://get.adobe.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: openresty
Date: Tue, 25 Apr 2023 18:48:50 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-request-id: clQTgFUFSPlxoIsmBcUTMUz55VAjMCp8
x-server: adobe.rdc.0.1.6e32b8dc75bc29bbd945a9f34e4c0747a4a02f46
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
access-control-allow-origin: *
content-encoding: gzip
DNS

sstats.adobe.com

chrome.exe

Remote address:

8.8.8.8:53

Request

sstats.adobe.com

IN A

Response

sstats.adobe.com

IN CNAME

adobe.com.ssl.d1.sc.omtrdc.net

adobe.com.ssl.d1.sc.omtrdc.net

IN A

63.140.62.164

adobe.com.ssl.d1.sc.omtrdc.net

IN A

63.140.62.135

adobe.com.ssl.d1.sc.omtrdc.net

IN A

63.140.62.160
GET

https://sstats.adobe.com/id?d_visid_ver=5.3.0&d_fieldgroup=A&mcorgid=9E1005A551ED61CA0A490D45%40AdobeOrg&mid=77506226066547817042189618079266615231&ts=1682455729028

chrome.exe

Remote address:

63.140.62.164:443

Request

GET /id?d_visid_ver=5.3.0&d_fieldgroup=A&mcorgid=9E1005A551ED61CA0A490D45%40AdobeOrg&mid=77506226066547817042189618079266615231&ts=1682455729028 HTTP/2.0
host: sstats.adobe.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
origin: https://get.adobe.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=
cookie: s_nr=1682455727921-New
cookie: AMCVS_9E1005A551ED61CA0A490D45%40AdobeOrg=1
cookie: AMCV_9E1005A551ED61CA0A490D45%40AdobeOrg=-2121179033%7CMCMID%7C77506226066547817042189618079266615231%7CMCAAMLH-1683060529%7C6%7CMCAAMB-1683060529%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1682462929s%7CNONE%7CvVersion%7C5.3.0

Response

HTTP/2.0 200

access-control-allow-origin: https://get.adobe.com
access-control-allow-credentials: true
date: Tue, 25 Apr 2023 18:48:50 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_ecid=MCMID%7C77506226066547817042189618079266615231; Path=/; Domain=adobe.com; Max-Age=63072000; Expires=Thu, 24 Apr 2025 18:48:48 GMT; SameSite=Lax;
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 48
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
POST

https://sstats.adobe.com/b/ss/adbadobenonacdcprod,adbadobeprototype,adbacdcprod/1/JS-2.22.4-LDQM/s25326533895767

chrome.exe

Remote address:

63.140.62.164:443

Request

POST /b/ss/adbadobenonacdcprod,adbadobeprototype,adbacdcprod/1/JS-2.22.4-LDQM/s25326533895767 HTTP/2.0
host: sstats.adobe.com
content-length: 6710
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://get.adobe.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=
cookie: s_nr=1682455727921-New
cookie: AMCVS_9E1005A551ED61CA0A490D45%40AdobeOrg=1
cookie: s_ecid=MCMID%7C77506226066547817042189618079266615231
cookie: AMCV_9E1005A551ED61CA0A490D45%40AdobeOrg=-2121179033%7CMCMID%7C77506226066547817042189618079266615231%7CMCAAMLH-1683060529%7C6%7CMCAAMB-1683060529%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1682462929s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.3.0
cookie: OptanonChoice=1
cookie: s_dmdbase=1
cookie: kndctr_9E1005A551ED61CA0A490D45_AdobeOrg_cluster=irl1
cookie: kndctr_9E1005A551ED61CA0A490D45_AdobeOrg_identity=CiY3NzUwNjIyNjA2NjU0NzgxNzA0MjE4OTYxODA3OTI2NjYxNTIzMVIPCKz9_M37MBgBKgRJUkwx8AGs_fzN-zA=
cookie: _gcl_au=1.1.149374275.1682455730
cookie: gpv=get.adobe.com:reader
cookie: _uetsid=94e7a350e3aa11ed8b5843d3df605afd
cookie: _uetvid=94e89570e3aa11ed9e3df12b51f3a536
cookie: adcloud={%22_les_v%22:%22y%2Cadobe.com%2C1682457530%22}
cookie: _cs_mk_aa=0.5537986880971153_1682455730228
cookie: s_vs=1
cookie: s_cpc=1
cookie: s_cc=true

Response

HTTP/2.0 200

access-control-allow-origin: https://get.adobe.com
access-control-allow-credentials: true
date: Tue, 25 Apr 2023 18:48:51 GMT
expires: Mon, 24 Apr 2023 18:48:51 GMT
last-modified: Wed, 26 Apr 2023 18:48:51 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_ecid=MCMID%7C77506226066547817042189618079266615231; Path=/; Domain=adobe.com; Max-Age=63072000; Expires=Thu, 24 Apr 2025 18:48:48 GMT;
set-cookie: s_ecid=MCMID%7C77506226066547817042189618079266615231; Path=/; Domain=adobe.com; Max-Age=63072000; Expires=Thu, 24 Apr 2025 18:48:48 GMT;
set-cookie: s_ecid=MCMID%7C77506226066547817042189618079266615231; Path=/; Domain=adobe.com; Max-Age=63072000; Expires=Thu, 24 Apr 2025 18:48:48 GMT;
etag: 3613030710221701120-4619322076763950711
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
POST

https://sstats.adobe.com/ee/v1/collect?configId=275a1cc1-992e-4c14-b63a-c28ac0ccbf48&requestId=d1665713-fed2-4627-a84d-be3f9ffe7819

chrome.exe

Remote address:

63.140.62.164:443

Request

POST /ee/v1/collect?configId=275a1cc1-992e-4c14-b63a-c28ac0ccbf48&requestId=d1665713-fed2-4627-a84d-be3f9ffe7819 HTTP/2.0
host: sstats.adobe.com
content-length: 10304
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain; charset=utf-8
accept: */*
origin: https://get.adobe.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AKA_A2=A
cookie: ak_bmsc=12D223CEBCDF4C7F577BC52E2A96DFC6~000000000000000000000000000000~YAAQpPxIFxh6XaaHAQAAmDG/uROM85A3grhgsh0oMWGcuG++9mjKx5YMp6uE47RSRUHJlnqEJZOu6DgaoAZw1gL9y/SdH0c8txdGVA8L1VGmWSPegcHxPTephEr4BxN2HuMprhgAqC4ByTgTQKpHj/cqLBIGDGb3nZ9MoSaGKS8FMdbZcWzcRNRzihD5g1Sme1iQyq/08hGF9nvd1jXPbhzsq2TZODnuFVT6A+3wJ5ob6zN4PShn39Oohm12Mg0sRhC6onAkHZFfYDfvTUjRFcRSrjqpTw5XCw2eQhTnQkrRRfcdpNO2P7LYMVVfr+QsiUWUHuic2Ht3JRPra9MTvNqQJzMLvo/owB047vk7eisJ9Z4gkW3+ySIrx1FtFT1z8jiyVae1MTg=
cookie: s_nr=1682455727921-New
cookie: AMCVS_9E1005A551ED61CA0A490D45%40AdobeOrg=1
cookie: s_ecid=MCMID%7C77506226066547817042189618079266615231
cookie: AMCV_9E1005A551ED61CA0A490D45%40AdobeOrg=-2121179033%7CMCMID%7C77506226066547817042189618079266615231%7CMCAAMLH-1683060529%7C6%7CMCAAMB-1683060529%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1682462929s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.3.0
cookie: OptanonChoice=1
cookie: s_dmdbase=1
cookie: kndctr_9E1005A551ED61CA0A490D45_AdobeOrg_cluster=irl1
cookie: kndctr_9E1005A551ED61CA0A490D45_AdobeOrg_identity=CiY3NzUwNjIyNjA2NjU0NzgxNzA0MjE4OTYxODA3OTI2NjYxNTIzMVIPCKz9_M37MBgBKgRJUkwx8AGs_fzN-zA=
cookie: _gcl_au=1.1.149374275.1682455730
cookie: gpv=get.adobe.com:reader
cookie: _uetsid=94e7a350e3aa11ed8b5843d3df605afd
cookie: _uetvid=94e89570e3aa11ed9e3df12b51f3a536
cookie: adcloud={%22_les_v%22:%22y%2Cadobe.com%2C1682457530%22}
cookie: _cs_mk_aa=0.5537986880971153_1682455730228
cookie: s_vs=1
cookie: s_cpc=1
cookie: s_cc=true

Response

HTTP/2.0 204

x-request-id: d1665713-fed2-4627-a84d-be3f9ffe7819
x-rate-limit-remaining: 599
vary: Origin
access-control-allow-origin: https://get.adobe.com
access-control-allow-credentials: true
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
date: Tue, 25 Apr 2023 18:48:51 GMT
x-konductor: 23.4.38:ad0fbf8b
x-adobe-edge: IRL1;6
server: jag
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
DNS

81.222.227.44.in-addr.arpa

Remote address:

8.8.8.8:53

Request

81.222.227.44.in-addr.arpa

IN PTR

Response

81.222.227.44.in-addr.arpa

IN PTR

ec2-44-227-222-81 us-west-2compute amazonawscom
DNS

81.222.227.44.in-addr.arpa

Remote address:

8.8.8.8:53

Request

81.222.227.44.in-addr.arpa

IN PTR

Response

81.222.227.44.in-addr.arpa

IN PTR

ec2-44-227-222-81 us-west-2compute amazonawscom
DNS

158.43.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

158.43.18.104.in-addr.arpa

IN PTR

Response
DNS

47.54.222.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

47.54.222.23.in-addr.arpa

IN PTR

Response

47.54.222.23.in-addr.arpa

IN PTR

a23-222-54-47deploystaticakamaitechnologiescom
DNS

164.62.140.63.in-addr.arpa

Remote address:

8.8.8.8:53

Request

164.62.140.63.in-addr.arpa

IN PTR

Response

164.62.140.63.in-addr.arpa

IN PTR

ip-63-140-62-164dataadobedcnet
DNS

164.62.140.63.in-addr.arpa

Remote address:

8.8.8.8:53

Request

164.62.140.63.in-addr.arpa

IN PTR

Response

164.62.140.63.in-addr.arpa

IN PTR

ip-63-140-62-164dataadobedcnet
DNS

11.204.202.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.204.202.52.in-addr.arpa

IN PTR

Response

11.204.202.52.in-addr.arpa

IN PTR

ec2-52-202-204-11 compute-1 amazonawscom
POST

https://sstats.adobe.com/ee/v1/interact?configId=11dd9af9-1455-4159-bb5e-0b1fdf039f76:prod&requestId=2220d6d8-f12d-444e-aa80-51153e78d5a1

chrome.exe

Remote address:

63.140.62.164:443

Request

POST /ee/v1/interact?configId=11dd9af9-1455-4159-bb5e-0b1fdf039f76:prod&requestId=2220d6d8-f12d-444e-aa80-51153e78d5a1 HTTP/2.0
host: sstats.adobe.com
content-length: 534
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
accept: */*
origin: https://get.adobe.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

x-request-id: 2220d6d8-f12d-444e-aa80-51153e78d5a1
x-rate-limit-remaining: 599
vary: Origin
access-control-allow-origin: https://get.adobe.com
access-control-allow-credentials: true
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
date: Tue, 25 Apr 2023 18:48:50 GMT
x-konductor: 23.4.38:ad0fbf8b
x-adobe-edge: IRL1;6
server: jag
content-encoding: deflate
content-type: application/json;charset=utf-8
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
POST

https://sstats.adobe.com/ee/v1/interact?configId=8d7bac14-04dd-47cb-9710-7d4b1358467a&requestId=d463b942-243c-4f29-93b3-a364e9614c75

chrome.exe

Remote address:

63.140.62.164:443

Request

POST /ee/v1/interact?configId=8d7bac14-04dd-47cb-9710-7d4b1358467a&requestId=d463b942-243c-4f29-93b3-a364e9614c75 HTTP/2.0
host: sstats.adobe.com
content-length: 568
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
accept: */*
origin: https://get.adobe.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

x-request-id: d463b942-243c-4f29-93b3-a364e9614c75
x-rate-limit-remaining: 599
vary: Origin
access-control-allow-origin: https://get.adobe.com
access-control-allow-credentials: true
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
date: Tue, 25 Apr 2023 18:48:50 GMT
x-konductor: 23.4.38:ad0fbf8b
x-adobe-edge: IRL1;6
server: jag
content-encoding: deflate
content-type: application/json;charset=utf-8
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
GET

https://cdn.cookielaw.org/logos/static/ot_company_logo.png

chrome.exe

Remote address:

104.19.187.97:443

Request

GET /logos/static/ot_company_logo.png HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 25 Apr 2023 18:48:50 GMT
content-type: image/png
content-length: 4036
content-md5: E8+sk/ECzKgTUVtDLikiIA==
last-modified: Mon, 24 Apr 2023 04:36:32 GMT
etag: 0x8DB447D7B0D9A1D
x-ms-request-id: 108ed28d-c01e-0040-61cf-76f108000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 9537
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bd8c3361b9c0e5c-AMS
GET

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

chrome.exe

Remote address:

104.19.187.97:443

Request

GET /logos/static/powered_by_logo.svg HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 25 Apr 2023 18:48:50 GMT
content-type: image/svg+xml
content-md5: Y+c301RBZNK39PvKQWrIBw==
last-modified: Mon, 24 Apr 2023 04:36:33 GMT
x-ms-request-id: 17909ae0-101e-00a7-2967-76e105000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 82128
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bd8c3361b9d0e5c-AMS
content-encoding: gzip
DNS

api.demandbase.com

chrome.exe

Remote address:

8.8.8.8:53

Request

api.demandbase.com

IN A

Response

api.demandbase.com

IN A

65.9.86.6

api.demandbase.com

IN A

65.9.86.122

api.demandbase.com

IN A

65.9.86.79

api.demandbase.com

IN A

65.9.86.2
GET

https://api.demandbase.com/api/v2/ip.json?key=LDHxBA8hUB2yNQphwwEfblkR6cHtp1tmrI2XGG2s&rnd=5100&callback=Request_6210789

chrome.exe

Remote address:

65.9.86.6:443

Request

GET /api/v2/ip.json?key=LDHxBA8hUB2yNQphwwEfblkR6cHtp1tmrI2XGG2s&rnd=5100&callback=Request_6210789 HTTP/1.1
Host: api.demandbase.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://get.adobe.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 25 Apr 2023 18:48:51 GMT
Server: nginx
Api-Version: v2
Identification-Source: CACHE
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 24 Apr 2023 18:48:50 GMT
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Request-ID: dea81e05-d89b-4c04-a64f-387e2df163c2
X-Cache: Miss from cloudfront
Via: 1.1 3ffec0ecfde687fb371812ad42f5cfc2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: P0ABIldAZQHOKeuILte8OKN5kEUaWgkuxzcLEHInKBRlkPDmPc7_3w==
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
DNS

adobedc.demdex.net

chrome.exe

Remote address:

8.8.8.8:53

Request

adobedc.demdex.net

IN A

Response

adobedc.demdex.net

IN CNAME

demdex.net.ssl.sc.omtrdc.net

demdex.net.ssl.sc.omtrdc.net

IN A

63.140.62.160

demdex.net.ssl.sc.omtrdc.net

IN A

63.140.62.164

demdex.net.ssl.sc.omtrdc.net

IN A

63.140.62.135
POST

https://adobedc.demdex.net/ee/v1/interact?configId=275a1cc1-992e-4c14-b63a-c28ac0ccbf48&requestId=d9862233-afa4-4e8c-be85-ae5d727c4888

chrome.exe

Remote address:

63.140.62.160:443

Request

POST /ee/v1/interact?configId=275a1cc1-992e-4c14-b63a-c28ac0ccbf48&requestId=d9862233-afa4-4e8c-be85-ae5d727c4888 HTTP/2.0
host: adobedc.demdex.net
content-length: 4167
cache-control: max-age=0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain; charset=UTF-8
accept: */*
origin: https://get.adobe.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: demdex=77662719422413735742174111723207908145

Response

HTTP/2.0 200

x-request-id: d9862233-afa4-4e8c-be85-ae5d727c4888
x-rate-limit-remaining: 599
vary: Origin
access-control-allow-origin: https://get.adobe.com
access-control-allow-credentials: true
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
date: Tue, 25 Apr 2023 18:48:50 GMT
x-konductor: 23.4.38:ad0fbf8b
x-adobe-edge: IRL1;6
server: jag
set-cookie: demdex=77662719422413735742174111723207908145; Max-Age=15552000; Domain=demdex.net; Path=/; Secure; SameSite=None; $x-enc=URI_ENCODING
content-encoding: deflate
content-type: application/json;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
DNS

www.everestjs.net

chrome.exe

Remote address:

8.8.8.8:53

Request

www.everestjs.net

IN A

Response

www.everestjs.net

IN CNAME

www.everestjs.net.edgekey.net

www.everestjs.net.edgekey.net

IN CNAME

e9518.c.akamaiedge.net

e9518.c.akamaiedge.net

IN A

104.93.248.90
DNS

snap.licdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

snap.licdn.com

IN A

Response

snap.licdn.com

IN CNAME

od.linkedin.edgesuite.net

od.linkedin.edgesuite.net

IN CNAME

a1916.dscg2.akamai.net

a1916.dscg2.akamai.net

IN A

23.32.238.144

a1916.dscg2.akamai.net

IN A

23.32.238.152
DNS

static.ads-twitter.com

chrome.exe

Remote address:

8.8.8.8:53

Request

static.ads-twitter.com

IN A

Response

static.ads-twitter.com

IN CNAME

platform.twitter.map.fastly.net

platform.twitter.map.fastly.net

IN A

199.232.148.157
DNS

bat.bing.com

chrome.exe

Remote address:

8.8.8.8:53

Request

bat.bing.com

IN A

Response

bat.bing.com

IN CNAME

bat-bing-com.a-0001.a-msedge.net

bat-bing-com.a-0001.a-msedge.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
GET

https://www.everestjs.net/static/le/last-event-tag-latest.min.js

chrome.exe

Remote address:

104.93.248.90:443

Request

GET /static/le/last-event-tag-latest.min.js HTTP/1.1
Host: www.everestjs.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://get.adobe.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

x-amz-id-2: IMU9dagrMAeyN0Mg86JzC12Pe4yz7amIWH6D7+DDDR8fam5OJPDgnEx7sU648tD3O/xlfkEa+oY=
x-amz-request-id: NGAMS24PJE9TKCDE
Last-Modified: Wed, 16 Jun 2021 15:18:41 GMT
ETag: "d5991c18a0042eb33f92c6b5b44ffe8d"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Encoding: gzip
Content-Length: 2663
Date: Tue, 25 Apr 2023 18:48:51 GMT
Connection: keep-alive
Vary: Accept-Encoding
DNS

pixel.everesttech.net

chrome.exe

Remote address:

8.8.8.8:53

Request

pixel.everesttech.net

IN A

Response

pixel.everesttech.net

IN CNAME

tp00.everesttech.net.akadns.net

tp00.everesttech.net.akadns.net

IN A

52.208.115.236

tp00.everesttech.net.akadns.net

IN A

18.202.151.8

tp00.everesttech.net.akadns.net

IN A

34.250.24.143
GET

https://snap.licdn.com/li.lms-analytics/insight.min.js

chrome.exe

Remote address:

23.32.238.144:443

Request

GET /li.lms-analytics/insight.min.js HTTP/2.0
host: snap.licdn.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=62088
date: Tue, 25 Apr 2023 18:48:51 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
DNS

content-autofill.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

content-autofill.googleapis.com

IN A

Response

content-autofill.googleapis.com

IN A

172.217.168.202

content-autofill.googleapis.com

IN A

172.217.23.202

content-autofill.googleapis.com

IN A

216.58.214.10

content-autofill.googleapis.com

IN A

142.250.179.138

content-autofill.googleapis.com

IN A

142.251.36.42

content-autofill.googleapis.com

IN A

142.250.179.170

content-autofill.googleapis.com

IN A

142.250.179.202

content-autofill.googleapis.com

IN A

142.251.36.10

content-autofill.googleapis.com

IN A

142.251.39.106
GET

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSEAlwfu2fWAVX4hIFDaWTNiQ=?alt=proto

chrome.exe

Remote address:

172.217.168.202:443

Request

GET /v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSEAlwfu2fWAVX4hIFDaWTNiQ=?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: CLP2ygE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

t.co

chrome.exe

Remote address:

8.8.8.8:53

Request

t.co

IN A

Response

t.co

IN A

104.244.42.5
DNS

analytics.twitter.com

chrome.exe

Remote address:

8.8.8.8:53

Request

analytics.twitter.com

IN A

Response

analytics.twitter.com

IN CNAME

ads.twitter.com

ads.twitter.com

IN CNAME

s.twitter.com

s.twitter.com

IN A

104.244.42.131

s.twitter.com

IN A

104.244.42.195

s.twitter.com

IN A

104.244.42.3

s.twitter.com

IN A

104.244.42.67
GET

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=1324839a-83ce-4e81-a1aa-40632f1d5bd6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a036fc1c-0834-4087-8199-4bc919d37369&tw_document_href=https%3A%2F%2Fget.adobe.com%2Freader%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1w4k&type=javascript&version=2.3.29

chrome.exe

Remote address:

104.244.42.131:443

Request

GET /i/adsct?bci=3&eci=2&event_id=1324839a-83ce-4e81-a1aa-40632f1d5bd6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a036fc1c-0834-4087-8199-4bc919d37369&tw_document_href=https%3A%2F%2Fget.adobe.com%2Freader%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1w4k&type=javascript&version=2.3.29 HTTP/2.0
host: analytics.twitter.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 25 Apr 2023 18:48:51 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_orQl71Q8Um5gXRd0J03+rA=="; Max-Age=63072000; Expires=Thu, 24 Apr 2025 18:48:51 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: b7eba3dbd1a7e7ee
strict-transport-security: max-age=631138519
x-response-time: 106
x-connection-hash: ad6cc313b8813178702a94db9d5290c3cf07205da16870d3ceef20a91f638141
DNS

lasteventf-tm.everesttech.net

chrome.exe

Remote address:

8.8.8.8:53

Request

lasteventf-tm.everesttech.net

IN A

Response

lasteventf-tm.everesttech.net

IN CNAME

lasteventf.tubemogul.com

lasteventf.tubemogul.com

IN CNAME

h2.shared.global.fastly.net

h2.shared.global.fastly.net

IN A

151.101.2.49

h2.shared.global.fastly.net

IN A

151.101.66.49

h2.shared.global.fastly.net

IN A

151.101.130.49

h2.shared.global.fastly.net

IN A

151.101.194.49
GET

https://t.co/i/adsct?bci=3&eci=2&event_id=1324839a-83ce-4e81-a1aa-40632f1d5bd6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a036fc1c-0834-4087-8199-4bc919d37369&tw_document_href=https%3A%2F%2Fget.adobe.com%2Freader%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1w4k&type=javascript&version=2.3.29

chrome.exe

Remote address:

104.244.42.5:443

Request

GET /i/adsct?bci=3&eci=2&event_id=1324839a-83ce-4e81-a1aa-40632f1d5bd6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a036fc1c-0834-4087-8199-4bc919d37369&tw_document_href=https%3A%2F%2Fget.adobe.com%2Freader%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1w4k&type=javascript&version=2.3.29 HTTP/2.0
host: t.co
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 25 Apr 2023 18:48:51 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=2e8015ba-48fe-4bf3-8c33-d08371071273; Max-Age=63072000; Expires=Thu, 24 Apr 2025 18:48:51 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: d6546109df033597
strict-transport-security: max-age=0
x-response-time: 116
x-connection-hash: c720d7ff5aff5c49c005d9b189318e2fd3934ed6a629dd1277690e69c4edbc68
DNS

googleads.g.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN A

Response

googleads.g.doubleclick.net

IN A

142.251.36.34
DNS

cdn.linkedin.oribi.io

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn.linkedin.oribi.io

IN A

Response

cdn.linkedin.oribi.io

IN CNAME

d1ni990a184w7d.cloudfront.net

d1ni990a184w7d.cloudfront.net

IN A

52.222.139.95

d1ni990a184w7d.cloudfront.net

IN A

52.222.139.81

d1ni990a184w7d.cloudfront.net

IN A

52.222.139.9

d1ni990a184w7d.cloudfront.net

IN A

52.222.139.92
DNS

px.ads.linkedin.com

chrome.exe

Remote address:

8.8.8.8:53

Request

px.ads.linkedin.com

IN A

Response

px.ads.linkedin.com

IN CNAME

www.linkedin.com

www.linkedin.com

IN CNAME

www-linkedin-com.l-0005.l-msedge.net

www-linkedin-com.l-0005.l-msedge.net

IN CNAME

l-0005.l-msedge.net

l-0005.l-msedge.net

IN A

13.107.42.14
DNS

px.ads.linkedin.com

chrome.exe

Remote address:

8.8.8.8:53

Request

px.ads.linkedin.com

IN A

Response

px.ads.linkedin.com

IN CNAME

www.linkedin.com

www.linkedin.com

IN CNAME

www-linkedin-com.l-0005.l-msedge.net

www-linkedin-com.l-0005.l-msedge.net

IN CNAME

l-0005.l-msedge.net

l-0005.l-msedge.net

IN A

13.107.42.14
GET

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/987390658/?random=1682455729830&cv=11&fst=1682455729830&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1280&u_h=720&url=https%3A%2F%2Fget.adobe.com%2Freader%2F&hn=www.googleadservices.com&frm=0&tiba=Adobe%20-%20Adobe%20Acrobat%20Reader%20DC%20Download%20%7C%20Free%20PDF%20viewer%20for%20Windows%2C%20Mac%20OS%2C%20Android&auid=149374275.1682455730&data=event%3Dgtag.config&rfmt=3&fmt=4

chrome.exe

Remote address:

142.251.36.34:443

Request

GET /pagead/viewthroughconversion/987390658/?random=1682455729830&cv=11&fst=1682455729830&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1280&u_h=720&url=https%3A%2F%2Fget.adobe.com%2Freader%2F&hn=www.googleadservices.com&frm=0&tiba=Adobe%20-%20Adobe%20Acrobat%20Reader%20DC%20Download%20%7C%20Free%20PDF%20viewer%20for%20Windows%2C%20Mac%20OS%2C%20Android&auid=149374275.1682455730&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/2.0
host: googleads.g.doubleclick.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

sc-static.net

chrome.exe

Remote address:

8.8.8.8:53

Request

sc-static.net

IN A

Response

sc-static.net

IN A

143.204.207.250
GET

https://cdn.linkedin.oribi.io/partner/872/domain/get.adobe.com/token

chrome.exe

Remote address:

52.222.139.95:443

Request

GET /partner/872/domain/get.adobe.com/token HTTP/2.0
host: cdn.linkedin.oribi.io
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
accept: *
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
origin: https://get.adobe.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
date: Tue, 25 Apr 2023 18:41:18 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 26102629399121e9a9caaf60dcb59d4e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: hiXPY6jf8cIpbNUqojg_ZYPBXDI6tN6hhYkChJm7h5CcLa3et5FMXQ==
age: 453
DNS

servedby.flashtalking.com

chrome.exe

Remote address:

8.8.8.8:53

Request

servedby.flashtalking.com

IN A

Response

servedby.flashtalking.com

IN CNAME

servedby.flashtalking.com-v1.edgekey.net

servedby.flashtalking.com-v1.edgekey.net

IN CNAME

e4751.b.akamaiedge.net

e4751.b.akamaiedge.net

IN A

23.52.234.66
DNS

analytics.tiktok.com

chrome.exe

Remote address:

8.8.8.8:53

Request

analytics.tiktok.com

IN A

Response

analytics.tiktok.com

IN CNAME

analytics.tiktok.com.bytewlb.akadns.net

analytics.tiktok.com.bytewlb.akadns.net

IN CNAME

e35058.api14.akamaiedge.net

e35058.api14.akamaiedge.net

IN A

95.101.74.153

e35058.api14.akamaiedge.net

IN A

95.101.74.137

e35058.api14.akamaiedge.net

IN A

95.101.74.154

e35058.api14.akamaiedge.net

IN A

95.101.74.140

e35058.api14.akamaiedge.net

IN A

95.101.74.145

e35058.api14.akamaiedge.net

IN A

95.101.74.142

e35058.api14.akamaiedge.net

IN A

95.101.74.132

e35058.api14.akamaiedge.net

IN A

95.101.74.162

e35058.api14.akamaiedge.net

IN A

95.101.74.144
DNS

connect.facebook.net

chrome.exe

Remote address:

8.8.8.8:53

Request

connect.facebook.net

IN A

Response

connect.facebook.net

IN CNAME

scontent.xx.fbcdn.net

scontent.xx.fbcdn.net

IN A

157.240.201.15
DNS

pt.ispot.tv

chrome.exe

Remote address:

8.8.8.8:53

Request

pt.ispot.tv

IN A

Response

pt.ispot.tv

IN CNAME

j.sni.global.fastly.net

j.sni.global.fastly.net

IN A

151.101.2.132

j.sni.global.fastly.net

IN A

151.101.66.132

j.sni.global.fastly.net

IN A

151.101.130.132

j.sni.global.fastly.net

IN A

151.101.194.132
GET

https://sc-static.net/scevent.min.js

chrome.exe

Remote address:

143.204.207.250:443

Request

GET /scevent.min.js HTTP/2.0
host: sc-static.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 13611
server: CloudFront
date: Tue, 25 Apr 2023 18:48:51 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Wed, 26 Apr 2023 18:12:23 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: c-ahZuGdqalEb8qsr3ZQylOExEyxOEagudMfLxClhDUSrotZcreoMA==
GET

https://sc-static.net/scevent.min.js

chrome.exe

Remote address:

143.204.207.250:443

Request

GET /scevent.min.js HTTP/2.0
host: sc-static.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://tr.snapchat.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: X-AB=0d6e407936704bd380072f5891d28b0e

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 13611
server: CloudFront
date: Tue, 25 Apr 2023 16:44:35 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: public, s-maxage=86400, max-age=600
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
via: 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: aUoibs8esrODpTc7VleKQUgZNscuQsRxQqaHCwjuqLntiN_CuD5FuQ==
age: 7457
GET

https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=&U2=&U3=77506226066547817042189618079266615231&U4=get.adobe.com:reader&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fget.adobe.com%2Freader%2F&ns=&cb=880078.0920389581

chrome.exe

Remote address:

23.52.234.66:443

Request

GET /container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=&U2=&U3=77506226066547817042189618079266615231&U4=get.adobe.com:reader&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fget.adobe.com%2Freader%2F&ns=&cb=880078.0920389581 HTTP/1.1
Host: servedby.flashtalking.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://get.adobe.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/html
Server: prod-xre-app12.lhr11
Content-Encoding: gzip
Expires: Tue, 25 Apr 2023 18:48:51 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Apr 2023 18:48:51 GMT
Content-Length: 4247
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=86400
GET

https://servedby.flashtalking.com/spot/8/13539;102584;10307/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=&U2=&U3=77506226066547817042189618079266615231&U4=get.adobe.com:reader&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fget.adobe.com%2Freader%2F&ns=&cb=880078.0920389581&ft_trackID=16824485-3156-0726-62E1-4887C8118724

chrome.exe

Remote address:

23.52.234.66:443

Request

GET /spot/8/13539;102584;10307/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=&U2=&U3=77506226066547817042189618079266615231&U4=get.adobe.com:reader&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fget.adobe.com%2Freader%2F&ns=&cb=880078.0920389581&ft_trackID=16824485-3156-0726-62E1-4887C8118724 HTTP/1.1
Host: servedby.flashtalking.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=&U2=&U3=77506226066547817042189618079266615231&U4=get.adobe.com:reader&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fget.adobe.com%2Freader%2F&ns=&cb=880078.0920389581
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: image/gif
Content-Length: 42
Server: prod-xre-app9.lhr11
Expires: Tue, 25 Apr 2023 18:48:51 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Apr 2023 18:48:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400
GET

https://servedby.flashtalking.com/segment/2/read/a;;pixel/?s=10307&d=get.adobe.com&r=reader/

chrome.exe

Remote address:

23.52.234.66:443

Request

GET /segment/2/read/a;;pixel/?s=10307&d=get.adobe.com&r=reader/ HTTP/1.1
Host: servedby.flashtalking.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=&U2=&U3=77506226066547817042189618079266615231&U4=get.adobe.com:reader&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fget.adobe.com%2Freader%2F&ns=&cb=880078.0920389581
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: image/gif
Content-Length: 42
Server: prod-xre-app10.lhr11
Expires: Tue, 25 Apr 2023 18:48:52 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Apr 2023 18:48:52 GMT
Connection: keep-alive
Set-Cookie: flashtalkingad1="GUID=559360EF70825E";Comment="Flashtalking Cookie";Path=/;Domain=.flashtalking.com;Expires=Thu, 24-Apr-2025 18:48:52 GMT;SameSite=None;Secure
Strict-Transport-Security: max-age=86400
GET

https://servedby.flashtalking.com/segment/modify/afr5;;pixel/?name=CC_Video_Plans_Viewer

chrome.exe

Remote address:

23.52.234.66:443

Request

GET /segment/modify/afr5;;pixel/?name=CC_Video_Plans_Viewer HTTP/1.1
Host: servedby.flashtalking.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=&U2=&U3=77506226066547817042189618079266615231&U4=get.adobe.com:reader&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fget.adobe.com%2Freader%2F&ns=&cb=880078.0920389581
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: flashtalkingad1="GUID=559360EF70825E"

Response

HTTP/1.1 200 OK

Content-Type: image/gif
Content-Length: 42
Server: prod-xre-app5.lhr11
Expires: Tue, 25 Apr 2023 18:48:52 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Apr 2023 18:48:52 GMT
Connection: keep-alive
Set-Cookie: flashtalkingad1="GUID=559360EF70825E|segment=(afr5)";Comment="Flashtalking Cookie";Path=/;Domain=.flashtalking.com;Expires=Thu, 24-Apr-2025 18:48:52 GMT;SameSite=None;Secure
Strict-Transport-Security: max-age=86400
GET

https://servedby.flashtalking.com/track/102584;10307;403;16824485-3156-0726-62E1-4887C8118724/?ft_data=d9:440dc35036094842a9411333e10fedd8;d9s:440dc35036094842a9411333e10fedd8&cachebuster=403969.5280132576

chrome.exe

Remote address:

23.52.234.66:443

Request

GET /track/102584;10307;403;16824485-3156-0726-62E1-4887C8118724/?ft_data=d9:440dc35036094842a9411333e10fedd8;d9s:440dc35036094842a9411333e10fedd8&cachebuster=403969.5280132576 HTTP/1.1
Host: servedby.flashtalking.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=&U2=&U3=77506226066547817042189618079266615231&U4=get.adobe.com:reader&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fget.adobe.com%2Freader%2F&ns=&cb=880078.0920389581
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: flashtalkingad1="GUID=559360EF70825E|segment=(afr5)"; _D9J=f87d010f33744ae69674f7b7cfcfe1d6

Response

HTTP/1.1 200 OK

Content-Type: image/gif
Content-Length: 42
Server: prod-xre-app17.lhr11
Expires: Tue, 25 Apr 2023 18:48:53 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Apr 2023 18:48:53 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400
GET

https://pt.ispot.tv/v2/TC-4078-1.gif?app=web&type=visit&cid=77506226066547817042189618079266615231&uid=&refid=

chrome.exe

Remote address:

151.101.2.132:443

Request

GET /v2/TC-4078-1.gif?app=web&type=visit&cid=77506226066547817042189618079266615231&uid=&refid= HTTP/2.0
host: pt.ispot.tv
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/gif
accept-ranges: bytes
date: Tue, 25 Apr 2023 18:48:51 GMT
set-cookie: pt=v2:2ecfa72e76b2638e921940be458fb0890bad09af2a03bec4bbc51f74d3cf4b96|3ad9d4895432026fdcf5e47b34e26fb52ea29fd88201ecaced44bbfee6c424af; Domain=ispot.tv; Path=/; Expires=Thu, 24 Apr 2025 18:48:51 GMT; SameSite=None; Secure
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
content-length: 43
GET

https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3B6I6D63S9JQHUOKGCG&lib=ttq

chrome.exe

Remote address:

95.101.74.153:443

Request

GET /i18n/pixel/events.js?sdkid=C3B6I6D63S9JQHUOKGCG&lib=ttq HTTP/2.0
host: analytics.tiktok.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20230425184851604FFCEB10D4CF81EAE6
server-timing: inner; dur=3
x-tt-trace-host: 01d7f5f657610118f8a11f733759fffe61bf04f9407ae63d8ad56cf28444fec48999c735c2cf9f5dbaf9aa95c1b0f9625740e3652d795685d3d7e19f8aab7419bb67352553cfcdfcf3342aa5e47c4b9e8aee7b29cca10c3db8a21f180347cad051
content-encoding: gzip
expires: Tue, 25 Apr 2023 18:48:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 25 Apr 2023 18:48:51 GMT
content-length: 1225
x-cache: TCP_MISS from a92-123-71-153.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
set-cookie: _ttp=2Ovkddkfw6qE7SaA2GRauTVjOi9; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=98
x-origin-response-time: 98,92.123.71.153
x-akamai-request-id: 2360237b
GET

https://analytics.tiktok.com/i18n/pixel/static/main.MTYwYzA3NDgwMQ.js

chrome.exe

Remote address:

95.101.74.153:443

Request

GET /i18n/pixel/static/main.MTYwYzA3NDgwMQ.js HTTP/2.0
host: analytics.tiktok.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ttp=2Ovkddkfw6qE7SaA2GRauTVjOi9

Response

HTTP/2.0 200

server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 2023042512310178BEF63FE164D3DBE4D5
x-tt-trace-host: 016eca3a92db5b70425bf776a9a38e6ac2a9348c364602deffb47394697c42c0917c9c5ca9279371cb3db38ff71990b37ffece8a77b793d1f2c434f8b2a329cfaf5e7726233784f7e14cd1b291d60a26bb45556ffdb37d1bbcc0adcd6e3cc99fa4
content-encoding: gzip
content-length: 69399
date: Tue, 25 Apr 2023 18:48:52 GMT
x-cache: TCP_MEM_HIT from a92-123-71-153.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0
server-timing: inner; dur=3
x-akamai-request-id: 23602b16
GET

https://analytics.tiktok.com/i18n/pixel/static/identify_79a0c.js

chrome.exe

Remote address:

95.101.74.153:443

Request

GET /i18n/pixel/static/identify_79a0c.js HTTP/2.0
host: analytics.tiktok.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ttp=2Ovkddkfw6qE7SaA2GRauTVjOi9

Response

HTTP/2.0 200

server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 2023042512310161024E64B43B2AAD300D
x-tt-trace-host: 016eca3a92db5b70425bf776a9a38e6ac2a9348c364602deffb47394697c42c091844a6032694e9765741d8cd190bf7fda6df57f1376bed87a3c9384746b1325ec9ed534e87aea1911321b524a8667694711f8288670e5d167e8d1e02e77806293
content-encoding: gzip
content-length: 30845
date: Tue, 25 Apr 2023 18:48:52 GMT
x-cache: TCP_MEM_HIT from a92-123-71-153.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0
server-timing: inner; dur=12
x-akamai-request-id: 23602cb0
POST

https://analytics.tiktok.com/api/v2/pixel

chrome.exe

Remote address:

95.101.74.153:443

Request

POST /api/v2/pixel HTTP/2.0
host: analytics.tiktok.com
content-length: 815
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://get.adobe.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ttp=2Ovkddkfw6qE7SaA2GRauTVjOi9

Response

HTTP/2.0 200

server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20230425184852E84B057B3C1C5DCE4D9B
x-tt-trace-host: 01d7f5f657610118f8a11f733759fffe61947bff8e4a1160e6dc5efa9a42a4c04d432c40eb82eb05c3f3723b27d2ed591eaaf6eb2a8ffa2e83a5cf7bc9ceff040e939625bb7a6ae726e2697e8b7b072c3822e02fd066715d59c640dd2c7cb2c4a2cf2549c7600d89ebc8b3a5f337146634
x-origin-response-time: 37,23.194.131.86
x-akamai-request-id: 5502b1d0.23602f1e
expires: Tue, 25 Apr 2023 18:48:52 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 25 Apr 2023 18:48:52 GMT
x-cache: TCP_MISS from a92-123-71-153.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-cache-remote: TCP_MISS from a23-194-131-86.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=37
server-timing: inner; dur=29
x-parent-response-time: 127,92.123.71.153
DNS

apps.identrust.com

chrome.exe

Remote address:

8.8.8.8:53

Request

apps.identrust.com

IN A

Response

apps.identrust.com

IN CNAME

identrust.edgesuite.net

identrust.edgesuite.net

IN CNAME

a1952.dscq.akamai.net

a1952.dscq.akamai.net

IN A

88.221.25.169

a1952.dscq.akamai.net

IN A

88.221.25.153
GET

http://apps.identrust.com/roots/dstrootcax3.p7c

chrome.exe

Remote address:

88.221.25.169:80

Request

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: apps.identrust.com

Response

HTTP/1.1 200 OK

X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' *.identrust.com
Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT
ETag: "37d-5f433188daa00"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Tue, 25 Apr 2023 19:48:51 GMT
Date: Tue, 25 Apr 2023 18:48:51 GMT
Connection: keep-alive
DNS

6.86.9.65.in-addr.arpa

Remote address:

8.8.8.8:53

Request

6.86.9.65.in-addr.arpa

IN PTR

Response

6.86.9.65.in-addr.arpa

IN PTR

server-65-9-86-6ams1r cloudfrontnet
DNS

160.62.140.63.in-addr.arpa

Remote address:

8.8.8.8:53

Request

160.62.140.63.in-addr.arpa

IN PTR

Response

160.62.140.63.in-addr.arpa

IN PTR

ip-63-140-62-160dataadobedcnet
DNS

90.248.93.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

90.248.93.104.in-addr.arpa

IN PTR

Response

90.248.93.104.in-addr.arpa

IN PTR

a104-93-248-90deploystaticakamaitechnologiescom
DNS

157.148.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

157.148.232.199.in-addr.arpa

IN PTR

Response
DNS

200.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.179.250.142.in-addr.arpa

IN PTR

Response

200.179.250.142.in-addr.arpa

IN PTR

ams15s42-in-f81e100net
DNS

200.197.79.204.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.197.79.204.in-addr.arpa

IN PTR

Response

200.197.79.204.in-addr.arpa

IN PTR

a-0001a-msedgenet
DNS

144.238.32.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

144.238.32.23.in-addr.arpa

IN PTR

Response

144.238.32.23.in-addr.arpa

IN PTR

a23-32-238-144deploystaticakamaitechnologiescom
DNS

144.238.32.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

144.238.32.23.in-addr.arpa

IN PTR

Response

144.238.32.23.in-addr.arpa

IN PTR

a23-32-238-144deploystaticakamaitechnologiescom
DNS

236.115.208.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

236.115.208.52.in-addr.arpa

IN PTR

Response

236.115.208.52.in-addr.arpa

IN PTR

ec2-52-208-115-236 eu-west-1compute amazonawscom
DNS

202.168.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.168.217.172.in-addr.arpa

IN PTR

Response

202.168.217.172.in-addr.arpa

IN PTR

ams16s32-in-f101e100net
DNS

131.42.244.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

131.42.244.104.in-addr.arpa

IN PTR

Response
DNS

131.42.244.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

131.42.244.104.in-addr.arpa

IN PTR

Response
DNS

5.42.244.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

5.42.244.104.in-addr.arpa

IN PTR

Response
DNS

5.42.244.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

5.42.244.104.in-addr.arpa

IN PTR

Response
DNS

49.2.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

49.2.101.151.in-addr.arpa

IN PTR

Response
DNS

112.211.227.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

112.211.227.13.in-addr.arpa

IN PTR

Response

112.211.227.13.in-addr.arpa

IN PTR

server-13-227-211-112ams54r cloudfrontnet
DNS

34.36.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

34.36.251.142.in-addr.arpa

IN PTR

Response

34.36.251.142.in-addr.arpa

IN PTR

ams17s12-in-f21e100net
DNS

226.21.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

226.21.18.104.in-addr.arpa

IN PTR

Response
DNS

95.139.222.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.139.222.52.in-addr.arpa

IN PTR

Response

95.139.222.52.in-addr.arpa

IN PTR

server-52-222-139-95ams50r cloudfrontnet
DNS

14.42.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.42.107.13.in-addr.arpa

IN PTR

Response
DNS

250.207.204.143.in-addr.arpa

Remote address:

8.8.8.8:53

Request

250.207.204.143.in-addr.arpa

IN PTR

Response

250.207.204.143.in-addr.arpa

IN PTR

server-143-204-207-250fra53r cloudfrontnet
DNS

15.201.240.157.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.201.240.157.in-addr.arpa

IN PTR

Response

15.201.240.157.in-addr.arpa

IN PTR

xx-fbcdn-shv-01-ams4fbcdnnet
DNS

9212252.fls.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

9212252.fls.doubleclick.net

IN A

Response

9212252.fls.doubleclick.net

IN CNAME

dart.l.doubleclick.net

dart.l.doubleclick.net

IN A

142.250.179.134
DNS

132.2.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

132.2.101.151.in-addr.arpa

IN PTR

Response
DNS

153.74.101.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

153.74.101.95.in-addr.arpa

IN PTR

Response

153.74.101.95.in-addr.arpa

IN PTR

a95-101-74-153deploystaticakamaitechnologiescom
DNS

66.234.52.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

66.234.52.23.in-addr.arpa

IN PTR

Response

66.234.52.23.in-addr.arpa

IN PTR

a23-52-234-66deploystaticakamaitechnologiescom
DNS

169.25.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

169.25.221.88.in-addr.arpa

IN PTR

Response

169.25.221.88.in-addr.arpa

IN PTR

a88-221-25-169deploystaticakamaitechnologiescom
GET

https://9212252.fls.doubleclick.net/activityi;src=9212252;type=invmedia;cat=gtag_004;ord=7251762661672;gtm=45fe34j0;auiddc=149374275.1682455730;~oref=https%3A%2F%2Fget.adobe.com%2Freader%2F?

chrome.exe

Remote address:

142.250.179.134:443

Request

GET /activityi;src=9212252;type=invmedia;cat=gtag_004;ord=7251762661672;gtm=45fe34j0;auiddc=149374275.1682455730;~oref=https%3A%2F%2Fget.adobe.com%2Freader%2F? HTTP/2.0
host: 9212252.fls.doubleclick.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUl_Xd8m15FxCJ_pBnQtX8i6M-BGVpDSgZnai9CP5WM_ifQRZVBBqCYuoctd
DNS

d9.flashtalking.com

chrome.exe

Remote address:

8.8.8.8:53

Request

d9.flashtalking.com

IN A

Response

d9.flashtalking.com

IN CNAME

ft.device9.com

ft.device9.com

IN CNAME

tag.device9.com

tag.device9.com

IN A

3.1.142.107

tag.device9.com

IN A

52.74.113.163

tag.device9.com

IN A

52.220.156.180

tag.device9.com

IN A

18.143.97.149
DNS

tr.snapchat.com

chrome.exe

Remote address:

8.8.8.8:53

Request

tr.snapchat.com

IN A

Response

tr.snapchat.com

IN CNAME

gcp.api.snapchat.com

gcp.api.snapchat.com

IN CNAME

gcp.api.sc-gw.com

gcp.api.sc-gw.com

IN A

35.190.43.134
GET

https://tr.snapchat.com/config/com/93f19646-2418-418d-98af-f244ebb7c1cc.js

chrome.exe

Remote address:

35.190.43.134:443

Request

GET /config/com/93f19646-2418-418d-98af-f244ebb7c1cc.js HTTP/2.0
host: tr.snapchat.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://get.adobe.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://tr.snapchat.com/cm/i?pid=93f19646-2418-418d-98af-f244ebb7c1cc&u_scsid=da6d931b-6a1d-4a9f-81ed-57a81ee13639&u_sclid=1f4cabbf-743b-4375-8f03-26068e19b8dc

chrome.exe

Remote address:

35.190.43.134:443

Request

GET /cm/i?pid=93f19646-2418-418d-98af-f244ebb7c1cc&u_scsid=da6d931b-6a1d-4a9f-81ed-57a81ee13639&u_sclid=1f4cabbf-743b-4375-8f03-26068e19b8dc HTTP/2.0
host: tr.snapchat.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://tr.snapchat.com/p

chrome.exe

Remote address:

35.190.43.134:443

Request

POST /p HTTP/2.0
host: tr.snapchat.com
content-length: 394
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
origin: https://get.adobe.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

www.linkedin.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.linkedin.com

IN A

Response

www.linkedin.com

IN CNAME

www-linkedin-com.l-0005.l-msedge.net

www-linkedin-com.l-0005.l-msedge.net

IN CNAME

l-0005.l-msedge.net

l-0005.l-msedge.net

IN A

13.107.42.14
DNS

www.facebook.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN A

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN A

157.240.221.35
DNS

pixel.tapad.com

chrome.exe

Remote address:

8.8.8.8:53

Request

pixel.tapad.com

IN A

Response

pixel.tapad.com

IN A

34.111.113.62
DNS

134.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

134.179.250.142.in-addr.arpa

IN PTR

Response

134.179.250.142.in-addr.arpa

IN PTR

ams17s10-in-f61e100net
DNS

134.43.190.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

134.43.190.35.in-addr.arpa

IN PTR

Response

134.43.190.35.in-addr.arpa

IN PTR

1344319035bcgoogleusercontentcom
DNS

196.168.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.168.217.172.in-addr.arpa

IN PTR

Response

196.168.217.172.in-addr.arpa

IN PTR

ams16s32-in-f41e100net
DNS

107.142.1.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

107.142.1.3.in-addr.arpa

IN PTR

Response

107.142.1.3.in-addr.arpa

IN PTR

ec2-3-1-142-107ap-southeast-1compute amazonawscom
DNS

35.221.240.157.in-addr.arpa

Remote address:

8.8.8.8:53

Request

35.221.240.157.in-addr.arpa

IN PTR

Response

35.221.240.157.in-addr.arpa

IN PTR

edge-star-mini-shv-01-lhr8facebookcom
DNS

2.36.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.36.251.142.in-addr.arpa

IN PTR

Response

2.36.251.142.in-addr.arpa

IN PTR

ams15s44-in-f21e100net
GET

https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1682442154449%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D

chrome.exe

Remote address:

34.111.113.62:443

Request

GET /idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1682442154449%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP/2.0
host: pixel.tapad.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://tr.snapchat.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

130.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

130.179.250.142.in-addr.arpa

IN PTR

Response

130.179.250.142.in-addr.arpa

IN PTR

ams17s10-in-f21e100net
DNS

adobe.tt.omtrdc.net

chrome.exe

Remote address:

8.8.8.8:53

Request

adobe.tt.omtrdc.net

IN A

Response

adobe.tt.omtrdc.net

IN CNAME

adobetarget.data.adobedc.net

adobetarget.data.adobedc.net

IN A

66.235.152.107

adobetarget.data.adobedc.net

IN A

66.235.152.143

adobetarget.data.adobedc.net

IN A

66.235.152.113

adobetarget.data.adobedc.net

IN A

66.235.152.152

adobetarget.data.adobedc.net

IN A

66.235.152.115

adobetarget.data.adobedc.net

IN A

66.235.152.126
POST

https://adobe.tt.omtrdc.net/rest/v1/delivery?client=adobe&sessionId=c72ac9fd7eba4fe191ffce8b20751966&version=2.7.0

chrome.exe

Remote address:

66.235.152.107:443

Request

POST /rest/v1/delivery?client=adobe&sessionId=c72ac9fd7eba4fe191ffce8b20751966&version=2.7.0 HTTP/2.0
host: adobe.tt.omtrdc.net
content-length: 1343
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
accept: */*
origin: https://get.adobe.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://get.adobe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 25 Apr 2023 18:48:53 GMT
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
access-control-allow-origin: https://get.adobe.com
access-control-allow-credentials: true
x-request-id: a4335876-f6e9-452c-ad1b-1f141d81faa0
timing-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
server: jag
DNS

62.113.111.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

62.113.111.34.in-addr.arpa

IN PTR

Response

62.113.111.34.in-addr.arpa

IN PTR

6211311134bcgoogleusercontentcom
DNS

107.152.235.66.in-addr.arpa

Remote address:

8.8.8.8:53

Request

107.152.235.66.in-addr.arpa

IN PTR

Response

107.152.235.66.in-addr.arpa

IN PTR

ip-66-235-152-107dataadobedcnet
DNS

clients2.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

clients2.google.com

IN A

Response

clients2.google.com

IN CNAME

clients.l.google.com

clients.l.google.com

IN A

142.251.36.46
DNS

clients2.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

clients2.google.com

IN A

Response

clients2.google.com

IN CNAME

clients.l.google.com

clients.l.google.com

IN A

142.251.36.46
GET

https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=106.0.5249.119&lang=en-US&acceptformat=crx3&x=id%3Dghbmnnjooekpmoecnnnilnnbdlolhkhi%26v%3D1.58.4%26installsource%3Dnotfromwebstore%26installedby%3Dexternal%26uc%26ping%3Dr%253D64%2526e%253D1&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D1.0.0.6%26installsource%3Dnotfromwebstore%26installedby%3Dother%26uc%26ping%3Dr%253D64%2526e%253D1

chrome.exe

Remote address:

142.251.36.46:443

Request

GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=106.0.5249.119&lang=en-US&acceptformat=crx3&x=id%3Dghbmnnjooekpmoecnnnilnnbdlolhkhi%26v%3D1.58.4%26installsource%3Dnotfromwebstore%26installedby%3Dexternal%26uc%26ping%3Dr%253D64%2526e%253D1&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D1.0.0.6%26installsource%3Dnotfromwebstore%26installedby%3Dother%26uc%26ping%3Dr%253D64%2526e%253D1 HTTP/2.0
host: clients2.google.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

46.36.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

46.36.251.142.in-addr.arpa

IN PTR

Response

46.36.251.142.in-addr.arpa

IN PTR

ams17s12-in-f141e100net
DNS

documentcloud.adobe.com

chrome.exe

Remote address:

8.8.8.8:53

Request

documentcloud.adobe.com

IN A

Response

documentcloud.adobe.com

IN CNAME

documentcloud.adobe.com.i.edgekey.net

documentcloud.adobe.com.i.edgekey.net

IN CNAME

e29329.dsca.akamaiedge.net

e29329.dsca.akamaiedge.net

IN A

95.101.74.158

e29329.dsca.akamaiedge.net

IN A

95.101.74.152
DNS

154.239.44.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.239.44.20.in-addr.arpa

IN PTR

Response
DNS

86.23.85.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

86.23.85.13.in-addr.arpa

IN PTR

Response
DNS

45.8.109.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

45.8.109.52.in-addr.arpa

IN PTR

Response

167.89.123.124:80

links.notification.intuit.com

chrome.exe

236 B
184 B
5
4
167.89.123.124:80

http://links.notification.intuit.com/ls/click?upn=n1D1vNUf2DDfuFJ7P-2Bs2FOjggKQQ40p0FkC-2Bz2D1trTjUxBswHbIwXnSGdD95YX6-2B4N1701lJdBFYH3-2BiUm8cg-3D-3DO483_kPF3YZJB72H-2FaRDalFfzG5Baq4wPUyBHzafPaHBjtkD5DNNxDxjMRCe7gaaAguvDei2UfdQaP8Uq7Lk3NQHJfqBtHMQtHTjS-2FHq2Qg-2FcwdizHoX4Fh-2B9j2oQLghQBw6DPk8Ydp89aEdJZWPFwgJ6ZZWnRXl6j26F7kUWZnppd9cX5X9-2BuVrkKV7flemlPGaj7Cz5sXW5OdeELoly5M-2By6Wy-2FuH9jAWQAxYPHae3V-2Fb-2BLdgRmT-2FQjQBvU-2BJYgoRZBLAx9kB6jxHoODHUBfq4LtlZxIzCIoecX2V5IQc6SsCShYT4QsgK4q9PKcSQLC9xnfMUiW4MBX8VcbbMl7lmYiPAP7-2FDeuQvYv8h-2BscanYrscSUFsAtlnjz47gnn9rhVg7HLxv0PI-2BuShTN-2BIn5-2FFkQCft8ZwAir7XhrDy5BmTAlkaS7kJQ1jVrqFeMszLXk6u99AdESOWfgavWT-2FjnMsXdWVMwlRI7RP3gtMU1m-2Bi01rFJWAhQDE7dYdPMaVZDXi2Ipho3pPx6Xu4ateW0t6sXdOMLzy1ROzYRRFYtayJ6QA11-2Fby87EarJD9CZc104dUstiqPdH8L-2FwgSzFrMxNTMFmIDcsJK74hzdheUPqPwaXZVICF5GVixJ-2F8GJW3lk1FKZYOFCFgMueKuxV-2FcJ-2F9cn1VMZ8zFxEEhvA3iUoeiI-3D

http

chrome.exe

1.6kB
594 B
7
6

HTTP Request

GET http://links.notification.intuit.com/ls/click?upn=n1D1vNUf2DDfuFJ7P-2Bs2FOjggKQQ40p0FkC-2Bz2D1trTjUxBswHbIwXnSGdD95YX6-2B4N1701lJdBFYH3-2BiUm8cg-3D-3DO483_kPF3YZJB72H-2FaRDalFfzG5Baq4wPUyBHzafPaHBjtkD5DNNxDxjMRCe7gaaAguvDei2UfdQaP8Uq7Lk3NQHJfqBtHMQtHTjS-2FHq2Qg-2FcwdizHoX4Fh-2B9j2oQLghQBw6DPk8Ydp89aEdJZWPFwgJ6ZZWnRXl6j26F7kUWZnppd9cX5X9-2BuVrkKV7flemlPGaj7Cz5sXW5OdeELoly5M-2By6Wy-2FuH9jAWQAxYPHae3V-2Fb-2BLdgRmT-2FQjQBvU-2BJYgoRZBLAx9kB6jxHoODHUBfq4LtlZxIzCIoecX2V5IQc6SsCShYT4QsgK4q9PKcSQLC9xnfMUiW4MBX8VcbbMl7lmYiPAP7-2FDeuQvYv8h-2BscanYrscSUFsAtlnjz47gnn9rhVg7HLxv0PI-2BuShTN-2BIn5-2FFkQCft8ZwAir7XhrDy5BmTAlkaS7kJQ1jVrqFeMszLXk6u99AdESOWfgavWT-2FjnMsXdWVMwlRI7RP3gtMU1m-2Bi01rFJWAhQDE7dYdPMaVZDXi2Ipho3pPx6Xu4ateW0t6sXdOMLzy1ROzYRRFYtayJ6QA11-2Fby87EarJD9CZc104dUstiqPdH8L-2FwgSzFrMxNTMFmIDcsJK74hzdheUPqPwaXZVICF5GVixJ-2F8GJW3lk1FKZYOFCFgMueKuxV-2FcJ-2F9cn1VMZ8zFxEEhvA3iUoeiI-3D

HTTP Response

302
23.72.252.168:80

http://www.adobe.com/products/acrobat/readstep2.html

http

chrome.exe

971 B
833 B
11
10

HTTP Request

GET http://www.adobe.com/products/acrobat/readstep2.html

HTTP Response

301
23.72.252.168:443

https://www.adobe.com/marketingtech/main.min.js

tls, http2

chrome.exe

3.1kB
24.3kB
29
41

HTTP Request

GET https://www.adobe.com/products/acrobat/readstep2.html

HTTP Response

301

HTTP Request

GET https://www.adobe.com/etc.clientlibs/globalnav/clientlibs/base/privacy-standalone.js

HTTP Response

200

HTTP Request

GET https://www.adobe.com/marketingtech/main.min.js

HTTP Response

200
95.101.74.158:443

https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.7-55c7e49a/ViewSDKInterface.js

tls, http2

chrome.exe

12.5kB
308.3kB
174
280

HTTP Request

GET https://get.adobe.com/reader/

HTTP Response

200

HTTP Request

GET https://get.adobe.com/reader/02d21ee/9669.js

HTTP Response

200

HTTP Request

GET https://get.adobe.com/reader/02d21ee/5666.js

HTTP Response

200

HTTP Request

GET https://get.adobe.com/reader/02d21ee/1713.js

HTTP Response

200

HTTP Request

GET https://get.adobe.com/reader/02d21ee/990.js

HTTP Request

GET https://get.adobe.com/reader/02d21ee/3556.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://get.adobe.com/reader/02d21ee/4800.js

HTTP Request

GET https://get.adobe.com/reader/02d21ee/7678.js

HTTP Request

GET https://get.adobe.com/reader/02d21ee/2822.js

HTTP Request

GET https://get.adobe.com/reader/02d21ee/1335.js

HTTP Request

GET https://get.adobe.com/reader/02d21ee/index.js

HTTP Request

GET https://get.adobe.com/reader/02d21ee/bootstrap.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://get.adobe.com/reader/02d21ee/t4.js

HTTP Response

200

HTTP Request

GET https://get.adobe.com/reader/02d21ee/2594.js

HTTP Response

200

HTTP Request

GET https://get.adobe.com/reader/02d21ee/images/adobe_logo_header.svg

HTTP Request

GET https://get.adobe.com/reader/02d21ee/images/globe.svg

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://get.adobe.com/reader/02d21ee/images/adobe_logo.png

HTTP Request

GET https://get.adobe.com/reader/02d21ee/images/marquee_banner.svg

HTTP Request

GET https://get.adobe.com/reader/02d21ee/images/view_store.svg

HTTP Request

GET https://get.adobe.com/reader/02d21ee/images/fill_and_sign.svg

HTTP Request

GET https://get.adobe.com/reader/02d21ee/images/give_and_get_feedbacks.svg

HTTP Request

GET https://get.adobe.com/reader/02d21ee/images/work_from_anywhere.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://get.adobe.com/reader/favicon.ico

HTTP Response

200

HTTP Request

GET https://documentcloud.adobe.com/view-sdk/main.js

HTTP Response

200

HTTP Request

GET https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.7-55c7e49a/ViewSDKInterface.js

HTTP Response

200
23.32.239.67:443

https://use.typekit.net/bxf0ivf.js

tls, http2

chrome.exe

1.8kB
13.3kB
17
27

HTTP Request

GET https://use.typekit.net/bxf0ivf.js

HTTP Response

200
23.57.81.34:443

geo-dc.adobe.com

tls

chrome.exe

2.5kB
5.6kB
15
17
23.32.239.67:443

https://use.typekit.net/af/74ffb1/000000000000000000017702/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=i4&v=3

tls, http2

chrome.exe

7.7kB
246.5kB
128
198

HTTP Request

GET https://use.typekit.net/af/cb695f/000000000000000000017701/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n4&v=3

HTTP Request

GET https://use.typekit.net/af/4b3e87/000000000000000000017706/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n9&v=3

HTTP Request

GET https://use.typekit.net/af/a2527e/000000000000000000017704/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n8&v=3

HTTP Request

GET https://use.typekit.net/af/40207f/0000000000000000000176ff/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n3&v=3

HTTP Request

GET https://use.typekit.net/af/eaf09c/000000000000000000017703/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n7&v=3

HTTP Request

GET https://use.typekit.net/af/74ffb1/000000000000000000017702/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=i4&v=3

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
104.19.187.97:443

https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otCommonStyles.css

tls, http2

chrome.exe

6.8kB
235.3kB
112
195

HTTP Request

GET https://cdn.cookielaw.org/consent/7a5eb705-95ed-4cc4-a11d-0cc5760e93db-test/7a5eb705-95ed-4cc4-a11d-0cc5760e93db-test.json

HTTP Response

200

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

HTTP Response

200

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

HTTP Response

200

HTTP Request

GET https://cdn.cookielaw.org/consent/7a5eb705-95ed-4cc4-a11d-0cc5760e93db-test/27774061-ade1-4b76-8c5d-6bb00cee2b1c/en.json

HTTP Response

200

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otFlat.json

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otPcCenter.json

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otCommonStyles.css

HTTP Response

200

HTTP Response

200

HTTP Response

200
23.57.81.34:443

geo2.adobe.com

tls

chrome.exe

2.3kB
5.2kB
13
15
23.57.80.54:443

https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC39708cd022a14380ab0afbf947473bf7-file.min.js

tls, http2

chrome.exe

8.1kB
211.5kB
116
202

HTTP Request

GET https://assets.adobedtm.com/launch-EN919758db9a654a17bac7d184b99c4820.min.js

HTTP Response

200

HTTP Request

GET https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC89c6d3bd15f043db95a5a0a4b5cc9da0-file.min.js

HTTP Response

200

HTTP Request

GET https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC8b2fc74a3d60422a950baec834ba8202-file.min.js

HTTP Request

GET https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RCd685f8c6c09c43808ebe3d73ec90e0e1-file.min.js

HTTP Request

GET https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC6f46e43fa6d44dbeb45cc5801ffded0e-file.min.js

HTTP Request

GET https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC036830be72f242959c7b9ca66cef0c85-file.min.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC574c1470e8974562b88afc59e553c2ea-file.min.js

HTTP Response

200

HTTP Request

GET https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC1e99963244e0483ea9c5b2dfbd2f5aec-file.min.js

HTTP Request

GET https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RCd7cccdfd0d4548f8873da6591551519c-file.min.js

HTTP Request

GET https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RCd7a47a806f284c08ab0b45edd063ec1a-file.min.js

HTTP Request

GET https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RCe010b0bf1b2c48c0a4af01710fbbd56c-file.min.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/d6daeb7990ec/RC39708cd022a14380ab0afbf947473bf7-file.min.js

HTTP Response

200
23.72.252.139:443

https://wwwimages2.adobe.com/downloadcenter/singlepage/live/images/adchoices_icon.png

tls, http2

chrome.exe

2.3kB
6.0kB
17
21

HTTP Request

GET https://wwwimages2.adobe.com/downloadcenter/singlepage/live/images/adchoices_icon.png

HTTP Response

200
23.32.239.83:443

https://p.typekit.net/p.gif?s=1&k=bxf0ivf&ht=tk&h=get.adobe.com&f=7180.7181.7182.7184.7185.22474&a=19707152&js=1.21.0&app=typekit&e=js&_=1682455727534

tls, http2

chrome.exe

1.9kB
6.2kB
15
21

HTTP Request

GET https://p.typekit.net/p.gif?s=1&k=bxf0ivf&ht=tk&h=get.adobe.com&f=7180.7181.7182.7184.7185.22474&a=19707152&js=1.21.0&app=typekit&e=js&_=1682455727534

HTTP Response

200
34.241.45.41:443

dpm.demdex.net

tls

chrome.exe

4.9kB
11.6kB
21
18
44.227.222.81:443

mssplus.mcafee.com

tls

chrome.exe

1.9kB
7.9kB
17
21
23.222.54.47:443

https://www.mcafee.com/?1682455727930

tls, http2

chrome.exe

1.9kB
8.2kB
17
23

HTTP Request

HEAD https://www.mcafee.com/?1682455727930

HTTP Response

200
104.18.43.158:443

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

tls, http2

chrome.exe

1.9kB
3.8kB
17
16

HTTP Request

GET https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

HTTP Response

200
52.202.204.11:443

https://rdc.adobe.io/reader/products?lang=en&platformArch=64&site=landing&os=Windows%2010&preInstalled=mss%2Cmsc&country=NL&nativeOs=Windows%2010&api_key=dc-get-adobereader-cdn

tls, http

chrome.exe

2.9kB
7.7kB
20
22

HTTP Request

OPTIONS https://rdc.adobe.io/reader/products?lang=en&platformArch=64&site=landing&os=Windows%2010&preInstalled=mss%2Cmsc&country=NL&nativeOs=Windows%2010&api_key=dc-get-adobereader-cdn

HTTP Response

200

HTTP Request

GET https://rdc.adobe.io/reader/products?lang=en&platformArch=64&site=landing&os=Windows%2010&preInstalled=mss%2Cmsc&country=NL&nativeOs=Windows%2010&api_key=dc-get-adobereader-cdn

HTTP Response

200
63.140.62.164:443

https://sstats.adobe.com/ee/v1/collect?configId=275a1cc1-992e-4c14-b63a-c28ac0ccbf48&requestId=d1665713-fed2-4627-a84d-be3f9ffe7819

tls, http2

chrome.exe

28.1kB
6.5kB
35
27

HTTP Request

GET https://sstats.adobe.com/id?d_visid_ver=5.3.0&d_fieldgroup=A&mcorgid=9E1005A551ED61CA0A490D45%40AdobeOrg&mid=77506226066547817042189618079266615231&ts=1682455729028

HTTP Response

200

HTTP Request

POST https://sstats.adobe.com/b/ss/adbadobenonacdcprod,adbadobeprototype,adbacdcprod/1/JS-2.22.4-LDQM/s25326533895767

HTTP Response

200

HTTP Request

POST https://sstats.adobe.com/ee/v1/collect?configId=275a1cc1-992e-4c14-b63a-c28ac0ccbf48&requestId=d1665713-fed2-4627-a84d-be3f9ffe7819

HTTP Response

204
63.140.62.164:443

https://sstats.adobe.com/ee/v1/interact?configId=8d7bac14-04dd-47cb-9710-7d4b1358467a&requestId=d463b942-243c-4f29-93b3-a364e9614c75

tls, http2

chrome.exe

3.3kB
6.0kB
19
18

HTTP Request

POST https://sstats.adobe.com/ee/v1/interact?configId=11dd9af9-1455-4159-bb5e-0b1fdf039f76:prod&requestId=2220d6d8-f12d-444e-aa80-51153e78d5a1

HTTP Request

POST https://sstats.adobe.com/ee/v1/interact?configId=8d7bac14-04dd-47cb-9710-7d4b1358467a&requestId=d463b942-243c-4f29-93b3-a364e9614c75

HTTP Response

200

HTTP Response

200
104.19.187.97:443

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

tls, http2

chrome.exe

2.2kB
10.6kB
23
25

HTTP Request

GET https://cdn.cookielaw.org/logos/static/ot_company_logo.png

HTTP Request

GET https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

HTTP Response

200

HTTP Response

200
65.9.86.6:443

https://api.demandbase.com/api/v2/ip.json?key=LDHxBA8hUB2yNQphwwEfblkR6cHtp1tmrI2XGG2s&rnd=5100&callback=Request_6210789

tls, http

chrome.exe

2.0kB
11.2kB
17
22

HTTP Request

GET https://api.demandbase.com/api/v2/ip.json?key=LDHxBA8hUB2yNQphwwEfblkR6cHtp1tmrI2XGG2s&rnd=5100&callback=Request_6210789

HTTP Response

200
63.140.62.160:443

https://adobedc.demdex.net/ee/v1/interact?configId=275a1cc1-992e-4c14-b63a-c28ac0ccbf48&requestId=d9862233-afa4-4e8c-be85-ae5d727c4888

tls, http2

chrome.exe

10.5kB
5.8kB
21
19

HTTP Request

POST https://adobedc.demdex.net/ee/v1/interact?configId=275a1cc1-992e-4c14-b63a-c28ac0ccbf48&requestId=d9862233-afa4-4e8c-be85-ae5d727c4888

HTTP Response

200
104.93.248.90:443

https://www.everestjs.net/static/le/last-event-tag-latest.min.js

tls, http

chrome.exe

1.9kB
8.1kB
15
18

HTTP Request

GET https://www.everestjs.net/static/le/last-event-tag-latest.min.js

HTTP Response

200
204.79.197.200:443

bat.bing.com

tls

chrome.exe

2.9kB
21.9kB
27
33
199.232.148.157:443

static.ads-twitter.com

tls

chrome.exe

2.2kB
22.4kB
23
31
23.32.238.144:443

https://snap.licdn.com/li.lms-analytics/insight.min.js

tls, http2

chrome.exe

1.9kB
10.8kB
18
24

HTTP Request

GET https://snap.licdn.com/li.lms-analytics/insight.min.js

HTTP Response

200
52.208.115.236:443

pixel.everesttech.net

tls

chrome.exe

2.0kB
6.6kB
17
18
172.217.168.202:443

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSEAlwfu2fWAVX4hIFDaWTNiQ=?alt=proto

tls, http2

chrome.exe

2.0kB
7.3kB
20
21

HTTP Request

GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSEAlwfu2fWAVX4hIFDaWTNiQ=?alt=proto
104.244.42.131:443

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=1324839a-83ce-4e81-a1aa-40632f1d5bd6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a036fc1c-0834-4087-8199-4bc919d37369&tw_document_href=https%3A%2F%2Fget.adobe.com%2Freader%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1w4k&type=javascript&version=2.3.29

tls, http2

chrome.exe

2.0kB
4.4kB
15
15

HTTP Request

GET https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=1324839a-83ce-4e81-a1aa-40632f1d5bd6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a036fc1c-0834-4087-8199-4bc919d37369&tw_document_href=https%3A%2F%2Fget.adobe.com%2Freader%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1w4k&type=javascript&version=2.3.29

HTTP Response

200
104.244.42.5:443

https://t.co/i/adsct?bci=3&eci=2&event_id=1324839a-83ce-4e81-a1aa-40632f1d5bd6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a036fc1c-0834-4087-8199-4bc919d37369&tw_document_href=https%3A%2F%2Fget.adobe.com%2Freader%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1w4k&type=javascript&version=2.3.29

tls, http2

chrome.exe

2.0kB
4.3kB
15
15

HTTP Request

GET https://t.co/i/adsct?bci=3&eci=2&event_id=1324839a-83ce-4e81-a1aa-40632f1d5bd6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a036fc1c-0834-4087-8199-4bc919d37369&tw_document_href=https%3A%2F%2Fget.adobe.com%2Freader%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1w4k&type=javascript&version=2.3.29

HTTP Response

200
151.101.2.49:443

lasteventf-tm.everesttech.net

tls

chrome.exe

2.1kB
6.1kB
17
18
142.251.36.34:443

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/987390658/?random=1682455729830&cv=11&fst=1682455729830&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1280&u_h=720&url=https%3A%2F%2Fget.adobe.com%2Freader%2F&hn=www.googleadservices.com&frm=0&tiba=Adobe%20-%20Adobe%20Acrobat%20Reader%20DC%20Download%20%7C%20Free%20PDF%20viewer%20for%20Windows%2C%20Mac%20OS%2C%20Android&auid=149374275.1682455730&data=event%3Dgtag.config&rfmt=3&fmt=4

tls, http2

chrome.exe

2.3kB
7.4kB
19
21

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/viewthroughconversion/987390658/?random=1682455729830&cv=11&fst=1682455729830&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1280&u_h=720&url=https%3A%2F%2Fget.adobe.com%2Freader%2F&hn=www.googleadservices.com&frm=0&tiba=Adobe%20-%20Adobe%20Acrobat%20Reader%20DC%20Download%20%7C%20Free%20PDF%20viewer%20for%20Windows%2C%20Mac%20OS%2C%20Android&auid=149374275.1682455730&data=event%3Dgtag.config&rfmt=3&fmt=4
52.222.139.95:443

https://cdn.linkedin.oribi.io/partner/872/domain/get.adobe.com/token

tls, http2

chrome.exe

1.9kB
7.7kB
18
23

HTTP Request

GET https://cdn.linkedin.oribi.io/partner/872/domain/get.adobe.com/token

HTTP Response

200
13.107.42.14:443

px.ads.linkedin.com

tls

chrome.exe

2.9kB
9.7kB
18
23
143.204.207.250:443

https://sc-static.net/scevent.min.js

tls, http2

chrome.exe

2.8kB
36.3kB
35
45

HTTP Request

GET https://sc-static.net/scevent.min.js

HTTP Response

200

HTTP Request

GET https://sc-static.net/scevent.min.js

HTTP Response

200
157.240.201.15:443

connect.facebook.net

tls

chrome.exe

2.7kB
33.3kB
35
35
23.52.234.66:443

https://servedby.flashtalking.com/track/102584;10307;403;16824485-3156-0726-62E1-4887C8118724/?ft_data=d9:440dc35036094842a9411333e10fedd8;d9s:440dc35036094842a9411333e10fedd8&cachebuster=403969.5280132576

tls, http

chrome.exe

7.2kB
11.7kB
23
25

HTTP Request

GET https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=&U2=&U3=77506226066547817042189618079266615231&U4=get.adobe.com:reader&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fget.adobe.com%2Freader%2F&ns=&cb=880078.0920389581

HTTP Response

200

HTTP Request

GET https://servedby.flashtalking.com/spot/8/13539;102584;10307/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=&U2=&U3=77506226066547817042189618079266615231&U4=get.adobe.com:reader&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fget.adobe.com%2Freader%2F&ns=&cb=880078.0920389581&ft_trackID=16824485-3156-0726-62E1-4887C8118724

HTTP Response

200

HTTP Request

GET https://servedby.flashtalking.com/segment/2/read/a;;pixel/?s=10307&d=get.adobe.com&r=reader/

HTTP Response

200

HTTP Request

GET https://servedby.flashtalking.com/segment/modify/afr5;;pixel/?name=CC_Video_Plans_Viewer

HTTP Response

200

HTTP Request

GET https://servedby.flashtalking.com/track/102584;10307;403;16824485-3156-0726-62E1-4887C8118724/?ft_data=d9:440dc35036094842a9411333e10fedd8;d9s:440dc35036094842a9411333e10fedd8&cachebuster=403969.5280132576

HTTP Response

200
151.101.2.132:443

https://pt.ispot.tv/v2/TC-4078-1.gif?app=web&type=visit&cid=77506226066547817042189618079266615231&uid=&refid=

tls, http2

chrome.exe

1.9kB
6.5kB
16
18

HTTP Request

GET https://pt.ispot.tv/v2/TC-4078-1.gif?app=web&type=visit&cid=77506226066547817042189618079266615231&uid=&refid=

HTTP Response

200
95.101.74.153:443

https://analytics.tiktok.com/api/v2/pixel

tls, http2

chrome.exe

5.0kB
112.5kB
61
104

HTTP Request

GET https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3B6I6D63S9JQHUOKGCG&lib=ttq

HTTP Response

200

HTTP Request

GET https://analytics.tiktok.com/i18n/pixel/static/main.MTYwYzA3NDgwMQ.js

HTTP Response

200

HTTP Request

GET https://analytics.tiktok.com/i18n/pixel/static/identify_79a0c.js

HTTP Response

200

HTTP Request

POST https://analytics.tiktok.com/api/v2/pixel

HTTP Response

200
88.221.25.169:80

http://apps.identrust.com/roots/dstrootcax3.p7c

http

chrome.exe

416 B
1.7kB
6
5

HTTP Request

GET http://apps.identrust.com/roots/dstrootcax3.p7c

HTTP Response

200
142.250.179.134:443

https://9212252.fls.doubleclick.net/activityi;src=9212252;type=invmedia;cat=gtag_004;ord=7251762661672;gtm=45fe34j0;auiddc=149374275.1682455730;~oref=https%3A%2F%2Fget.adobe.com%2Freader%2F?

tls, http2

chrome.exe

2.3kB
7.4kB
20
21

HTTP Request

GET https://9212252.fls.doubleclick.net/activityi;src=9212252;type=invmedia;cat=gtag_004;ord=7251762661672;gtm=45fe34j0;auiddc=149374275.1682455730;~oref=https%3A%2F%2Fget.adobe.com%2Freader%2F?
3.1.142.107:443

d9.flashtalking.com

tls

chrome.exe

7.2kB
19.0kB
26
26
35.190.43.134:443

https://tr.snapchat.com/config/com/93f19646-2418-418d-98af-f244ebb7c1cc.js

tls, http2

chrome.exe

2.0kB
6.0kB
18
20

HTTP Request

GET https://tr.snapchat.com/config/com/93f19646-2418-418d-98af-f244ebb7c1cc.js
35.190.43.134:443

https://tr.snapchat.com/p

tls, http2

chrome.exe

2.8kB
6.8kB
22
24

HTTP Request

GET https://tr.snapchat.com/cm/i?pid=93f19646-2418-418d-98af-f244ebb7c1cc&u_scsid=da6d931b-6a1d-4a9f-81ed-57a81ee13639&u_sclid=1f4cabbf-743b-4375-8f03-26068e19b8dc

HTTP Request

POST https://tr.snapchat.com/p
35.190.43.134:443

tr.snapchat.com

chrome.exe

98 B
52 B
2
1
157.240.221.35:443

www.facebook.com

tls

chrome.exe

2.0kB
3.5kB
13
14
34.111.113.62:443

https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1682442154449%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D

tls, http2

chrome.exe

2.1kB
5.5kB
17
17

HTTP Request

GET https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1682442154449%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
66.235.152.107:443

https://adobe.tt.omtrdc.net/rest/v1/delivery?client=adobe&sessionId=c72ac9fd7eba4fe191ffce8b20751966&version=2.7.0

tls, http2

chrome.exe

4.6kB
5.9kB
16
16

HTTP Request

POST https://adobe.tt.omtrdc.net/rest/v1/delivery?client=adobe&sessionId=c72ac9fd7eba4fe191ffce8b20751966&version=2.7.0

HTTP Response

200
142.251.36.46:443

https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=106.0.5249.119&lang=en-US&acceptformat=crx3&x=id%3Dghbmnnjooekpmoecnnnilnnbdlolhkhi%26v%3D1.58.4%26installsource%3Dnotfromwebstore%26installedby%3Dexternal%26uc%26ping%3Dr%253D64%2526e%253D1&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D1.0.0.6%26installsource%3Dnotfromwebstore%26installedby%3Dother%26uc%26ping%3Dr%253D64%2526e%253D1

tls, http2

chrome.exe

2.2kB
10.0kB
20
24

HTTP Request

GET https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=106.0.5249.119&lang=en-US&acceptformat=crx3&x=id%3Dghbmnnjooekpmoecnnnilnnbdlolhkhi%26v%3D1.58.4%26installsource%3Dnotfromwebstore%26installedby%3Dexternal%26uc%26ping%3Dr%253D64%2526e%253D1&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D1.0.0.6%26installsource%3Dnotfromwebstore%26installedby%3Dother%26uc%26ping%3Dr%253D64%2526e%253D1
173.223.113.164:443

322 B
7
173.223.113.131:80

322 B
7
20.189.173.15:443

322 B
7
162.19.139.184:2222

46 B
390 B
1
1
173.223.113.131:80

322 B
7

8.8.8.8:53

228.249.119.40.in-addr.arpa

dns

73 B
159 B
1
1

DNS Request

228.249.119.40.in-addr.arpa
8.8.8.8:53

links.notification.intuit.com

dns

chrome.exe

75 B
165 B
1
1

DNS Request

links.notification.intuit.com

DNS Response

167.89.123.124

167.89.115.120

167.89.115.56

167.89.123.54
8.8.8.8:53

www.adobe.com

dns

chrome.exe

59 B
233 B
1
1

DNS Request

www.adobe.com

DNS Response

23.72.252.168

23.72.252.130
8.8.8.8:53

250.255.255.239.in-addr.arpa

dns

74 B
131 B
1
1

DNS Request

250.255.255.239.in-addr.arpa
8.8.8.8:53

10.36.251.142.in-addr.arpa

dns

72 B
111 B
1
1

DNS Request

10.36.251.142.in-addr.arpa
8.8.8.8:53

124.123.89.167.in-addr.arpa

dns

73 B
127 B
1
1

DNS Request

124.123.89.167.in-addr.arpa
8.8.8.8:53

195.179.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

195.179.250.142.in-addr.arpa
8.8.8.8:53

168.252.72.23.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

168.252.72.23.in-addr.arpa
8.8.8.8:53

get.adobe.com

dns

chrome.exe

59 B
195 B
1
1

DNS Request

get.adobe.com

DNS Response

95.101.74.158

95.101.74.152
8.8.8.8:53

use.typekit.net

dns

chrome.exe

61 B
169 B
1
1

DNS Request

use.typekit.net

DNS Response

23.32.239.67

23.32.239.56
8.8.8.8:53

geo-dc.adobe.com

dns

chrome.exe

62 B
162 B
1
1

DNS Request

geo-dc.adobe.com

DNS Response

23.57.81.34
8.8.8.8:53

geo2.adobe.com

dns

chrome.exe

60 B
160 B
1
1

DNS Request

geo2.adobe.com

DNS Response

23.57.81.34
8.8.8.8:53

cdn.cookielaw.org

dns

chrome.exe

63 B
95 B
1
1

DNS Request

cdn.cookielaw.org

DNS Response

104.19.187.97

104.19.188.97
8.8.8.8:53

68.32.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

68.32.126.40.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

158.74.101.95.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

158.74.101.95.in-addr.arpa
8.8.8.8:53

67.239.32.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

67.239.32.23.in-addr.arpa
8.8.8.8:53

149.220.183.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

149.220.183.52.in-addr.arpa
8.8.8.8:53

34.81.57.23.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

34.81.57.23.in-addr.arpa
8.8.8.8:53

wwwimages2.adobe.com

dns

chrome.exe

132 B
522 B
2
2

DNS Request

wwwimages2.adobe.com

DNS Request

wwwimages2.adobe.com

DNS Response

23.72.252.139

23.72.252.123

DNS Response

23.72.252.139

23.72.252.123
8.8.8.8:53

assets.adobedtm.com

dns

chrome.exe

65 B
165 B
1
1

DNS Request

assets.adobedtm.com

DNS Response

23.57.80.54
8.8.8.8:53

p.typekit.net

dns

chrome.exe

59 B
170 B
1
1

DNS Request

p.typekit.net

DNS Response

23.32.239.83

23.32.239.58
8.8.8.8:53

dpm.demdex.net

dns

chrome.exe

60 B
298 B
1
1

DNS Request

dpm.demdex.net

DNS Response

34.241.45.41

52.16.141.94

34.250.10.83

34.243.208.221

52.211.104.127

52.19.200.27

52.210.27.198

52.16.22.14
8.8.8.8:53

mssplus.mcafee.com

dns

chrome.exe

64 B
206 B
1
1

DNS Request

mssplus.mcafee.com

DNS Response

44.227.222.81

54.70.221.132

35.85.150.98
8.8.8.8:53

97.187.19.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

97.187.19.104.in-addr.arpa
8.8.8.8:53

139.252.72.23.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

139.252.72.23.in-addr.arpa
8.8.8.8:53

54.80.57.23.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

54.80.57.23.in-addr.arpa
8.8.8.8:53

83.239.32.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

83.239.32.23.in-addr.arpa
8.8.8.8:53

41.45.241.34.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

41.45.241.34.in-addr.arpa
8.8.8.8:53

www.mcafee.com

dns

chrome.exe

60 B
192 B
1
1

DNS Request

www.mcafee.com

DNS Response

23.222.54.47
8.8.8.8:53

rdc.adobe.io

dns

chrome.exe

58 B
122 B
1
1

DNS Request

rdc.adobe.io

DNS Response

52.202.204.11

54.227.187.23

52.5.13.197

23.22.254.206
8.8.8.8:53

geolocation.onetrust.com

dns

chrome.exe

70 B
102 B
1
1

DNS Request

geolocation.onetrust.com

DNS Response

104.18.43.158

172.64.144.98
8.8.8.8:53

sstats.adobe.com

dns

chrome.exe

62 B
154 B
1
1

DNS Request

sstats.adobe.com

DNS Response

63.140.62.164

63.140.62.135

63.140.62.160
8.8.8.8:53

81.222.227.44.in-addr.arpa

dns

144 B
270 B
2
2

DNS Request

81.222.227.44.in-addr.arpa

DNS Request

81.222.227.44.in-addr.arpa
8.8.8.8:53

158.43.18.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

158.43.18.104.in-addr.arpa
8.8.8.8:53

47.54.222.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

47.54.222.23.in-addr.arpa
8.8.8.8:53

164.62.140.63.in-addr.arpa

dns

144 B
238 B
2
2

DNS Request

164.62.140.63.in-addr.arpa

DNS Request

164.62.140.63.in-addr.arpa
8.8.8.8:53

11.204.202.52.in-addr.arpa

dns

72 B
127 B
1
1

DNS Request

11.204.202.52.in-addr.arpa
8.8.8.8:53

api.demandbase.com

dns

chrome.exe

64 B
128 B
1
1

DNS Request

api.demandbase.com

DNS Response

65.9.86.6

65.9.86.122

65.9.86.79

65.9.86.2
8.8.8.8:53

adobedc.demdex.net

dns

chrome.exe

64 B
151 B
1
1

DNS Request

adobedc.demdex.net

DNS Response

63.140.62.160

63.140.62.164

63.140.62.135
8.8.8.8:53

www.everestjs.net

dns

chrome.exe

63 B
152 B
1
1

DNS Request

www.everestjs.net

DNS Response

104.93.248.90
8.8.8.8:53

snap.licdn.com

dns

chrome.exe

60 B
164 B
1
1

DNS Request

snap.licdn.com

DNS Response

23.32.238.144

23.32.238.152
8.8.8.8:53

static.ads-twitter.com

dns

chrome.exe

68 B
129 B
1
1

DNS Request

static.ads-twitter.com

DNS Response

199.232.148.157
8.8.8.8:53

bat.bing.com

dns

chrome.exe

58 B
162 B
1
1

DNS Request

bat.bing.com

DNS Response

204.79.197.200

13.107.21.200
8.8.8.8:53

pixel.everesttech.net

dns

chrome.exe

67 B
157 B
1
1

DNS Request

pixel.everesttech.net

DNS Response

52.208.115.236

18.202.151.8

34.250.24.143
8.8.8.8:53

content-autofill.googleapis.com

dns

chrome.exe

77 B
221 B
1
1

DNS Request

content-autofill.googleapis.com

DNS Response

172.217.168.202

172.217.23.202

216.58.214.10

142.250.179.138

142.251.36.42

142.250.179.170

142.250.179.202

142.251.36.10

142.251.39.106
8.8.8.8:53

t.co

dns

chrome.exe

50 B
66 B
1
1

DNS Request

t.co

DNS Response

104.244.42.5
8.8.8.8:53

analytics.twitter.com

dns

chrome.exe

67 B
165 B
1
1

DNS Request

analytics.twitter.com

DNS Response

104.244.42.131

104.244.42.195

104.244.42.3

104.244.42.67
8.8.8.8:53

lasteventf-tm.everesttech.net

dns

chrome.exe

75 B
215 B
1
1

DNS Request

lasteventf-tm.everesttech.net

DNS Response

151.101.2.49

151.101.66.49

151.101.130.49

151.101.194.49
8.8.8.8:53

googleads.g.doubleclick.net

dns

chrome.exe

73 B
89 B
1
1

DNS Request

googleads.g.doubleclick.net

DNS Response

142.251.36.34
8.8.8.8:53

cdn.linkedin.oribi.io

dns

chrome.exe

67 B
174 B
1
1

DNS Request

cdn.linkedin.oribi.io

DNS Response

52.222.139.95

52.222.139.81

52.222.139.9

52.222.139.92
8.8.8.8:53

px.ads.linkedin.com

dns

chrome.exe

130 B
326 B
2
2

DNS Request

px.ads.linkedin.com

DNS Response

13.107.42.14

DNS Request

px.ads.linkedin.com

DNS Response

13.107.42.14
8.8.8.8:53

sc-static.net

dns

chrome.exe

59 B
75 B
1
1

DNS Request

sc-static.net

DNS Response

143.204.207.250
8.8.8.8:53

servedby.flashtalking.com

dns

chrome.exe

71 B
174 B
1
1

DNS Request

servedby.flashtalking.com

DNS Response

23.52.234.66
8.8.8.8:53

analytics.tiktok.com

dns

chrome.exe

66 B
301 B
1
1

DNS Request

analytics.tiktok.com

DNS Response

95.101.74.153

95.101.74.137

95.101.74.154

95.101.74.140

95.101.74.145

95.101.74.142

95.101.74.132

95.101.74.162

95.101.74.144
8.8.8.8:53

connect.facebook.net

dns

chrome.exe

66 B
114 B
1
1

DNS Request

connect.facebook.net

DNS Response

157.240.201.15
8.8.8.8:53

pt.ispot.tv

dns

chrome.exe

57 B
158 B
1
1

DNS Request

pt.ispot.tv

DNS Response

151.101.2.132

151.101.66.132

151.101.130.132

151.101.194.132
142.251.36.34:443

googleads.g.doubleclick.net

https

chrome.exe

8.2kB
18.2kB
30
37
8.8.8.8:53

apps.identrust.com

dns

chrome.exe

64 B
165 B
1
1

DNS Request

apps.identrust.com

DNS Response

88.221.25.169

88.221.25.153
8.8.8.8:53

6.86.9.65.in-addr.arpa

dns

68 B
120 B
1
1

DNS Request

6.86.9.65.in-addr.arpa
8.8.8.8:53

160.62.140.63.in-addr.arpa

dns

72 B
119 B
1
1

DNS Request

160.62.140.63.in-addr.arpa
8.8.8.8:53

90.248.93.104.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

90.248.93.104.in-addr.arpa
8.8.8.8:53

157.148.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

157.148.232.199.in-addr.arpa
8.8.8.8:53

200.179.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

200.179.250.142.in-addr.arpa
8.8.8.8:53

200.197.79.204.in-addr.arpa

dns

73 B
106 B
1
1

DNS Request

200.197.79.204.in-addr.arpa
8.8.8.8:53

144.238.32.23.in-addr.arpa

dns

144 B
274 B
2
2

DNS Request

144.238.32.23.in-addr.arpa

DNS Request

144.238.32.23.in-addr.arpa
8.8.8.8:53

236.115.208.52.in-addr.arpa

dns

73 B
137 B
1
1

DNS Request

236.115.208.52.in-addr.arpa
8.8.8.8:53

202.168.217.172.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

202.168.217.172.in-addr.arpa
8.8.8.8:53

131.42.244.104.in-addr.arpa

dns

146 B
146 B
2
2

DNS Request

131.42.244.104.in-addr.arpa

DNS Request

131.42.244.104.in-addr.arpa
8.8.8.8:53

5.42.244.104.in-addr.arpa

dns

142 B
142 B
2
2

DNS Request

5.42.244.104.in-addr.arpa

DNS Request

5.42.244.104.in-addr.arpa
8.8.8.8:53

49.2.101.151.in-addr.arpa

dns

71 B
131 B
1
1

DNS Request

49.2.101.151.in-addr.arpa
8.8.8.8:53

112.211.227.13.in-addr.arpa

dns

73 B
131 B
1
1

DNS Request

112.211.227.13.in-addr.arpa
8.8.8.8:53

34.36.251.142.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

34.36.251.142.in-addr.arpa
8.8.8.8:53

226.21.18.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

226.21.18.104.in-addr.arpa
8.8.8.8:53

95.139.222.52.in-addr.arpa

dns

72 B
129 B
1
1

DNS Request

95.139.222.52.in-addr.arpa
8.8.8.8:53

14.42.107.13.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

14.42.107.13.in-addr.arpa
8.8.8.8:53

250.207.204.143.in-addr.arpa

dns

74 B
133 B
1
1

DNS Request

250.207.204.143.in-addr.arpa
8.8.8.8:53

15.201.240.157.in-addr.arpa

dns

73 B
117 B
1
1

DNS Request

15.201.240.157.in-addr.arpa
8.8.8.8:53

9212252.fls.doubleclick.net

dns

chrome.exe

73 B
110 B
1
1

DNS Request

9212252.fls.doubleclick.net

DNS Response

142.250.179.134
8.8.8.8:53

132.2.101.151.in-addr.arpa

dns

72 B
132 B
1
1

DNS Request

132.2.101.151.in-addr.arpa
8.8.8.8:53

153.74.101.95.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

153.74.101.95.in-addr.arpa
8.8.8.8:53

66.234.52.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

66.234.52.23.in-addr.arpa
8.8.8.8:53

169.25.221.88.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

169.25.221.88.in-addr.arpa
8.8.8.8:53

d9.flashtalking.com

dns

chrome.exe

65 B
172 B
1
1

DNS Request

d9.flashtalking.com

DNS Response

3.1.142.107

52.74.113.163

52.220.156.180

18.143.97.149
142.250.179.134:443

9212252.fls.doubleclick.net

https

chrome.exe

4.4kB
8.7kB
14
17
157.240.201.15:443

connect.facebook.net

https

chrome.exe

6.0kB
121.0kB
52
104
8.8.8.8:53

tr.snapchat.com

dns

chrome.exe

61 B
127 B
1
1

DNS Request

tr.snapchat.com

DNS Response

35.190.43.134
8.8.8.8:53

www.linkedin.com

dns

chrome.exe

62 B
142 B
1
1

DNS Request

www.linkedin.com

DNS Response

13.107.42.14
8.8.8.8:53

www.facebook.com

dns

chrome.exe

62 B
107 B
1
1

DNS Request

www.facebook.com

DNS Response

157.240.221.35
35.190.43.134:443

tr.snapchat.com

https

chrome.exe

4.0kB
4.9kB
9
12
8.8.8.8:53

pixel.tapad.com

dns

chrome.exe

61 B
77 B
1
1

DNS Request

pixel.tapad.com

DNS Response

34.111.113.62
8.8.8.8:53

134.179.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

134.179.250.142.in-addr.arpa
8.8.8.8:53

134.43.190.35.in-addr.arpa

dns

72 B
124 B
1
1

DNS Request

134.43.190.35.in-addr.arpa
8.8.8.8:53

196.168.217.172.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

196.168.217.172.in-addr.arpa
8.8.8.8:53

107.142.1.3.in-addr.arpa

dns

70 B
136 B
1
1

DNS Request

107.142.1.3.in-addr.arpa
8.8.8.8:53

35.221.240.157.in-addr.arpa

dns

73 B
126 B
1
1

DNS Request

35.221.240.157.in-addr.arpa
8.8.8.8:53

2.36.251.142.in-addr.arpa

dns

71 B
109 B
1
1

DNS Request

2.36.251.142.in-addr.arpa
8.8.8.8:53

130.179.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

130.179.250.142.in-addr.arpa
34.111.113.62:443

pixel.tapad.com

https

chrome.exe

2.3kB
4.6kB
6
8
8.8.8.8:53

adobe.tt.omtrdc.net

dns

chrome.exe

65 B
200 B
1
1

DNS Request

adobe.tt.omtrdc.net

DNS Response

66.235.152.107

66.235.152.143

66.235.152.113

66.235.152.152

66.235.152.115

66.235.152.126
8.8.8.8:53

62.113.111.34.in-addr.arpa

dns

145 B
245 B
2
2

DNS Request

62.113.111.34.in-addr.arpa

DNS Request

107.152.235.66.in-addr.arpa
8.8.8.8:53

clients2.google.com

dns

chrome.exe

130 B
210 B
2
2

DNS Request

clients2.google.com

DNS Request

clients2.google.com

DNS Response

142.251.36.46

DNS Response

142.251.36.46
224.0.0.251:5353

chrome.exe

204 B
3
8.8.8.8:53

46.36.251.142.in-addr.arpa

dns

72 B
111 B
1
1

DNS Request

46.36.251.142.in-addr.arpa
8.8.8.8:53

documentcloud.adobe.com

dns

chrome.exe

69 B
189 B
1
1

DNS Request

documentcloud.adobe.com

DNS Response

95.101.74.158

95.101.74.152
8.8.8.8:53

154.239.44.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

154.239.44.20.in-addr.arpa
8.8.8.8:53

86.23.85.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

86.23.85.13.in-addr.arpa
8.8.8.8:53

45.8.109.52.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

45.8.109.52.in-addr.arpa

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\47d41ff3-7433-471f-a6f4-6ba7ae2aaa35.tmp

Filesize
15KB

MD5
c6959fd9d9f78663337a3be47f010ffc

SHA1
36fbc6c0f2da6e0966861118ef2c986511781e5c

SHA256
3253bc7cbe024b139fcdee49dbfacafacd39c6bfcc3ab61c6ad4981cffc09a59

SHA512
249929e83868be1b5928181e25dd45dfd83dffb21308feb288e46c8c521d2a45785ba71f0722344f12b5b48374734a743a6f9a8a51739dc0dd22cede8f2113cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
41435ee1b7448e67cfed020b812ae9e2

SHA1
a7564e9baada501ff21310d3ab3e05227899ffd7

SHA256
5efc61236b768d86aacb94ffa1d54e75e78f6340ac9f349b9ad146b4719118c4

SHA512
6fdf800a21d0a5aa2532a686de9714cd0352abd7f400f35039b109cf06854a8ed9a0c5b6f6fe7838164a35825a9b2fc80b665791fe6c11c684983af56b1629ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
6764e8d5eaf3d97d7f88f811f72883d2

SHA1
886de81d5bddb46a915300989006217294fe0048

SHA256
bb6a43c64ca835945fe78d8d9c3321d3091c139a8baceb0c0ec8b1fc86c4d33e

SHA512
039aae4f246fe800ba07ed7723ebc90a65f268565c98e1f5a3d2f204e048a971d3ed3558b5455281f37c1c534b4dae98fbfac37b2ec778b3193279457b9ed49a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
83c7083309ee8e3a436db636144c124d

SHA1
bdf30bfb065257c5a30307abe3ecf0465549c50b

SHA256
706cdf1c94eabfa7fcd81e051dc3effc546618a58cad9a1a89ac2f56b31e8ed8

SHA512
55a4efdef7710ca322a7c58f5512741a0ba512f861e7fc89fad8401b6a7f6c9414831f29ab3aa67ae122c3534450f620d64328f27c6670a69fcb7be8bf67168b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
2d5fafd34114162134af4cd8d6496a61

SHA1
dbb18c90f3744cf8674dd1fd152458b937c29158

SHA256
73488b71f7a35fb683b272c85174d6784e0e9adb3aa9abf8478976b66c078c04

SHA512
14b0ac32b4cf0e863f47609b0c5c59e6490ccca85d02261eb5332eec6bc76607868b2f8cc1a116d9119c6f60e3055ef189f0c6898f34e899898f20f719ba2a1a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
42bfcb7f79a2246d24f05b47cb59c19f

SHA1
4874b23bfd556008f061512945c5259962655865

SHA256
16fe011c84c942bf7d13f9a385d4a4e7c963221481fc95e7a47cecfb7b70877a

SHA512
b1ca06841182a59ab70a4a64557d15ca8c02bf2c6812a08ea7002a1028512b1b97efe5d513eb8c6a2143c35d87cc5296803ac210adcd7fa4547c97bb17013319

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
200KB

MD5
41f30ffde81fa2b37be1675be02be202

SHA1
8f0258705e57d9d6b49a6ccf8c3cb989c9f7d58f

SHA256
5aa918ac0ce5489fc7874ef0f290f1777f05e9f0890daa915556a3f5cc39e4ce

SHA512
7981be1d5e2486ba2d4aa85719f8e18e09c270afc4d50cbcbe55b58ebae6e54853c0a61c089f89e897fd3c48605e41a80bf55cf7935fdfe72d36872ba1aa7e85

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response